1# coding: utf-8 2# 3# This file is part of pyasn1-modules software. 4# 5# Created by Stanisław Pitucha with asn1ate tool. 6# Updated by Russ Housley for ORAddress Extension Attribute opentype support. 7# Updated by Russ Housley for AlgorithmIdentifier opentype support. 8# 9# Copyright (c) 2005-2019, Ilya Etingof <etingof@gmail.com> 10# License: http://snmplabs.com/pyasn1/license.html 11# 12# Internet X.509 Public Key Infrastructure Certificate and Certificate 13# Revocation List (CRL) Profile 14# 15# ASN.1 source from: 16# https://www.rfc-editor.org/rfc/rfc5280.txt 17# 18from pyasn1.type import char 19from pyasn1.type import constraint 20from pyasn1.type import namedtype 21from pyasn1.type import namedval 22from pyasn1.type import opentype 23from pyasn1.type import tag 24from pyasn1.type import univ 25from pyasn1.type import useful 26 27MAX = float('inf') 28 29 30def _buildOid(*components): 31 output = [] 32 for x in tuple(components): 33 if isinstance(x, univ.ObjectIdentifier): 34 output.extend(list(x)) 35 else: 36 output.append(int(x)) 37 38 return univ.ObjectIdentifier(output) 39 40 41ub_e163_4_sub_address_length = univ.Integer(40) 42 43ub_e163_4_number_length = univ.Integer(15) 44 45unformatted_postal_address = univ.Integer(16) 46 47 48class TerminalType(univ.Integer): 49 pass 50 51 52TerminalType.namedValues = namedval.NamedValues( 53 ('telex', 3), 54 ('teletex', 4), 55 ('g3-facsimile', 5), 56 ('g4-facsimile', 6), 57 ('ia5-terminal', 7), 58 ('videotex', 8) 59) 60 61 62class Extension(univ.Sequence): 63 pass 64 65 66Extension.componentType = namedtype.NamedTypes( 67 namedtype.NamedType('extnID', univ.ObjectIdentifier()), 68 namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)), 69 namedtype.NamedType('extnValue', univ.OctetString()) 70) 71 72 73class Extensions(univ.SequenceOf): 74 pass 75 76 77Extensions.componentType = Extension() 78Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 79 80physical_delivery_personal_name = univ.Integer(13) 81 82ub_unformatted_address_length = univ.Integer(180) 83 84ub_pds_parameter_length = univ.Integer(30) 85 86ub_pds_physical_address_lines = univ.Integer(6) 87 88 89class UnformattedPostalAddress(univ.Set): 90 pass 91 92 93UnformattedPostalAddress.componentType = namedtype.NamedTypes( 94 namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( 95 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))), 96 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( 97 subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) 98) 99 100ub_organization_name = univ.Integer(64) 101 102 103class X520OrganizationName(univ.Choice): 104 pass 105 106 107X520OrganizationName.componentType = namedtype.NamedTypes( 108 namedtype.NamedType('teletexString', char.TeletexString().subtype( 109 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 110 namedtype.NamedType('printableString', char.PrintableString().subtype( 111 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 112 namedtype.NamedType('universalString', char.UniversalString().subtype( 113 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 114 namedtype.NamedType('utf8String', 115 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 116 namedtype.NamedType('bmpString', 117 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) 118) 119 120ub_x121_address_length = univ.Integer(16) 121 122pds_name = univ.Integer(7) 123 124id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7) 125 126id_kp = _buildOid(id_pkix, 3) 127 128ub_postal_code_length = univ.Integer(16) 129 130 131class PostalCode(univ.Choice): 132 pass 133 134 135PostalCode.componentType = namedtype.NamedTypes( 136 namedtype.NamedType('numeric-code', char.NumericString().subtype( 137 subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), 138 namedtype.NamedType('printable-code', char.PrintableString().subtype( 139 subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) 140) 141 142ub_generation_qualifier_length = univ.Integer(3) 143 144unique_postal_name = univ.Integer(20) 145 146 147class DomainComponent(char.IA5String): 148 pass 149 150 151ub_domain_defined_attribute_value_length = univ.Integer(128) 152 153ub_match = univ.Integer(128) 154 155id_at = _buildOid(2, 5, 4) 156 157 158class AttributeType(univ.ObjectIdentifier): 159 pass 160 161 162id_at_organizationalUnitName = _buildOid(id_at, 11) 163 164terminal_type = univ.Integer(23) 165 166 167class PDSParameter(univ.Set): 168 pass 169 170 171PDSParameter.componentType = namedtype.NamedTypes( 172 namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( 173 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), 174 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( 175 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) 176) 177 178 179class PhysicalDeliveryPersonalName(PDSParameter): 180 pass 181 182 183ub_surname_length = univ.Integer(40) 184 185id_ad = _buildOid(id_pkix, 48) 186 187ub_domain_defined_attribute_type_length = univ.Integer(8) 188 189 190class TeletexDomainDefinedAttribute(univ.Sequence): 191 pass 192 193 194TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes( 195 namedtype.NamedType('type', char.TeletexString().subtype( 196 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 197 namedtype.NamedType('value', char.TeletexString().subtype( 198 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) 199) 200 201ub_domain_defined_attributes = univ.Integer(4) 202 203 204class TeletexDomainDefinedAttributes(univ.SequenceOf): 205 pass 206 207 208TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute() 209TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 210 211extended_network_address = univ.Integer(22) 212 213ub_locality_name = univ.Integer(128) 214 215 216class X520LocalityName(univ.Choice): 217 pass 218 219 220X520LocalityName.componentType = namedtype.NamedTypes( 221 namedtype.NamedType('teletexString', 222 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 223 namedtype.NamedType('printableString', char.PrintableString().subtype( 224 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 225 namedtype.NamedType('universalString', char.UniversalString().subtype( 226 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 227 namedtype.NamedType('utf8String', 228 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 229 namedtype.NamedType('bmpString', 230 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) 231) 232 233teletex_organization_name = univ.Integer(3) 234 235ub_given_name_length = univ.Integer(16) 236 237ub_initials_length = univ.Integer(5) 238 239 240class PersonalName(univ.Set): 241 pass 242 243 244PersonalName.componentType = namedtype.NamedTypes( 245 namedtype.NamedType('surname', char.PrintableString().subtype( 246 subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( 247 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 248 namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( 249 subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( 250 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 251 namedtype.OptionalNamedType('initials', char.PrintableString().subtype( 252 subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( 253 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 254 namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( 255 subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( 256 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 257) 258 259ub_organizational_unit_name_length = univ.Integer(32) 260 261 262class OrganizationalUnitName(char.PrintableString): 263 pass 264 265 266OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 267 268id_at_generationQualifier = _buildOid(id_at, 44) 269 270 271class Version(univ.Integer): 272 pass 273 274 275Version.namedValues = namedval.NamedValues( 276 ('v1', 0), 277 ('v2', 1), 278 ('v3', 2) 279) 280 281 282class CertificateSerialNumber(univ.Integer): 283 pass 284 285 286algorithmIdentifierMap = {} 287 288 289class AlgorithmIdentifier(univ.Sequence): 290 componentType = namedtype.NamedTypes( 291 namedtype.NamedType('algorithm', univ.ObjectIdentifier()), 292 namedtype.OptionalNamedType('parameters', univ.Any(), 293 openType=opentype.OpenType('algorithm', algorithmIdentifierMap) 294 ) 295 ) 296 297 298class Time(univ.Choice): 299 pass 300 301 302Time.componentType = namedtype.NamedTypes( 303 namedtype.NamedType('utcTime', useful.UTCTime()), 304 namedtype.NamedType('generalTime', useful.GeneralizedTime()) 305) 306 307 308class AttributeValue(univ.Any): 309 pass 310 311 312certificateAttributesMap = {} 313 314 315class AttributeTypeAndValue(univ.Sequence): 316 componentType = namedtype.NamedTypes( 317 namedtype.NamedType('type', AttributeType()), 318 namedtype.NamedType( 319 'value', AttributeValue(), 320 openType=opentype.OpenType('type', certificateAttributesMap) 321 ) 322 ) 323 324 325class RelativeDistinguishedName(univ.SetOf): 326 pass 327 328 329RelativeDistinguishedName.componentType = AttributeTypeAndValue() 330RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 331 332 333class RDNSequence(univ.SequenceOf): 334 pass 335 336 337RDNSequence.componentType = RelativeDistinguishedName() 338 339 340class Name(univ.Choice): 341 pass 342 343 344Name.componentType = namedtype.NamedTypes( 345 namedtype.NamedType('rdnSequence', RDNSequence()) 346) 347 348 349class TBSCertList(univ.Sequence): 350 pass 351 352 353TBSCertList.componentType = namedtype.NamedTypes( 354 namedtype.OptionalNamedType('version', Version()), 355 namedtype.NamedType('signature', AlgorithmIdentifier()), 356 namedtype.NamedType('issuer', Name()), 357 namedtype.NamedType('thisUpdate', Time()), 358 namedtype.OptionalNamedType('nextUpdate', Time()), 359 namedtype.OptionalNamedType( 360 'revokedCertificates', univ.SequenceOf( 361 componentType=univ.Sequence( 362 componentType=namedtype.NamedTypes( 363 namedtype.NamedType('userCertificate', CertificateSerialNumber()), 364 namedtype.NamedType('revocationDate', Time()), 365 namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) 366 ) 367 ) 368 ) 369 ), 370 namedtype.OptionalNamedType( 371 'crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 372) 373 374 375class CertificateList(univ.Sequence): 376 pass 377 378 379CertificateList.componentType = namedtype.NamedTypes( 380 namedtype.NamedType('tbsCertList', TBSCertList()), 381 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 382 namedtype.NamedType('signature', univ.BitString()) 383) 384 385 386class PhysicalDeliveryOfficeName(PDSParameter): 387 pass 388 389 390ub_extension_attributes = univ.Integer(256) 391 392certificateExtensionsMap = { 393} 394 395oraddressExtensionAttributeMap = { 396} 397 398 399class ExtensionAttribute(univ.Sequence): 400 componentType = namedtype.NamedTypes( 401 namedtype.NamedType( 402 'extension-attribute-type', 403 univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 404 namedtype.NamedType( 405 'extension-attribute-value', 406 univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)), 407 openType=opentype.OpenType('extension-attribute-type', oraddressExtensionAttributeMap)) 408 ) 409 410id_qt = _buildOid(id_pkix, 2) 411 412id_qt_cps = _buildOid(id_qt, 1) 413 414id_at_stateOrProvinceName = _buildOid(id_at, 8) 415 416id_at_title = _buildOid(id_at, 12) 417 418id_at_serialNumber = _buildOid(id_at, 5) 419 420 421class X520dnQualifier(char.PrintableString): 422 pass 423 424 425class PosteRestanteAddress(PDSParameter): 426 pass 427 428 429poste_restante_address = univ.Integer(19) 430 431 432class UniqueIdentifier(univ.BitString): 433 pass 434 435 436class Validity(univ.Sequence): 437 pass 438 439 440Validity.componentType = namedtype.NamedTypes( 441 namedtype.NamedType('notBefore', Time()), 442 namedtype.NamedType('notAfter', Time()) 443) 444 445 446class SubjectPublicKeyInfo(univ.Sequence): 447 pass 448 449 450SubjectPublicKeyInfo.componentType = namedtype.NamedTypes( 451 namedtype.NamedType('algorithm', AlgorithmIdentifier()), 452 namedtype.NamedType('subjectPublicKey', univ.BitString()) 453) 454 455 456class TBSCertificate(univ.Sequence): 457 pass 458 459 460TBSCertificate.componentType = namedtype.NamedTypes( 461 namedtype.DefaultedNamedType('version', 462 Version().subtype(explicitTag=tag.Tag(tag.tagClassContext, 463 tag.tagFormatSimple, 0)).subtype(value="v1")), 464 namedtype.NamedType('serialNumber', CertificateSerialNumber()), 465 namedtype.NamedType('signature', AlgorithmIdentifier()), 466 namedtype.NamedType('issuer', Name()), 467 namedtype.NamedType('validity', Validity()), 468 namedtype.NamedType('subject', Name()), 469 namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), 470 namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( 471 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 472 namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( 473 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 474 namedtype.OptionalNamedType('extensions', 475 Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 476) 477 478physical_delivery_office_name = univ.Integer(10) 479 480ub_name = univ.Integer(32768) 481 482 483class X520name(univ.Choice): 484 pass 485 486 487X520name.componentType = namedtype.NamedTypes( 488 namedtype.NamedType('teletexString', 489 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 490 namedtype.NamedType('printableString', 491 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 492 namedtype.NamedType('universalString', 493 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 494 namedtype.NamedType('utf8String', 495 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 496 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) 497) 498 499id_at_dnQualifier = _buildOid(id_at, 46) 500 501ub_serial_number = univ.Integer(64) 502 503ub_pseudonym = univ.Integer(128) 504 505pkcs_9 = _buildOid(1, 2, 840, 113549, 1, 9) 506 507 508class X121Address(char.NumericString): 509 pass 510 511 512X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length) 513 514 515class NetworkAddress(X121Address): 516 pass 517 518 519ub_integer_options = univ.Integer(256) 520 521id_at_commonName = _buildOid(id_at, 3) 522 523ub_organization_name_length = univ.Integer(64) 524 525id_ad_ocsp = _buildOid(id_ad, 1) 526 527ub_country_name_numeric_length = univ.Integer(3) 528 529ub_country_name_alpha_length = univ.Integer(2) 530 531 532class PhysicalDeliveryCountryName(univ.Choice): 533 pass 534 535 536PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes( 537 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( 538 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), 539 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( 540 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 541) 542 543id_emailAddress = _buildOid(pkcs_9, 1) 544 545common_name = univ.Integer(1) 546 547 548class X520Pseudonym(univ.Choice): 549 pass 550 551 552X520Pseudonym.componentType = namedtype.NamedTypes( 553 namedtype.NamedType('teletexString', 554 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 555 namedtype.NamedType('printableString', 556 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 557 namedtype.NamedType('universalString', 558 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 559 namedtype.NamedType('utf8String', 560 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))), 561 namedtype.NamedType('bmpString', 562 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))) 563) 564 565ub_domain_name_length = univ.Integer(16) 566 567 568class AdministrationDomainName(univ.Choice): 569 pass 570 571 572AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly( 573 tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2)) 574AdministrationDomainName.componentType = namedtype.NamedTypes( 575 namedtype.NamedType('numeric', char.NumericString().subtype( 576 subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), 577 namedtype.NamedType('printable', char.PrintableString().subtype( 578 subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) 579) 580 581 582class PresentationAddress(univ.Sequence): 583 pass 584 585 586PresentationAddress.componentType = namedtype.NamedTypes( 587 namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( 588 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 589 namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( 590 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 591 namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( 592 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 593 namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( 594 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 595) 596 597 598class ExtendedNetworkAddress(univ.Choice): 599 pass 600 601 602ExtendedNetworkAddress.componentType = namedtype.NamedTypes( 603 namedtype.NamedType( 604 'e163-4-address', univ.Sequence( 605 componentType=namedtype.NamedTypes( 606 namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 607 namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 608 ) 609 ) 610 ), 611 namedtype.NamedType('psap-address', PresentationAddress().subtype( 612 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 613) 614 615 616class TeletexOrganizationName(char.TeletexString): 617 pass 618 619 620TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) 621 622ub_terminal_id_length = univ.Integer(24) 623 624 625class TerminalIdentifier(char.PrintableString): 626 pass 627 628 629TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length) 630 631id_ad_caIssuers = _buildOid(id_ad, 2) 632 633id_at_countryName = _buildOid(id_at, 6) 634 635 636class StreetAddress(PDSParameter): 637 pass 638 639 640postal_code = univ.Integer(9) 641 642id_at_givenName = _buildOid(id_at, 42) 643 644ub_title = univ.Integer(64) 645 646 647class ExtensionAttributes(univ.SetOf): 648 pass 649 650 651ExtensionAttributes.componentType = ExtensionAttribute() 652ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes) 653 654ub_emailaddress_length = univ.Integer(255) 655 656id_ad_caRepository = _buildOid(id_ad, 5) 657 658 659class ExtensionORAddressComponents(PDSParameter): 660 pass 661 662 663ub_organizational_unit_name = univ.Integer(64) 664 665 666class X520OrganizationalUnitName(univ.Choice): 667 pass 668 669 670X520OrganizationalUnitName.componentType = namedtype.NamedTypes( 671 namedtype.NamedType('teletexString', char.TeletexString().subtype( 672 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 673 namedtype.NamedType('printableString', char.PrintableString().subtype( 674 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 675 namedtype.NamedType('universalString', char.UniversalString().subtype( 676 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 677 namedtype.NamedType('utf8String', char.UTF8String().subtype( 678 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 679 namedtype.NamedType('bmpString', char.BMPString().subtype( 680 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) 681) 682 683 684class LocalPostalAttributes(PDSParameter): 685 pass 686 687 688teletex_organizational_unit_names = univ.Integer(5) 689 690 691class X520Title(univ.Choice): 692 pass 693 694 695X520Title.componentType = namedtype.NamedTypes( 696 namedtype.NamedType('teletexString', 697 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 698 namedtype.NamedType('printableString', 699 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 700 namedtype.NamedType('universalString', 701 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 702 namedtype.NamedType('utf8String', 703 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 704 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) 705) 706 707id_at_localityName = _buildOid(id_at, 7) 708 709id_at_initials = _buildOid(id_at, 43) 710 711ub_state_name = univ.Integer(128) 712 713 714class X520StateOrProvinceName(univ.Choice): 715 pass 716 717 718X520StateOrProvinceName.componentType = namedtype.NamedTypes( 719 namedtype.NamedType('teletexString', 720 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 721 namedtype.NamedType('printableString', 722 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 723 namedtype.NamedType('universalString', 724 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 725 namedtype.NamedType('utf8String', 726 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 727 namedtype.NamedType('bmpString', 728 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) 729) 730 731physical_delivery_organization_name = univ.Integer(14) 732 733id_at_surname = _buildOid(id_at, 4) 734 735 736class X520countryName(char.PrintableString): 737 pass 738 739 740X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2) 741 742physical_delivery_office_number = univ.Integer(11) 743 744id_qt_unotice = _buildOid(id_qt, 2) 745 746 747class X520SerialNumber(char.PrintableString): 748 pass 749 750 751X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number) 752 753 754class Attribute(univ.Sequence): 755 componentType = namedtype.NamedTypes( 756 namedtype.NamedType('type', AttributeType()), 757 namedtype.NamedType('values', 758 univ.SetOf(componentType=AttributeValue()), 759 openType=opentype.OpenType('type', certificateAttributesMap)) 760 ) 761 762ub_common_name = univ.Integer(64) 763 764id_pe = _buildOid(id_pkix, 1) 765 766 767class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): 768 pass 769 770 771class EmailAddress(char.IA5String): 772 pass 773 774 775EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length) 776 777id_at_organizationName = _buildOid(id_at, 10) 778 779post_office_box_address = univ.Integer(18) 780 781 782class BuiltInDomainDefinedAttribute(univ.Sequence): 783 pass 784 785 786BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes( 787 namedtype.NamedType('type', char.PrintableString().subtype( 788 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 789 namedtype.NamedType('value', char.PrintableString().subtype( 790 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) 791) 792 793 794class BuiltInDomainDefinedAttributes(univ.SequenceOf): 795 pass 796 797 798BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute() 799BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 800 801id_at_pseudonym = _buildOid(id_at, 65) 802 803id_domainComponent = _buildOid(0, 9, 2342, 19200300, 100, 1, 25) 804 805 806class X520CommonName(univ.Choice): 807 pass 808 809 810X520CommonName.componentType = namedtype.NamedTypes( 811 namedtype.NamedType('teletexString', 812 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 813 namedtype.NamedType('printableString', 814 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 815 namedtype.NamedType('universalString', 816 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 817 namedtype.NamedType('utf8String', 818 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 819 namedtype.NamedType('bmpString', 820 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) 821) 822 823extension_OR_address_components = univ.Integer(12) 824 825ub_organizational_units = univ.Integer(4) 826 827teletex_personal_name = univ.Integer(4) 828 829ub_numeric_user_id_length = univ.Integer(32) 830 831ub_common_name_length = univ.Integer(64) 832 833 834class TeletexCommonName(char.TeletexString): 835 pass 836 837 838TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) 839 840 841class PhysicalDeliveryOrganizationName(PDSParameter): 842 pass 843 844 845extension_physical_delivery_address_components = univ.Integer(15) 846 847 848class NumericUserIdentifier(char.NumericString): 849 pass 850 851 852NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) 853 854 855class CountryName(univ.Choice): 856 pass 857 858 859CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1)) 860CountryName.componentType = namedtype.NamedTypes( 861 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( 862 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))), 863 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( 864 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 865) 866 867 868class OrganizationName(char.PrintableString): 869 pass 870 871 872OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length) 873 874 875class OrganizationalUnitNames(univ.SequenceOf): 876 pass 877 878 879OrganizationalUnitNames.componentType = OrganizationalUnitName() 880OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) 881 882 883class PrivateDomainName(univ.Choice): 884 pass 885 886 887PrivateDomainName.componentType = namedtype.NamedTypes( 888 namedtype.NamedType('numeric', char.NumericString().subtype( 889 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), 890 namedtype.NamedType('printable', char.PrintableString().subtype( 891 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) 892) 893 894 895class BuiltInStandardAttributes(univ.Sequence): 896 pass 897 898 899BuiltInStandardAttributes.componentType = namedtype.NamedTypes( 900 namedtype.OptionalNamedType('country-name', CountryName()), 901 namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), 902 namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( 903 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 904 namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( 905 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 906 namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( 907 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))), 908 namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( 909 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 910 namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( 911 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), 912 namedtype.OptionalNamedType('personal-name', PersonalName().subtype( 913 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), 914 namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( 915 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) 916) 917 918 919class ORAddress(univ.Sequence): 920 pass 921 922 923ORAddress.componentType = namedtype.NamedTypes( 924 namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), 925 namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), 926 namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) 927) 928 929 930class DistinguishedName(RDNSequence): 931 pass 932 933 934id_ad_timeStamping = _buildOid(id_ad, 3) 935 936 937class PhysicalDeliveryOfficeNumber(PDSParameter): 938 pass 939 940 941teletex_domain_defined_attributes = univ.Integer(6) 942 943 944class UniquePostalName(PDSParameter): 945 pass 946 947 948physical_delivery_country_name = univ.Integer(8) 949 950ub_pds_name_length = univ.Integer(16) 951 952 953class PDSName(char.PrintableString): 954 pass 955 956 957PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length) 958 959 960class TeletexPersonalName(univ.Set): 961 pass 962 963 964TeletexPersonalName.componentType = namedtype.NamedTypes( 965 namedtype.NamedType('surname', char.TeletexString().subtype( 966 subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype( 967 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 968 namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( 969 subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype( 970 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 971 namedtype.OptionalNamedType('initials', char.TeletexString().subtype( 972 subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype( 973 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 974 namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( 975 subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype( 976 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 977) 978 979street_address = univ.Integer(17) 980 981 982class PostOfficeBoxAddress(PDSParameter): 983 pass 984 985 986local_postal_attributes = univ.Integer(21) 987 988 989class DirectoryString(univ.Choice): 990 pass 991 992 993DirectoryString.componentType = namedtype.NamedTypes( 994 namedtype.NamedType('teletexString', 995 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 996 namedtype.NamedType('printableString', 997 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 998 namedtype.NamedType('universalString', 999 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 1000 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 1001 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) 1002) 1003 1004teletex_common_name = univ.Integer(2) 1005 1006 1007class CommonName(char.PrintableString): 1008 pass 1009 1010 1011CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length) 1012 1013 1014class Certificate(univ.Sequence): 1015 pass 1016 1017 1018Certificate.componentType = namedtype.NamedTypes( 1019 namedtype.NamedType('tbsCertificate', TBSCertificate()), 1020 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 1021 namedtype.NamedType('signature', univ.BitString()) 1022) 1023 1024 1025class TeletexOrganizationalUnitName(char.TeletexString): 1026 pass 1027 1028 1029TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 1030 1031id_at_name = _buildOid(id_at, 41) 1032 1033 1034class TeletexOrganizationalUnitNames(univ.SequenceOf): 1035 pass 1036 1037 1038TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName() 1039TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units) 1040 1041id_ce = _buildOid(2, 5, 29) 1042 1043id_ce_issuerAltName = _buildOid(id_ce, 18) 1044 1045 1046class SkipCerts(univ.Integer): 1047 pass 1048 1049 1050SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 1051 1052 1053class CRLReason(univ.Enumerated): 1054 pass 1055 1056 1057CRLReason.namedValues = namedval.NamedValues( 1058 ('unspecified', 0), 1059 ('keyCompromise', 1), 1060 ('cACompromise', 2), 1061 ('affiliationChanged', 3), 1062 ('superseded', 4), 1063 ('cessationOfOperation', 5), 1064 ('certificateHold', 6), 1065 ('removeFromCRL', 8), 1066 ('privilegeWithdrawn', 9), 1067 ('aACompromise', 10) 1068) 1069 1070 1071class PrivateKeyUsagePeriod(univ.Sequence): 1072 pass 1073 1074 1075PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes( 1076 namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( 1077 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1078 namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( 1079 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1080) 1081 1082 1083anotherNameMap = { 1084 1085} 1086 1087 1088class AnotherName(univ.Sequence): 1089 componentType = namedtype.NamedTypes( 1090 namedtype.NamedType('type-id', univ.ObjectIdentifier()), 1091 namedtype.NamedType( 1092 'value', 1093 univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)), 1094 openType=opentype.OpenType('type-id', anotherNameMap) 1095 ) 1096 ) 1097 1098 1099class EDIPartyName(univ.Sequence): 1100 pass 1101 1102 1103EDIPartyName.componentType = namedtype.NamedTypes( 1104 namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( 1105 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1106 namedtype.NamedType('partyName', DirectoryString().subtype( 1107 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 1108) 1109 1110 1111class GeneralName(univ.Choice): 1112 pass 1113 1114 1115GeneralName.componentType = namedtype.NamedTypes( 1116 namedtype.NamedType('otherName', 1117 AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1118 namedtype.NamedType('rfc822Name', 1119 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 1120 namedtype.NamedType('dNSName', 1121 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 1122 namedtype.NamedType('x400Address', 1123 ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 1124 namedtype.NamedType('directoryName', 1125 Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))), 1126 namedtype.NamedType('ediPartyName', 1127 EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))), 1128 namedtype.NamedType('uniformResourceIdentifier', 1129 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), 1130 namedtype.NamedType('iPAddress', 1131 univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), 1132 namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( 1133 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) 1134) 1135 1136 1137class BaseDistance(univ.Integer): 1138 pass 1139 1140 1141BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 1142 1143 1144class GeneralSubtree(univ.Sequence): 1145 pass 1146 1147 1148GeneralSubtree.componentType = namedtype.NamedTypes( 1149 namedtype.NamedType('base', GeneralName()), 1150 namedtype.DefaultedNamedType('minimum', BaseDistance().subtype( 1151 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)), 1152 namedtype.OptionalNamedType('maximum', BaseDistance().subtype( 1153 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1154) 1155 1156 1157class GeneralNames(univ.SequenceOf): 1158 pass 1159 1160 1161GeneralNames.componentType = GeneralName() 1162GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1163 1164 1165class DistributionPointName(univ.Choice): 1166 pass 1167 1168 1169DistributionPointName.componentType = namedtype.NamedTypes( 1170 namedtype.NamedType('fullName', 1171 GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1172 namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( 1173 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1174) 1175 1176 1177class ReasonFlags(univ.BitString): 1178 pass 1179 1180 1181ReasonFlags.namedValues = namedval.NamedValues( 1182 ('unused', 0), 1183 ('keyCompromise', 1), 1184 ('cACompromise', 2), 1185 ('affiliationChanged', 3), 1186 ('superseded', 4), 1187 ('cessationOfOperation', 5), 1188 ('certificateHold', 6), 1189 ('privilegeWithdrawn', 7), 1190 ('aACompromise', 8) 1191) 1192 1193 1194class IssuingDistributionPoint(univ.Sequence): 1195 pass 1196 1197 1198IssuingDistributionPoint.componentType = namedtype.NamedTypes( 1199 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( 1200 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1201 namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype( 1202 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)), 1203 namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype( 1204 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)), 1205 namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( 1206 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 1207 namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype( 1208 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)), 1209 namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype( 1210 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0)) 1211) 1212 1213id_ce_certificatePolicies = _buildOid(id_ce, 32) 1214 1215id_kp_emailProtection = _buildOid(id_kp, 4) 1216 1217 1218class AccessDescription(univ.Sequence): 1219 pass 1220 1221 1222AccessDescription.componentType = namedtype.NamedTypes( 1223 namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), 1224 namedtype.NamedType('accessLocation', GeneralName()) 1225) 1226 1227 1228class IssuerAltName(GeneralNames): 1229 pass 1230 1231 1232id_ce_cRLDistributionPoints = _buildOid(id_ce, 31) 1233 1234holdInstruction = _buildOid(2, 2, 840, 10040, 2) 1235 1236id_holdinstruction_callissuer = _buildOid(holdInstruction, 2) 1237 1238id_ce_subjectDirectoryAttributes = _buildOid(id_ce, 9) 1239 1240id_ce_issuingDistributionPoint = _buildOid(id_ce, 28) 1241 1242 1243class DistributionPoint(univ.Sequence): 1244 pass 1245 1246 1247DistributionPoint.componentType = namedtype.NamedTypes( 1248 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( 1249 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 1250 namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( 1251 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 1252 namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( 1253 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 1254) 1255 1256 1257class CRLDistributionPoints(univ.SequenceOf): 1258 pass 1259 1260 1261CRLDistributionPoints.componentType = DistributionPoint() 1262CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1263 1264 1265class GeneralSubtrees(univ.SequenceOf): 1266 pass 1267 1268 1269GeneralSubtrees.componentType = GeneralSubtree() 1270GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1271 1272 1273class NameConstraints(univ.Sequence): 1274 pass 1275 1276 1277NameConstraints.componentType = namedtype.NamedTypes( 1278 namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( 1279 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1280 namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( 1281 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1282) 1283 1284 1285class SubjectDirectoryAttributes(univ.SequenceOf): 1286 pass 1287 1288 1289SubjectDirectoryAttributes.componentType = Attribute() 1290SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1291 1292id_kp_OCSPSigning = _buildOid(id_kp, 9) 1293 1294id_kp_timeStamping = _buildOid(id_kp, 8) 1295 1296 1297class DisplayText(univ.Choice): 1298 pass 1299 1300 1301DisplayText.componentType = namedtype.NamedTypes( 1302 namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 1303 namedtype.NamedType('visibleString', 1304 char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 1305 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 1306 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) 1307) 1308 1309 1310class NoticeReference(univ.Sequence): 1311 pass 1312 1313 1314NoticeReference.componentType = namedtype.NamedTypes( 1315 namedtype.NamedType('organization', DisplayText()), 1316 namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) 1317) 1318 1319 1320class UserNotice(univ.Sequence): 1321 pass 1322 1323 1324UserNotice.componentType = namedtype.NamedTypes( 1325 namedtype.OptionalNamedType('noticeRef', NoticeReference()), 1326 namedtype.OptionalNamedType('explicitText', DisplayText()) 1327) 1328 1329 1330class PolicyQualifierId(univ.ObjectIdentifier): 1331 pass 1332 1333 1334policyQualifierInfoMap = { 1335 1336} 1337 1338 1339class PolicyQualifierInfo(univ.Sequence): 1340 componentType = namedtype.NamedTypes( 1341 namedtype.NamedType('policyQualifierId', PolicyQualifierId()), 1342 namedtype.NamedType( 1343 'qualifier', univ.Any(), 1344 openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap) 1345 ) 1346 ) 1347 1348 1349class CertPolicyId(univ.ObjectIdentifier): 1350 pass 1351 1352 1353class PolicyInformation(univ.Sequence): 1354 pass 1355 1356 1357PolicyInformation.componentType = namedtype.NamedTypes( 1358 namedtype.NamedType('policyIdentifier', CertPolicyId()), 1359 namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo())) 1360) 1361 1362 1363class CertificatePolicies(univ.SequenceOf): 1364 pass 1365 1366 1367CertificatePolicies.componentType = PolicyInformation() 1368CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1369 1370 1371class SubjectAltName(GeneralNames): 1372 pass 1373 1374 1375id_ce_basicConstraints = _buildOid(id_ce, 19) 1376 1377id_ce_authorityKeyIdentifier = _buildOid(id_ce, 35) 1378 1379id_kp_codeSigning = _buildOid(id_kp, 3) 1380 1381 1382class BasicConstraints(univ.Sequence): 1383 pass 1384 1385 1386BasicConstraints.componentType = namedtype.NamedTypes( 1387 namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)), 1388 namedtype.OptionalNamedType('pathLenConstraint', 1389 univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) 1390) 1391 1392id_ce_certificateIssuer = _buildOid(id_ce, 29) 1393 1394 1395class PolicyMappings(univ.SequenceOf): 1396 pass 1397 1398 1399PolicyMappings.componentType = univ.Sequence( 1400 componentType=namedtype.NamedTypes( 1401 namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), 1402 namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) 1403 ) 1404) 1405 1406PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1407 1408 1409class InhibitAnyPolicy(SkipCerts): 1410 pass 1411 1412 1413anyPolicy = _buildOid(id_ce_certificatePolicies, 0) 1414 1415 1416class CRLNumber(univ.Integer): 1417 pass 1418 1419 1420CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 1421 1422 1423class BaseCRLNumber(CRLNumber): 1424 pass 1425 1426 1427id_ce_nameConstraints = _buildOid(id_ce, 30) 1428 1429id_kp_serverAuth = _buildOid(id_kp, 1) 1430 1431id_ce_freshestCRL = _buildOid(id_ce, 46) 1432 1433id_ce_cRLReasons = _buildOid(id_ce, 21) 1434 1435id_ce_extKeyUsage = _buildOid(id_ce, 37) 1436 1437 1438class KeyIdentifier(univ.OctetString): 1439 pass 1440 1441 1442class AuthorityKeyIdentifier(univ.Sequence): 1443 pass 1444 1445 1446AuthorityKeyIdentifier.componentType = namedtype.NamedTypes( 1447 namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( 1448 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1449 namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( 1450 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 1451 namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( 1452 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 1453) 1454 1455 1456class FreshestCRL(CRLDistributionPoints): 1457 pass 1458 1459 1460id_ce_policyConstraints = _buildOid(id_ce, 36) 1461 1462id_pe_authorityInfoAccess = _buildOid(id_pe, 1) 1463 1464 1465class AuthorityInfoAccessSyntax(univ.SequenceOf): 1466 pass 1467 1468 1469AuthorityInfoAccessSyntax.componentType = AccessDescription() 1470AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1471 1472id_holdinstruction_none = _buildOid(holdInstruction, 1) 1473 1474 1475class CPSuri(char.IA5String): 1476 pass 1477 1478 1479id_pe_subjectInfoAccess = _buildOid(id_pe, 11) 1480 1481 1482class SubjectKeyIdentifier(KeyIdentifier): 1483 pass 1484 1485 1486id_ce_subjectAltName = _buildOid(id_ce, 17) 1487 1488 1489class KeyPurposeId(univ.ObjectIdentifier): 1490 pass 1491 1492 1493class ExtKeyUsageSyntax(univ.SequenceOf): 1494 pass 1495 1496 1497ExtKeyUsageSyntax.componentType = KeyPurposeId() 1498ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1499 1500 1501class HoldInstructionCode(univ.ObjectIdentifier): 1502 pass 1503 1504 1505id_ce_deltaCRLIndicator = _buildOid(id_ce, 27) 1506 1507id_ce_keyUsage = _buildOid(id_ce, 15) 1508 1509id_ce_holdInstructionCode = _buildOid(id_ce, 23) 1510 1511 1512class SubjectInfoAccessSyntax(univ.SequenceOf): 1513 pass 1514 1515 1516SubjectInfoAccessSyntax.componentType = AccessDescription() 1517SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX) 1518 1519 1520class InvalidityDate(useful.GeneralizedTime): 1521 pass 1522 1523 1524class KeyUsage(univ.BitString): 1525 pass 1526 1527 1528KeyUsage.namedValues = namedval.NamedValues( 1529 ('digitalSignature', 0), 1530 ('nonRepudiation', 1), 1531 ('keyEncipherment', 2), 1532 ('dataEncipherment', 3), 1533 ('keyAgreement', 4), 1534 ('keyCertSign', 5), 1535 ('cRLSign', 6), 1536 ('encipherOnly', 7), 1537 ('decipherOnly', 8) 1538) 1539 1540id_ce_invalidityDate = _buildOid(id_ce, 24) 1541 1542id_ce_policyMappings = _buildOid(id_ce, 33) 1543 1544anyExtendedKeyUsage = _buildOid(id_ce_extKeyUsage, 0) 1545 1546id_ce_privateKeyUsagePeriod = _buildOid(id_ce, 16) 1547 1548id_ce_cRLNumber = _buildOid(id_ce, 20) 1549 1550 1551class CertificateIssuer(GeneralNames): 1552 pass 1553 1554 1555id_holdinstruction_reject = _buildOid(holdInstruction, 3) 1556 1557 1558class PolicyConstraints(univ.Sequence): 1559 pass 1560 1561 1562PolicyConstraints.componentType = namedtype.NamedTypes( 1563 namedtype.OptionalNamedType('requireExplicitPolicy', 1564 SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 1565 namedtype.OptionalNamedType('inhibitPolicyMapping', 1566 SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 1567) 1568 1569id_kp_clientAuth = _buildOid(id_kp, 2) 1570 1571id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14) 1572 1573id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54) 1574 1575# map of ORAddress ExtensionAttribute type to ExtensionAttribute value 1576 1577_oraddressExtensionAttributeMapUpdate = { 1578 common_name: CommonName(), 1579 teletex_common_name: TeletexCommonName(), 1580 teletex_organization_name: TeletexOrganizationName(), 1581 teletex_personal_name: TeletexPersonalName(), 1582 teletex_organizational_unit_names: TeletexOrganizationalUnitNames(), 1583 pds_name: PDSName(), 1584 physical_delivery_country_name: PhysicalDeliveryCountryName(), 1585 postal_code: PostalCode(), 1586 physical_delivery_office_name: PhysicalDeliveryOfficeName(), 1587 physical_delivery_office_number: PhysicalDeliveryOfficeNumber(), 1588 extension_OR_address_components: ExtensionORAddressComponents(), 1589 physical_delivery_personal_name: PhysicalDeliveryPersonalName(), 1590 physical_delivery_organization_name: PhysicalDeliveryOrganizationName(), 1591 extension_physical_delivery_address_components: ExtensionPhysicalDeliveryAddressComponents(), 1592 unformatted_postal_address: UnformattedPostalAddress(), 1593 street_address: StreetAddress(), 1594 post_office_box_address: PostOfficeBoxAddress(), 1595 poste_restante_address: PosteRestanteAddress(), 1596 unique_postal_name: UniquePostalName(), 1597 local_postal_attributes: LocalPostalAttributes(), 1598 extended_network_address: ExtendedNetworkAddress(), 1599 terminal_type: TerminalType(), 1600 teletex_domain_defined_attributes: TeletexDomainDefinedAttributes(), 1601} 1602 1603oraddressExtensionAttributeMap.update(_oraddressExtensionAttributeMapUpdate) 1604 1605 1606# map of AttributeType -> AttributeValue 1607 1608_certificateAttributesMapUpdate = { 1609 id_at_name: X520name(), 1610 id_at_surname: X520name(), 1611 id_at_givenName: X520name(), 1612 id_at_initials: X520name(), 1613 id_at_generationQualifier: X520name(), 1614 id_at_commonName: X520CommonName(), 1615 id_at_localityName: X520LocalityName(), 1616 id_at_stateOrProvinceName: X520StateOrProvinceName(), 1617 id_at_organizationName: X520OrganizationName(), 1618 id_at_organizationalUnitName: X520OrganizationalUnitName(), 1619 id_at_title: X520Title(), 1620 id_at_dnQualifier: X520dnQualifier(), 1621 id_at_countryName: X520countryName(), 1622 id_at_serialNumber: X520SerialNumber(), 1623 id_at_pseudonym: X520Pseudonym(), 1624 id_domainComponent: DomainComponent(), 1625 id_emailAddress: EmailAddress(), 1626} 1627 1628certificateAttributesMap.update(_certificateAttributesMapUpdate) 1629 1630 1631# map of Certificate Extension OIDs to Extensions 1632 1633_certificateExtensionsMap = { 1634 id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), 1635 id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), 1636 id_ce_keyUsage: KeyUsage(), 1637 id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), 1638 id_ce_certificatePolicies: CertificatePolicies(), 1639 id_ce_policyMappings: PolicyMappings(), 1640 id_ce_subjectAltName: SubjectAltName(), 1641 id_ce_issuerAltName: IssuerAltName(), 1642 id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), 1643 id_ce_basicConstraints: BasicConstraints(), 1644 id_ce_nameConstraints: NameConstraints(), 1645 id_ce_policyConstraints: PolicyConstraints(), 1646 id_ce_extKeyUsage: ExtKeyUsageSyntax(), 1647 id_ce_cRLDistributionPoints: CRLDistributionPoints(), 1648 id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), 1649 id_ce_cRLNumber: univ.Integer(), 1650 id_ce_deltaCRLIndicator: BaseCRLNumber(), 1651 id_ce_issuingDistributionPoint: IssuingDistributionPoint(), 1652 id_ce_cRLReasons: CRLReason(), 1653 id_ce_holdInstructionCode: univ.ObjectIdentifier(), 1654 id_ce_invalidityDate: useful.GeneralizedTime(), 1655 id_ce_certificateIssuer: GeneralNames(), 1656} 1657 1658certificateExtensionsMap.update(_certificateExtensionsMap) 1659