1# coding: utf-8 2# 3# This file is part of pyasn1-modules software. 4# 5# Created by Stanisław Pitucha with asn1ate tool. 6# Modified by Russ Housley to add support for opentypes. 7# 8# Copyright (c) 2005-2019, Ilya Etingof <etingof@gmail.com> 9# License: http://snmplabs.com/pyasn1/license.html 10# 11# Cryptographic Message Syntax (CMS) 12# 13# ASN.1 source from: 14# http://www.ietf.org/rfc/rfc5652.txt 15# 16from pyasn1.type import constraint 17from pyasn1.type import namedtype 18from pyasn1.type import namedval 19from pyasn1.type import opentype 20from pyasn1.type import tag 21from pyasn1.type import univ 22from pyasn1.type import useful 23 24from pyasn1_modules import rfc3281 25from pyasn1_modules import rfc5280 26 27MAX = float('inf') 28 29 30def _buildOid(*components): 31 output = [] 32 for x in tuple(components): 33 if isinstance(x, univ.ObjectIdentifier): 34 output.extend(list(x)) 35 else: 36 output.append(int(x)) 37 38 return univ.ObjectIdentifier(output) 39 40 41cmsContentTypesMap = { } 42 43cmsAttributesMap = { } 44 45otherKeyAttributesMap = { } 46 47otherCertFormatMap = { } 48 49otherRevInfoFormatMap = { } 50 51otherRecipientInfoMap = { } 52 53 54class AttCertVersionV1(univ.Integer): 55 pass 56 57 58AttCertVersionV1.namedValues = namedval.NamedValues( 59 ('v1', 0) 60) 61 62 63class AttributeCertificateInfoV1(univ.Sequence): 64 pass 65 66 67AttributeCertificateInfoV1.componentType = namedtype.NamedTypes( 68 namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")), 69 namedtype.NamedType( 70 'subject', univ.Choice( 71 componentType=namedtype.NamedTypes( 72 namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 73 namedtype.NamedType('subjectName', rfc5280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 74 ) 75 ) 76 ), 77 namedtype.NamedType('issuer', rfc5280.GeneralNames()), 78 namedtype.NamedType('signature', rfc5280.AlgorithmIdentifier()), 79 namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()), 80 namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()), 81 namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc5280.Attribute())), 82 namedtype.OptionalNamedType('issuerUniqueID', rfc5280.UniqueIdentifier()), 83 namedtype.OptionalNamedType('extensions', rfc5280.Extensions()) 84) 85 86 87class AttributeCertificateV1(univ.Sequence): 88 pass 89 90 91AttributeCertificateV1.componentType = namedtype.NamedTypes( 92 namedtype.NamedType('acInfo', AttributeCertificateInfoV1()), 93 namedtype.NamedType('signatureAlgorithm', rfc5280.AlgorithmIdentifier()), 94 namedtype.NamedType('signature', univ.BitString()) 95) 96 97 98class AttributeValue(univ.Any): 99 pass 100 101 102class Attribute(univ.Sequence): 103 pass 104 105 106Attribute.componentType = namedtype.NamedTypes( 107 namedtype.NamedType('attrType', univ.ObjectIdentifier()), 108 namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()), 109 openType=opentype.OpenType('attrType', cmsAttributesMap) 110 ) 111) 112 113 114class SignedAttributes(univ.SetOf): 115 pass 116 117 118SignedAttributes.componentType = Attribute() 119SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 120 121 122class AttributeCertificateV2(rfc3281.AttributeCertificate): 123 pass 124 125 126class OtherKeyAttribute(univ.Sequence): 127 pass 128 129 130OtherKeyAttribute.componentType = namedtype.NamedTypes( 131 namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()), 132 namedtype.OptionalNamedType('keyAttr', univ.Any(), 133 openType=opentype.OpenType('keyAttrId', otherKeyAttributesMap) 134 ) 135) 136 137 138class UnauthAttributes(univ.SetOf): 139 pass 140 141 142UnauthAttributes.componentType = Attribute() 143UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 144 145id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6) 146 147 148class SignatureValue(univ.OctetString): 149 pass 150 151 152class IssuerAndSerialNumber(univ.Sequence): 153 pass 154 155 156IssuerAndSerialNumber.componentType = namedtype.NamedTypes( 157 namedtype.NamedType('issuer', rfc5280.Name()), 158 namedtype.NamedType('serialNumber', rfc5280.CertificateSerialNumber()) 159) 160 161 162class SubjectKeyIdentifier(univ.OctetString): 163 pass 164 165 166class RecipientKeyIdentifier(univ.Sequence): 167 pass 168 169 170RecipientKeyIdentifier.componentType = namedtype.NamedTypes( 171 namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()), 172 namedtype.OptionalNamedType('date', useful.GeneralizedTime()), 173 namedtype.OptionalNamedType('other', OtherKeyAttribute()) 174) 175 176 177class KeyAgreeRecipientIdentifier(univ.Choice): 178 pass 179 180 181KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes( 182 namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), 183 namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype( 184 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 185) 186 187 188class EncryptedKey(univ.OctetString): 189 pass 190 191 192class RecipientEncryptedKey(univ.Sequence): 193 pass 194 195 196RecipientEncryptedKey.componentType = namedtype.NamedTypes( 197 namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()), 198 namedtype.NamedType('encryptedKey', EncryptedKey()) 199) 200 201 202class RecipientEncryptedKeys(univ.SequenceOf): 203 pass 204 205 206RecipientEncryptedKeys.componentType = RecipientEncryptedKey() 207 208 209class MessageAuthenticationCode(univ.OctetString): 210 pass 211 212 213class CMSVersion(univ.Integer): 214 pass 215 216 217CMSVersion.namedValues = namedval.NamedValues( 218 ('v0', 0), 219 ('v1', 1), 220 ('v2', 2), 221 ('v3', 3), 222 ('v4', 4), 223 ('v5', 5) 224) 225 226 227class OtherCertificateFormat(univ.Sequence): 228 pass 229 230 231OtherCertificateFormat.componentType = namedtype.NamedTypes( 232 namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()), 233 namedtype.NamedType('otherCert', univ.Any(), 234 openType=opentype.OpenType('otherCertFormat', otherCertFormatMap) 235 ) 236) 237 238 239class ExtendedCertificateInfo(univ.Sequence): 240 pass 241 242 243ExtendedCertificateInfo.componentType = namedtype.NamedTypes( 244 namedtype.NamedType('version', CMSVersion()), 245 namedtype.NamedType('certificate', rfc5280.Certificate()), 246 namedtype.NamedType('attributes', UnauthAttributes()) 247) 248 249 250class Signature(univ.BitString): 251 pass 252 253 254class SignatureAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): 255 pass 256 257 258class ExtendedCertificate(univ.Sequence): 259 pass 260 261 262ExtendedCertificate.componentType = namedtype.NamedTypes( 263 namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()), 264 namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), 265 namedtype.NamedType('signature', Signature()) 266) 267 268 269class CertificateChoices(univ.Choice): 270 pass 271 272 273CertificateChoices.componentType = namedtype.NamedTypes( 274 namedtype.NamedType('certificate', rfc5280.Certificate()), 275 namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( 276 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 277 namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype( 278 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 279 namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype( 280 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 281 namedtype.NamedType('other', OtherCertificateFormat().subtype( 282 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))) 283) 284 285 286class CertificateSet(univ.SetOf): 287 pass 288 289 290CertificateSet.componentType = CertificateChoices() 291 292 293class OtherRevocationInfoFormat(univ.Sequence): 294 pass 295 296 297OtherRevocationInfoFormat.componentType = namedtype.NamedTypes( 298 namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()), 299 namedtype.NamedType('otherRevInfo', univ.Any(), 300 openType=opentype.OpenType('otherRevInfoFormat', otherRevInfoFormatMap) 301 ) 302) 303 304 305class RevocationInfoChoice(univ.Choice): 306 pass 307 308 309RevocationInfoChoice.componentType = namedtype.NamedTypes( 310 namedtype.NamedType('crl', rfc5280.CertificateList()), 311 namedtype.NamedType('other', OtherRevocationInfoFormat().subtype( 312 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 313) 314 315 316class RevocationInfoChoices(univ.SetOf): 317 pass 318 319 320RevocationInfoChoices.componentType = RevocationInfoChoice() 321 322 323class OriginatorInfo(univ.Sequence): 324 pass 325 326 327OriginatorInfo.componentType = namedtype.NamedTypes( 328 namedtype.OptionalNamedType('certs', CertificateSet().subtype( 329 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 330 namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( 331 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 332) 333 334 335class ContentType(univ.ObjectIdentifier): 336 pass 337 338 339class EncryptedContent(univ.OctetString): 340 pass 341 342 343class ContentEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): 344 pass 345 346 347class EncryptedContentInfo(univ.Sequence): 348 pass 349 350 351EncryptedContentInfo.componentType = namedtype.NamedTypes( 352 namedtype.NamedType('contentType', ContentType()), 353 namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()), 354 namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype( 355 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 356) 357 358 359class UnprotectedAttributes(univ.SetOf): 360 pass 361 362 363UnprotectedAttributes.componentType = Attribute() 364UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 365 366 367class KeyEncryptionAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): 368 pass 369 370 371class KEKIdentifier(univ.Sequence): 372 pass 373 374 375KEKIdentifier.componentType = namedtype.NamedTypes( 376 namedtype.NamedType('keyIdentifier', univ.OctetString()), 377 namedtype.OptionalNamedType('date', useful.GeneralizedTime()), 378 namedtype.OptionalNamedType('other', OtherKeyAttribute()) 379) 380 381 382class KEKRecipientInfo(univ.Sequence): 383 pass 384 385 386KEKRecipientInfo.componentType = namedtype.NamedTypes( 387 namedtype.NamedType('version', CMSVersion()), 388 namedtype.NamedType('kekid', KEKIdentifier()), 389 namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), 390 namedtype.NamedType('encryptedKey', EncryptedKey()) 391) 392 393 394class KeyDerivationAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): 395 pass 396 397 398class PasswordRecipientInfo(univ.Sequence): 399 pass 400 401 402PasswordRecipientInfo.componentType = namedtype.NamedTypes( 403 namedtype.NamedType('version', CMSVersion()), 404 namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype( 405 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 406 namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), 407 namedtype.NamedType('encryptedKey', EncryptedKey()) 408) 409 410 411class RecipientIdentifier(univ.Choice): 412 pass 413 414 415RecipientIdentifier.componentType = namedtype.NamedTypes( 416 namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), 417 namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( 418 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 419) 420 421 422class KeyTransRecipientInfo(univ.Sequence): 423 pass 424 425 426KeyTransRecipientInfo.componentType = namedtype.NamedTypes( 427 namedtype.NamedType('version', CMSVersion()), 428 namedtype.NamedType('rid', RecipientIdentifier()), 429 namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), 430 namedtype.NamedType('encryptedKey', EncryptedKey()) 431) 432 433 434class UserKeyingMaterial(univ.OctetString): 435 pass 436 437 438class OriginatorPublicKey(univ.Sequence): 439 pass 440 441 442OriginatorPublicKey.componentType = namedtype.NamedTypes( 443 namedtype.NamedType('algorithm', rfc5280.AlgorithmIdentifier()), 444 namedtype.NamedType('publicKey', univ.BitString()) 445) 446 447 448class OriginatorIdentifierOrKey(univ.Choice): 449 pass 450 451 452OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes( 453 namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), 454 namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( 455 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 456 namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype( 457 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 458) 459 460 461class KeyAgreeRecipientInfo(univ.Sequence): 462 pass 463 464 465KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes( 466 namedtype.NamedType('version', CMSVersion()), 467 namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype( 468 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 469 namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype( 470 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 471 namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()), 472 namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys()) 473) 474 475 476class OtherRecipientInfo(univ.Sequence): 477 pass 478 479 480OtherRecipientInfo.componentType = namedtype.NamedTypes( 481 namedtype.NamedType('oriType', univ.ObjectIdentifier()), 482 namedtype.NamedType('oriValue', univ.Any(), 483 openType=opentype.OpenType('oriType', otherRecipientInfoMap) 484 ) 485) 486 487 488class RecipientInfo(univ.Choice): 489 pass 490 491 492RecipientInfo.componentType = namedtype.NamedTypes( 493 namedtype.NamedType('ktri', KeyTransRecipientInfo()), 494 namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype( 495 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))), 496 namedtype.NamedType('kekri', KEKRecipientInfo().subtype( 497 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), 498 namedtype.NamedType('pwri', PasswordRecipientInfo().subtype( 499 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))), 500 namedtype.NamedType('ori', OtherRecipientInfo().subtype( 501 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) 502) 503 504 505class RecipientInfos(univ.SetOf): 506 pass 507 508 509RecipientInfos.componentType = RecipientInfo() 510RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 511 512 513class EnvelopedData(univ.Sequence): 514 pass 515 516 517EnvelopedData.componentType = namedtype.NamedTypes( 518 namedtype.NamedType('version', CMSVersion()), 519 namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( 520 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 521 namedtype.NamedType('recipientInfos', RecipientInfos()), 522 namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), 523 namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( 524 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 525) 526 527 528class DigestAlgorithmIdentifier(rfc5280.AlgorithmIdentifier): 529 pass 530 531 532id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6) 533 534id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5) 535 536 537class EncryptedData(univ.Sequence): 538 pass 539 540 541EncryptedData.componentType = namedtype.NamedTypes( 542 namedtype.NamedType('version', CMSVersion()), 543 namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()), 544 namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype( 545 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 546) 547 548id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4) 549 550id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2) 551 552 553class MessageAuthenticationCodeAlgorithm(rfc5280.AlgorithmIdentifier): 554 pass 555 556 557class UnsignedAttributes(univ.SetOf): 558 pass 559 560 561UnsignedAttributes.componentType = Attribute() 562UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 563 564 565class SignerIdentifier(univ.Choice): 566 pass 567 568 569SignerIdentifier.componentType = namedtype.NamedTypes( 570 namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()), 571 namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype( 572 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 573) 574 575 576class SignerInfo(univ.Sequence): 577 pass 578 579 580SignerInfo.componentType = namedtype.NamedTypes( 581 namedtype.NamedType('version', CMSVersion()), 582 namedtype.NamedType('sid', SignerIdentifier()), 583 namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), 584 namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype( 585 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 586 namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()), 587 namedtype.NamedType('signature', SignatureValue()), 588 namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype( 589 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 590) 591 592 593class SignerInfos(univ.SetOf): 594 pass 595 596 597SignerInfos.componentType = SignerInfo() 598 599 600class Countersignature(SignerInfo): 601 pass 602 603 604class ContentInfo(univ.Sequence): 605 pass 606 607 608ContentInfo.componentType = namedtype.NamedTypes( 609 namedtype.NamedType('contentType', ContentType()), 610 namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), 611 openType=opentype.OpenType('contentType', cmsContentTypesMap) 612 ) 613) 614 615 616class EncapsulatedContentInfo(univ.Sequence): 617 pass 618 619 620EncapsulatedContentInfo.componentType = namedtype.NamedTypes( 621 namedtype.NamedType('eContentType', ContentType()), 622 namedtype.OptionalNamedType('eContent', univ.OctetString().subtype( 623 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 624) 625 626id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6) 627 628id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1) 629 630 631class MessageDigest(univ.OctetString): 632 pass 633 634 635class AuthAttributes(univ.SetOf): 636 pass 637 638 639AuthAttributes.componentType = Attribute() 640AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 641 642 643class Time(univ.Choice): 644 pass 645 646 647Time.componentType = namedtype.NamedTypes( 648 namedtype.NamedType('utcTime', useful.UTCTime()), 649 namedtype.NamedType('generalTime', useful.GeneralizedTime()) 650) 651 652 653class AuthenticatedData(univ.Sequence): 654 pass 655 656 657AuthenticatedData.componentType = namedtype.NamedTypes( 658 namedtype.NamedType('version', CMSVersion()), 659 namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype( 660 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 661 namedtype.NamedType('recipientInfos', RecipientInfos()), 662 namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()), 663 namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype( 664 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 665 namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), 666 namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype( 667 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 668 namedtype.NamedType('mac', MessageAuthenticationCode()), 669 namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype( 670 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 671) 672 673id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3) 674 675 676class ExtendedCertificateOrCertificate(univ.Choice): 677 pass 678 679 680ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes( 681 namedtype.NamedType('certificate', rfc5280.Certificate()), 682 namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype( 683 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 684) 685 686 687class Digest(univ.OctetString): 688 pass 689 690 691class DigestedData(univ.Sequence): 692 pass 693 694 695DigestedData.componentType = namedtype.NamedTypes( 696 namedtype.NamedType('version', CMSVersion()), 697 namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()), 698 namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), 699 namedtype.NamedType('digest', Digest()) 700) 701 702id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3) 703 704 705class DigestAlgorithmIdentifiers(univ.SetOf): 706 pass 707 708 709DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier() 710 711 712class SignedData(univ.Sequence): 713 pass 714 715 716SignedData.componentType = namedtype.NamedTypes( 717 namedtype.NamedType('version', CMSVersion()), 718 namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()), 719 namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()), 720 namedtype.OptionalNamedType('certificates', CertificateSet().subtype( 721 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 722 namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype( 723 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 724 namedtype.NamedType('signerInfos', SignerInfos()) 725) 726 727id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5) 728 729 730class SigningTime(Time): 731 pass 732 733 734id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2) 735 736 737# CMS Content Type Map 738 739_cmsContentTypesMapUpdate = { 740 id_ct_contentInfo: ContentInfo(), 741 id_data: univ.OctetString(), 742 id_signedData: SignedData(), 743 id_envelopedData: EnvelopedData(), 744 id_digestedData: DigestedData(), 745 id_encryptedData: EncryptedData(), 746 id_ct_authData: AuthenticatedData(), 747} 748 749cmsContentTypesMap.update(_cmsContentTypesMapUpdate) 750 751 752# CMS Attribute Map 753 754_cmsAttributesMapUpdate = { 755 id_contentType: ContentType(), 756 id_messageDigest: MessageDigest(), 757 id_signingTime: SigningTime(), 758 id_countersignature: Countersignature(), 759} 760 761cmsAttributesMap.update(_cmsAttributesMapUpdate) 762