1# 2# X.509 message syntax 3# 4# ASN.1 source from: 5# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn 6# http://www.ietf.org/rfc/rfc2459.txt 7# 8# Sample captures from: 9# http://wiki.wireshark.org/SampleCaptures/ 10# 11from pyasn1.type import tag,namedtype,namedval,univ,constraint,char,useful 12 13MAX = 64 # XXX ? 14 15# 16# PKIX1Explicit88 17# 18 19# Upper Bounds 20ub_name = univ.Integer(32768) 21ub_common_name = univ.Integer(64) 22ub_locality_name = univ.Integer(128) 23ub_state_name = univ.Integer(128) 24ub_organization_name = univ.Integer(64) 25ub_organizational_unit_name = univ.Integer(64) 26ub_title = univ.Integer(64) 27ub_match = univ.Integer(128) 28ub_emailaddress_length = univ.Integer(128) 29ub_common_name_length = univ.Integer(64) 30ub_country_name_alpha_length = univ.Integer(2) 31ub_country_name_numeric_length = univ.Integer(3) 32ub_domain_defined_attributes = univ.Integer(4) 33ub_domain_defined_attribute_type_length = univ.Integer(8) 34ub_domain_defined_attribute_value_length = univ.Integer(128) 35ub_domain_name_length = univ.Integer(16) 36ub_extension_attributes = univ.Integer(256) 37ub_e163_4_number_length = univ.Integer(15) 38ub_e163_4_sub_address_length = univ.Integer(40) 39ub_generation_qualifier_length = univ.Integer(3) 40ub_given_name_length = univ.Integer(16) 41ub_initials_length = univ.Integer(5) 42ub_integer_options = univ.Integer(256) 43ub_numeric_user_id_length = univ.Integer(32) 44ub_organization_name_length = univ.Integer(64) 45ub_organizational_unit_name_length = univ.Integer(32) 46ub_organizational_units = univ.Integer(4) 47ub_pds_name_length = univ.Integer(16) 48ub_pds_parameter_length = univ.Integer(30) 49ub_pds_physical_address_lines = univ.Integer(6) 50ub_postal_code_length = univ.Integer(16) 51ub_surname_length = univ.Integer(40) 52ub_terminal_id_length = univ.Integer(24) 53ub_unformatted_address_length = univ.Integer(180) 54ub_x121_address_length = univ.Integer(16) 55 56class UniversalString(char.UniversalString): pass 57class BMPString(char.BMPString): pass 58class UTF8String(char.UTF8String): pass 59 60id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') 61id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') 62id_qt = univ.ObjectIdentifier('1.3.6.1.5.5.7.2') 63id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') 64id_ad = univ.ObjectIdentifier('1.3.6.1.5.5.7.48') 65 66id_qt_cps = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.1') 67id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') 68 69id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') 70id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') 71 72class AttributeValue(univ.Any): pass 73 74class AttributeType(univ.ObjectIdentifier): pass 75 76class AttributeTypeAndValue(univ.Sequence): 77 componentType = namedtype.NamedTypes( 78 namedtype.NamedType('type', AttributeType()), 79 namedtype.NamedType('value', AttributeValue()) 80 ) 81 82class Attribute(univ.Sequence): 83 componentType = namedtype.NamedTypes( 84 namedtype.NamedType('type', AttributeType()), 85 namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) 86 ) 87 88id_at = univ.ObjectIdentifier('2.5.4') 89id_at_name = univ.ObjectIdentifier('2.5.4.41') 90id_at_sutname = univ.ObjectIdentifier('2.5.4.4') 91id_at_givenName = univ.ObjectIdentifier('2.5.4.42') 92id_at_initials = univ.ObjectIdentifier('2.5.4.43') 93id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') 94 95class X520name(univ.Choice): 96 componentType = namedtype.NamedTypes( 97 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 98 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 99 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 100 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 101 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) 102 ) 103 104id_at_commonName = univ.ObjectIdentifier('2.5.4.3') 105 106class X520CommonName(univ.Choice): 107 componentType = namedtype.NamedTypes( 108 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 109 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 110 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 111 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 112 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) 113 ) 114 115id_at_localityName = univ.ObjectIdentifier('2.5.4.7') 116 117class X520LocalityName(univ.Choice): 118 componentType = namedtype.NamedTypes( 119 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 120 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 121 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 122 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 123 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) 124 ) 125 126id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') 127 128class X520StateOrProvinceName(univ.Choice): 129 componentType = namedtype.NamedTypes( 130 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 131 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 132 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 133 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 134 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) 135 ) 136 137id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') 138 139class X520OrganizationName(univ.Choice): 140 componentType = namedtype.NamedTypes( 141 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 142 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 143 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 144 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 145 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) 146 ) 147 148id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') 149 150class X520OrganizationalUnitName(univ.Choice): 151 componentType = namedtype.NamedTypes( 152 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 153 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 154 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 155 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 156 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) 157 ) 158 159id_at_title = univ.ObjectIdentifier('2.5.4.12') 160 161class X520Title(univ.Choice): 162 componentType = namedtype.NamedTypes( 163 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 164 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 165 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 166 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 167 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) 168 ) 169 170id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') 171 172class X520dnQualifier(char.PrintableString): pass 173 174id_at_countryName = univ.ObjectIdentifier('2.5.4.6') 175 176class X520countryName(char.PrintableString): 177 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) 178 179pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') 180 181emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') 182 183class Pkcs9email(char.IA5String): 184 subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) 185 186# ---- 187 188class DSAPrivateKey(univ.Sequence): 189 """PKIX compliant DSA private key structure""" 190 componentType = namedtype.NamedTypes( 191 namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), 192 namedtype.NamedType('p', univ.Integer()), 193 namedtype.NamedType('q', univ.Integer()), 194 namedtype.NamedType('g', univ.Integer()), 195 namedtype.NamedType('public', univ.Integer()), 196 namedtype.NamedType('private', univ.Integer()) 197 ) 198 199# ---- 200 201class RelativeDistinguishedName(univ.SetOf): 202 componentType = AttributeTypeAndValue() 203 204class RDNSequence(univ.SequenceOf): 205 componentType = RelativeDistinguishedName() 206 207class Name(univ.Choice): 208 componentType = namedtype.NamedTypes( 209 namedtype.NamedType('', RDNSequence()) 210 ) 211 212class DirectoryString(univ.Choice): 213 componentType = namedtype.NamedTypes( 214 namedtype.NamedType('teletexString', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 215 namedtype.NamedType('printableString', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 216 namedtype.NamedType('universalString', char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 217 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 218 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 219 namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) # hm, this should not be here!? XXX 220 ) 221 222# certificate and CRL specific structures begin here 223 224class AlgorithmIdentifier(univ.Sequence): 225 componentType = namedtype.NamedTypes( 226 namedtype.NamedType('algorithm', univ.ObjectIdentifier()), 227 namedtype.OptionalNamedType('parameters', univ.Any()) 228 ) 229 230class Extension(univ.Sequence): 231 componentType = namedtype.NamedTypes( 232 namedtype.NamedType('extnID', univ.ObjectIdentifier()), 233 namedtype.DefaultedNamedType('critical', univ.Boolean('False')), 234 namedtype.NamedType('extnValue', univ.Any()) 235 ) 236 237class Extensions(univ.SequenceOf): 238 componentType = Extension() 239 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 240 241class SubjectPublicKeyInfo(univ.Sequence): 242 componentType = namedtype.NamedTypes( 243 namedtype.NamedType('algorithm', AlgorithmIdentifier()), 244 namedtype.NamedType('subjectPublicKey', univ.BitString()) 245 ) 246 247class UniqueIdentifier(univ.BitString): pass 248 249class Time(univ.Choice): 250 componentType = namedtype.NamedTypes( 251 namedtype.NamedType('utcTime', useful.UTCTime()), 252 namedtype.NamedType('generalTime', useful.GeneralizedTime()) 253 ) 254 255class Validity(univ.Sequence): 256 componentType = namedtype.NamedTypes( 257 namedtype.NamedType('notBefore', Time()), 258 namedtype.NamedType('notAfter', Time()) 259 ) 260 261class CertificateSerialNumber(univ.Integer): pass 262 263class Version(univ.Integer): 264 namedValues = namedval.NamedValues( 265 ('v1', 0), ('v2', 1), ('v3', 2) 266 ) 267 268class TBSCertificate(univ.Sequence): 269 componentType = namedtype.NamedTypes( 270 namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 271 namedtype.NamedType('serialNumber', CertificateSerialNumber()), 272 namedtype.NamedType('signature', AlgorithmIdentifier()), 273 namedtype.NamedType('issuer', Name()), 274 namedtype.NamedType('validity', Validity()), 275 namedtype.NamedType('subject', Name()), 276 namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), 277 namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 278 namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 279 namedtype.OptionalNamedType('extensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 280 ) 281 282class Certificate(univ.Sequence): 283 componentType = namedtype.NamedTypes( 284 namedtype.NamedType('tbsCertificate', TBSCertificate()), 285 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 286 namedtype.NamedType('signatureValue', univ.BitString()) 287 ) 288 289# CRL structures 290 291class RevokedCertificate(univ.Sequence): 292 componentType = namedtype.NamedTypes( 293 namedtype.NamedType('userCertificate', CertificateSerialNumber()), 294 namedtype.NamedType('revocationDate', Time()), 295 namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) 296 ) 297 298class TBSCertList(univ.Sequence): 299 componentType = namedtype.NamedTypes( 300 namedtype.OptionalNamedType('version', Version()), 301 namedtype.NamedType('signature', AlgorithmIdentifier()), 302 namedtype.NamedType('issuer', Name()), 303 namedtype.NamedType('thisUpdate', Time()), 304 namedtype.OptionalNamedType('nextUpdate', Time()), 305 namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), 306 namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 307 ) 308 309class CertificateList(univ.Sequence): 310 componentType = namedtype.NamedTypes( 311 namedtype.NamedType('tbsCertList', TBSCertList()), 312 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 313 namedtype.NamedType('signature', univ.BitString()) 314 ) 315 316# Algorithm OIDs and parameter structures 317 318pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') 319rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') 320md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') 321md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') 322sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') 323id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') 324 325class Dss_Sig_Value(univ.Sequence): 326 componentType = namedtype.NamedTypes( 327 namedtype.NamedType('r', univ.Integer()), 328 namedtype.NamedType('s', univ.Integer()) 329 ) 330 331dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') 332 333class ValidationParms(univ.Sequence): 334 componentType = namedtype.NamedTypes( 335 namedtype.NamedType('seed', univ.BitString()), 336 namedtype.NamedType('pgenCounter', univ.Integer()) 337 ) 338 339class DomainParameters(univ.Sequence): 340 componentType = namedtype.NamedTypes( 341 namedtype.NamedType('p', univ.Integer()), 342 namedtype.NamedType('g', univ.Integer()), 343 namedtype.NamedType('q', univ.Integer()), 344 namedtype.NamedType('j', univ.Integer()), 345 namedtype.OptionalNamedType('validationParms', ValidationParms()) 346 ) 347 348id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') 349 350class Dss_Parms(univ.Sequence): 351 componentType = namedtype.NamedTypes( 352 namedtype.NamedType('p', univ.Integer()), 353 namedtype.NamedType('q', univ.Integer()), 354 namedtype.NamedType('g', univ.Integer()) 355 ) 356 357# x400 address syntax starts here 358 359teletex_domain_defined_attributes = univ.Integer(6) 360 361class TeletexDomainDefinedAttribute(univ.Sequence): 362 componentType = namedtype.NamedTypes( 363 namedtype.NamedType('type', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 364 namedtype.NamedType('value', char.TeletexString()) 365 ) 366 367class TeletexDomainDefinedAttributes(univ.SequenceOf): 368 componentType = TeletexDomainDefinedAttribute() 369 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 370 371terminal_type = univ.Integer(23) 372 373class TerminalType(univ.Integer): 374 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) 375 namedValues = namedval.NamedValues( 376 ('telex', 3), 377 ('teletelex', 4), 378 ('g3-facsimile', 5), 379 ('g4-facsimile', 6), 380 ('ia5-terminal', 7), 381 ('videotex', 8) 382 ) 383 384class PresentationAddress(univ.Sequence): 385 componentType = namedtype.NamedTypes( 386 namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 387 namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 388 namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 389 namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 390 ) 391 392extended_network_address = univ.Integer(22) 393 394class E163_4_address(univ.Sequence): 395 componentType = namedtype.NamedTypes( 396 namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 397 namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 398 ) 399 400class ExtendedNetworkAddress(univ.Choice): 401 componentType = namedtype.NamedTypes( 402 namedtype.NamedType('e163-4-address', E163_4_address()), 403 namedtype.NamedType('psap-address', PresentationAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 404 ) 405 406class PDSParameter(univ.Set): 407 componentType = namedtype.NamedTypes( 408 namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), 409 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) 410 ) 411 412local_postal_attributes = univ.Integer(21) 413 414class LocalPostalAttributes(PDSParameter): pass 415 416class UniquePostalName(PDSParameter): pass 417 418unique_postal_name = univ.Integer(20) 419 420poste_restante_address = univ.Integer(19) 421 422class PosteRestanteAddress(PDSParameter): pass 423 424post_office_box_address = univ.Integer(18) 425 426class PostOfficeBoxAddress(PDSParameter): pass 427 428street_address = univ.Integer(17) 429 430class StreetAddress(PDSParameter): pass 431 432class UnformattedPostalAddress(univ.Set): 433 componentType = namedtype.NamedTypes( 434 namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), 435 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) 436 ) 437 438physical_delivery_office_name = univ.Integer(10) 439 440class PhysicalDeliveryOfficeName(PDSParameter): pass 441 442physical_delivery_office_number = univ.Integer(11) 443 444class PhysicalDeliveryOfficeNumber(PDSParameter): pass 445 446extension_OR_address_components = univ.Integer(12) 447 448class ExtensionORAddressComponents(PDSParameter): pass 449 450physical_delivery_personal_name = univ.Integer(13) 451 452class PhysicalDeliveryPersonalName(PDSParameter): pass 453 454physical_delivery_organization_name = univ.Integer(14) 455 456class PhysicalDeliveryOrganizationName(PDSParameter): pass 457 458extension_physical_delivery_address_components = univ.Integer(15) 459 460class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): pass 461 462unformatted_postal_address = univ.Integer(16) 463 464postal_code = univ.Integer(9) 465 466class PostalCode(univ.Choice): 467 componentType = namedtype.NamedTypes( 468 namedtype.NamedType('numeric-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), 469 namedtype.NamedType('printable-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) 470 ) 471 472class PhysicalDeliveryCountryName(univ.Choice): 473 componentType = namedtype.NamedTypes( 474 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), 475 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 476 ) 477 478class PDSName(char.PrintableString): 479 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) 480 481physical_delivery_country_name = univ.Integer(8) 482 483class TeletexOrganizationalUnitName(char.TeletexString): 484 subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 485 486pds_name = univ.Integer(7) 487 488teletex_organizational_unit_names = univ.Integer(5) 489 490class TeletexOrganizationalUnitNames(univ.SequenceOf): 491 componentType = TeletexOrganizationalUnitName() 492 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) 493 494teletex_personal_name = univ.Integer(4) 495 496class TeletexPersonalName(univ.Set): 497 componentType = namedtype.NamedTypes( 498 namedtype.NamedType('surname', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 499 namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 500 namedtype.OptionalNamedType('initials', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 501 namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 502 ) 503 504teletex_organization_name = univ.Integer(3) 505 506class TeletexOrganizationName(char.TeletexString): 507 subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) 508 509teletex_common_name = univ.Integer(2) 510 511class TeletexCommonName(char.TeletexString): 512 subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) 513 514class CommonName(char.PrintableString): 515 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) 516 517common_name = univ.Integer(1) 518 519class ExtensionAttribute(univ.Sequence): 520 componentType = namedtype.NamedTypes( 521 namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 522 namedtype.NamedType('extension-attribute-value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 523 ) 524 525class ExtensionAttributes(univ.SetOf): 526 componentType = ExtensionAttribute() 527 subtypeSpec = univ.SetOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) 528 529class BuiltInDomainDefinedAttribute(univ.Sequence): 530 componentType = namedtype.NamedTypes( 531 namedtype.NamedType('type', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 532 namedtype.NamedType('value', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) 533 ) 534 535class BuiltInDomainDefinedAttributes(univ.SequenceOf): 536 componentType = BuiltInDomainDefinedAttribute() 537 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 538 539class OrganizationalUnitName(char.PrintableString): 540 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 541 542class OrganizationalUnitNames(univ.SequenceOf): 543 componentType = OrganizationalUnitName() 544 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) 545 546class PersonalName(univ.Set): 547 componentType = namedtype.NamedTypes( 548 namedtype.NamedType('surname', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 549 namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 550 namedtype.OptionalNamedType('initials', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 551 namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 552 ) 553 554class NumericUserIdentifier(char.NumericString): 555 subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) 556 557class OrganizationName(char.PrintableString): 558 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) 559 560class PrivateDomainName(univ.Choice): 561 componentType = namedtype.NamedTypes( 562 namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), 563 namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) 564 ) 565 566class TerminalIdentifier(char.PrintableString): 567 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) 568 569class X121Address(char.NumericString): 570 subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) 571 572class NetworkAddress(X121Address): pass 573 574class AdministrationDomainName(univ.Choice): 575 tagSet = univ.Choice.tagSet.tagExplicitly( 576 tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) 577 ) 578 componentType = namedtype.NamedTypes( 579 namedtype.NamedType('numeric', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), 580 namedtype.NamedType('printable', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) 581 ) 582 583class CountryName(univ.Choice): 584 tagSet = univ.Choice.tagSet.tagExplicitly( 585 tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) 586 ) 587 componentType = namedtype.NamedTypes( 588 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), 589 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 590 ) 591 592class BuiltInStandardAttributes(univ.Sequence): 593 componentType = namedtype.NamedTypes( 594 namedtype.OptionalNamedType('country-name', CountryName()), 595 namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), 596 namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 597 namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 598 namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 599 namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 600 namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), 601 namedtype.OptionalNamedType('personal-name', PersonalName().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), 602 namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) 603 ) 604 605class ORAddress(univ.Sequence): 606 componentType = namedtype.NamedTypes( 607 namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), 608 namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), 609 namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) 610 ) 611 612# 613# PKIX1Implicit88 614# 615 616id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') 617 618class InvalidityDate(useful.GeneralizedTime): pass 619 620id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') 621id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') 622id_holdinstruction_reject = univ.ObjectIdentifier('2.2.840.10040.2.3') 623 624holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') 625 626id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') 627 628class HoldInstructionCode(univ.ObjectIdentifier): pass 629 630id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') 631 632class CRLReason(univ.Enumerated): 633 namedValues = namedval.NamedValues( 634 ('unspecified', 0), 635 ('keyCompromise', 1), 636 ('cACompromise', 2), 637 ('affiliationChanged', 3), 638 ('superseded', 4), 639 ('cessationOfOperation', 5), 640 ('certificateHold', 6), 641 ('removeFromCRL', 8) 642 ) 643 644id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') 645 646class CRLNumber(univ.Integer): 647 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) 648 649class BaseCRLNumber(CRLNumber): pass 650 651id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1.1') 652id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') 653id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') 654id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') 655id_kp_ipsecEndSystem = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.5') 656id_kp_ipsecTunnel = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.6') 657id_kp_ipsecUser = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.7') 658id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') 659id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') 660id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') 661 662class KeyPurposeId(univ.ObjectIdentifier): pass 663 664class ExtKeyUsageSyntax(univ.SequenceOf): 665 componentType = KeyPurposeId() 666 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 667 668class ReasonFlags(univ.BitString): 669 namedValues = namedval.NamedValues( 670 ('unused', 0), 671 ('keyCompromise', 1), 672 ('cACompromise', 2), 673 ('affiliationChanged', 3), 674 ('superseded', 4), 675 ('cessationOfOperation', 5), 676 ('certificateHold', 6) 677 ) 678 679 680class SkipCerts(univ.Integer): 681 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) 682 683id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') 684 685class PolicyConstraints(univ.Sequence): 686 componentType = namedtype.NamedTypes( 687 namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 688 namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 689 ) 690 691id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') 692 693class BasicConstraints(univ.Sequence): 694 componentType = namedtype.NamedTypes( 695 namedtype.NamedType('cA', univ.Boolean(False)), 696 namedtype.OptionalNamedType('pathLenConstraint', univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) 697 ) 698 699id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') 700 701class SubjectDirectoryAttributes(univ.SequenceOf): 702 componentType = Attribute() 703 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 704 705class EDIPartyName(univ.Sequence): 706 componentType = namedtype.NamedTypes( 707 namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 708 namedtype.NamedType('partyName', DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 709 ) 710 711class AnotherName(univ.Sequence): 712 componentType = namedtype.NamedTypes( 713 namedtype.NamedType('type-id', univ.ObjectIdentifier()), 714 namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 715 ) 716 717class GeneralName(univ.Choice): 718 componentType = namedtype.NamedTypes( 719 namedtype.NamedType('otherName', AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 720 namedtype.NamedType('rfc822Name', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 721 namedtype.NamedType('dNSName', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 722 namedtype.NamedType('x400Address', ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 723 namedtype.NamedType('directoryName', Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), 724 namedtype.NamedType('ediPartyName', EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), 725 namedtype.NamedType('uniformResourceIdentifier', char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), 726 namedtype.NamedType('iPAddress', univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), 727 namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) 728 ) 729 730class GeneralNames(univ.SequenceOf): 731 componentType = GeneralName() 732 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 733 734class AccessDescription(univ.Sequence): 735 componentType = namedtype.NamedTypes( 736 namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), 737 namedtype.NamedType('accessLocation', GeneralName()) 738 ) 739 740class AuthorityInfoAccessSyntax(univ.SequenceOf): 741 componentType = AccessDescription() 742 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 743 744id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') 745 746class DistributionPointName(univ.Choice): 747 componentType = namedtype.NamedTypes( 748 namedtype.NamedType('fullName', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 749 namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 750 ) 751 752class DistributionPoint(univ.Sequence): 753 componentType = namedtype.NamedTypes( 754 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 755 namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 756 namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) 757 ) 758class BaseDistance(univ.Integer): 759 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) 760 761id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') 762 763class CRLDistPointsSyntax(univ.SequenceOf): 764 componentType = DistributionPoint 765 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 766id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') 767 768class IssuingDistributionPoint(univ.Sequence): 769 componentType = namedtype.NamedTypes( 770 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 771 namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 772 namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 773 namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 774 namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) 775 ) 776 777class GeneralSubtree(univ.Sequence): 778 componentType = namedtype.NamedTypes( 779 namedtype.NamedType('base', GeneralName()), 780 namedtype.NamedType('minimum', BaseDistance(0).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 781 namedtype.OptionalNamedType('maximum', BaseDistance().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 782 ) 783 784class GeneralSubtrees(univ.SequenceOf): 785 componentType = GeneralSubtree() 786 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 787 788id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') 789 790class NameConstraints(univ.Sequence): 791 componentType = namedtype.NamedTypes( 792 namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 793 namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 794 ) 795 796 797class DisplayText(univ.Choice): 798 componentType = namedtype.NamedTypes( 799 namedtype.NamedType('visibleString', char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 800 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 801 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) 802 ) 803 804class NoticeReference(univ.Sequence): 805 componentType = namedtype.NamedTypes( 806 namedtype.NamedType('organization', DisplayText()), 807 namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) 808 ) 809 810class UserNotice(univ.Sequence): 811 componentType = namedtype.NamedTypes( 812 namedtype.OptionalNamedType('noticeRef', NoticeReference()), 813 namedtype.OptionalNamedType('explicitText', DisplayText()) 814 ) 815 816class CPSuri(char.IA5String): pass 817 818class PolicyQualifierId(univ.ObjectIdentifier): 819 subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) 820 821class CertPolicyId(univ.ObjectIdentifier): pass 822 823class PolicyQualifierInfo(univ.Sequence): 824 componentType = namedtype.NamedTypes( 825 namedtype.NamedType('policyQualifierId', PolicyQualifierId()), 826 namedtype.NamedType('qualifier', univ.Any()) 827 ) 828 829id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') 830 831class PolicyInformation(univ.Sequence): 832 componentType = namedtype.NamedTypes( 833 namedtype.NamedType('policyIdentifier', CertPolicyId()), 834 namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) 835 ) 836 837class CertificatePolicies(univ.SequenceOf): 838 componentType = PolicyInformation() 839 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 840 841id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') 842 843class PolicyMapping(univ.Sequence): 844 componentType = namedtype.NamedTypes( 845 namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), 846 namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) 847 ) 848 849class PolicyMappings(univ.SequenceOf): 850 componentType = PolicyMapping() 851 subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX) 852 853id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') 854 855class PrivateKeyUsagePeriod(univ.Sequence): 856 componentType = namedtype.NamedTypes( 857 namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 858 namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 859 ) 860 861id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') 862 863class KeyUsage(univ.BitString): 864 namedValues = namedval.NamedValues( 865 ('digitalSignature', 0), 866 ('nonRepudiation', 1), 867 ('keyEncipherment', 2), 868 ('dataEncipherment', 3), 869 ('keyAgreement', 4), 870 ('keyCertSign', 5), 871 ('cRLSign', 6), 872 ('encipherOnly', 7), 873 ('decipherOnly', 8) 874 ) 875 876id_ce = univ.ObjectIdentifier('2.5.29') 877 878id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') 879 880class KeyIdentifier(univ.OctetString): pass 881 882id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') 883 884class SubjectKeyIdentifier(KeyIdentifier): pass 885 886class AuthorityKeyIdentifier(univ.Sequence): 887 componentType = namedtype.NamedTypes( 888 namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 889 namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 890 namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 891 ) 892 893id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') 894 895class CertificateIssuer(GeneralNames): pass 896 897id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') 898 899class SubjectAltName(GeneralNames): pass 900 901id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') 902 903class IssuerAltName(GeneralNames): pass 904