1# This file is being contributed to pyasn1-modules software. 2# 3# Created by Russ Housley with assistance from asn1ate v.0.6.0. 4# Modified by Russ Housley to add maps for opentypes. 5# 6# Copyright (c) 2019, Vigil Security, LLC 7# License: http://snmplabs.com/pyasn1/license.html 8# 9# Elliptic Curve Cryptography Subject Public Key Information 10# 11# ASN.1 source from: 12# https://www.rfc-editor.org/rfc/rfc5480.txt 13 14 15# What can be imported from rfc4055.py ? 16 17from pyasn1.type import namedtype 18from pyasn1.type import univ 19 20from pyasn1_modules import rfc3279 21from pyasn1_modules import rfc5280 22 23 24# These structures are the same as RFC 3279. 25 26DHPublicKey = rfc3279.DHPublicKey 27 28DSAPublicKey = rfc3279.DSAPublicKey 29 30ValidationParms = rfc3279.ValidationParms 31 32DomainParameters = rfc3279.DomainParameters 33 34ECDSA_Sig_Value = rfc3279.ECDSA_Sig_Value 35 36ECPoint = rfc3279.ECPoint 37 38KEA_Parms_Id = rfc3279.KEA_Parms_Id 39 40RSAPublicKey = rfc3279.RSAPublicKey 41 42 43# RFC 5480 changed the names of these structures from RFC 3279. 44 45DSS_Parms = rfc3279.Dss_Parms 46 47DSA_Sig_Value = rfc3279.Dss_Sig_Value 48 49 50# RFC 3279 defines a more complex alternative for ECParameters. 51# RFC 5480 narrows the definition to a single CHOICE: namedCurve. 52 53class ECParameters(univ.Choice): 54 pass 55 56ECParameters.componentType = namedtype.NamedTypes( 57 namedtype.NamedType('namedCurve', univ.ObjectIdentifier()) 58) 59 60 61# OIDs for Message Digest Algorithms 62 63id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2') 64 65id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5') 66 67id_sha1 = univ.ObjectIdentifier('1.3.14.3.2.26') 68 69id_sha224 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.4') 70 71id_sha256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.1') 72 73id_sha384 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.2') 74 75id_sha512 = univ.ObjectIdentifier('2.16.840.1.101.3.4.2.3') 76 77 78# OID for RSA PK Algorithm and Key 79 80rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') 81 82 83# OID for DSA PK Algorithm, Key, and Parameters 84 85id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') 86 87 88# OID for Diffie-Hellman PK Algorithm, Key, and Parameters 89 90dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') 91 92# OID for KEA PK Algorithm and Parameters 93 94id_keyExchangeAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.22') 95 96 97# OIDs for Elliptic Curve Algorithm ID, Key, and Parameters 98# Note that ECDSA keys always use this OID 99 100id_ecPublicKey = univ.ObjectIdentifier('1.2.840.10045.2.1') 101 102id_ecDH = univ.ObjectIdentifier('1.3.132.1.12') 103 104id_ecMQV = univ.ObjectIdentifier('1.3.132.1.13') 105 106 107# OIDs for RSA Signature Algorithms 108 109md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') 110 111md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') 112 113sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') 114 115 116# OIDs for DSA Signature Algorithms 117 118id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') 119 120id_dsa_with_sha224 = univ.ObjectIdentifier('2.16.840.1.101.3.4.3.1') 121 122id_dsa_with_sha256 = univ.ObjectIdentifier('2.16.840.1.101.3.4.3.2') 123 124 125# OIDs for ECDSA Signature Algorithms 126 127ecdsa_with_SHA1 = univ.ObjectIdentifier('1.2.840.10045.4.1') 128 129ecdsa_with_SHA224 = univ.ObjectIdentifier('1.2.840.10045.4.3.1') 130 131ecdsa_with_SHA256 = univ.ObjectIdentifier('1.2.840.10045.4.3.2') 132 133ecdsa_with_SHA384 = univ.ObjectIdentifier('1.2.840.10045.4.3.3') 134 135ecdsa_with_SHA512 = univ.ObjectIdentifier('1.2.840.10045.4.3.4') 136 137 138# OIDs for Named Elliptic Curves 139 140secp192r1 = univ.ObjectIdentifier('1.2.840.10045.3.1.1') 141 142sect163k1 = univ.ObjectIdentifier('1.3.132.0.1') 143 144sect163r2 = univ.ObjectIdentifier('1.3.132.0.15') 145 146secp224r1 = univ.ObjectIdentifier('1.3.132.0.33') 147 148sect233k1 = univ.ObjectIdentifier('1.3.132.0.26') 149 150sect233r1 = univ.ObjectIdentifier('1.3.132.0.27') 151 152secp256r1 = univ.ObjectIdentifier('1.2.840.10045.3.1.7') 153 154sect283k1 = univ.ObjectIdentifier('1.3.132.0.16') 155 156sect283r1 = univ.ObjectIdentifier('1.3.132.0.17') 157 158secp384r1 = univ.ObjectIdentifier('1.3.132.0.34') 159 160sect409k1 = univ.ObjectIdentifier('1.3.132.0.36') 161 162sect409r1 = univ.ObjectIdentifier('1.3.132.0.37') 163 164secp521r1 = univ.ObjectIdentifier('1.3.132.0.35') 165 166sect571k1 = univ.ObjectIdentifier('1.3.132.0.38') 167 168sect571r1 = univ.ObjectIdentifier('1.3.132.0.39') 169 170 171# Map of Algorithm Identifier OIDs to Parameters 172# The algorithm is not included if the parameters MUST be absent 173 174_algorithmIdentifierMapUpdate = { 175 rsaEncryption: univ.Null(), 176 md2WithRSAEncryption: univ.Null(), 177 md5WithRSAEncryption: univ.Null(), 178 sha1WithRSAEncryption: univ.Null(), 179 id_dsa: DSS_Parms(), 180 dhpublicnumber: DomainParameters(), 181 id_keyExchangeAlgorithm: KEA_Parms_Id(), 182 id_ecPublicKey: ECParameters(), 183 id_ecDH: ECParameters(), 184 id_ecMQV: ECParameters(), 185} 186 187 188# Add these Algorithm Identifier map entries to the ones in rfc5280.py 189 190rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) 191