Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/pyasn1_modules/rfc2459.py: 100%

418 statements  

« prev     ^ index     » next       coverage.py v7.3.2, created at 2023-12-08 06:45 +0000

1# 

2# This file is part of pyasn1-modules software. 

3# 

4# Updated by Russ Housley to resolve the TODO regarding the Certificate 

5# Policies Certificate Extension. 

6# 

7# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com> 

8# License: http://snmplabs.com/pyasn1/license.html 

9# 

10# X.509 message syntax 

11# 

12# ASN.1 source from: 

13# http://www.trl.ibm.com/projects/xml/xss4j/data/asn1/grammars/x509.asn 

14# http://www.ietf.org/rfc/rfc2459.txt 

15# 

16# Sample captures from: 

17# http://wiki.wireshark.org/SampleCaptures/ 

18# 

19from pyasn1.type import char 

20from pyasn1.type import constraint 

21from pyasn1.type import namedtype 

22from pyasn1.type import namedval 

23from pyasn1.type import opentype 

24from pyasn1.type import tag 

25from pyasn1.type import univ 

26from pyasn1.type import useful 

27 

28MAX = float('inf') 

29 

30# 

31# PKIX1Explicit88 

32# 

33 

34# Upper Bounds 

35ub_name = univ.Integer(32768) 

36ub_common_name = univ.Integer(64) 

37ub_locality_name = univ.Integer(128) 

38ub_state_name = univ.Integer(128) 

39ub_organization_name = univ.Integer(64) 

40ub_organizational_unit_name = univ.Integer(64) 

41ub_title = univ.Integer(64) 

42ub_match = univ.Integer(128) 

43ub_emailaddress_length = univ.Integer(128) 

44ub_common_name_length = univ.Integer(64) 

45ub_country_name_alpha_length = univ.Integer(2) 

46ub_country_name_numeric_length = univ.Integer(3) 

47ub_domain_defined_attributes = univ.Integer(4) 

48ub_domain_defined_attribute_type_length = univ.Integer(8) 

49ub_domain_defined_attribute_value_length = univ.Integer(128) 

50ub_domain_name_length = univ.Integer(16) 

51ub_extension_attributes = univ.Integer(256) 

52ub_e163_4_number_length = univ.Integer(15) 

53ub_e163_4_sub_address_length = univ.Integer(40) 

54ub_generation_qualifier_length = univ.Integer(3) 

55ub_given_name_length = univ.Integer(16) 

56ub_initials_length = univ.Integer(5) 

57ub_integer_options = univ.Integer(256) 

58ub_numeric_user_id_length = univ.Integer(32) 

59ub_organization_name_length = univ.Integer(64) 

60ub_organizational_unit_name_length = univ.Integer(32) 

61ub_organizational_units = univ.Integer(4) 

62ub_pds_name_length = univ.Integer(16) 

63ub_pds_parameter_length = univ.Integer(30) 

64ub_pds_physical_address_lines = univ.Integer(6) 

65ub_postal_code_length = univ.Integer(16) 

66ub_surname_length = univ.Integer(40) 

67ub_terminal_id_length = univ.Integer(24) 

68ub_unformatted_address_length = univ.Integer(180) 

69ub_x121_address_length = univ.Integer(16) 

70 

71 

72class UniversalString(char.UniversalString): 

73 pass 

74 

75 

76class BMPString(char.BMPString): 

77 pass 

78 

79 

80class UTF8String(char.UTF8String): 

81 pass 

82 

83 

84id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7') 

85id_pe = univ.ObjectIdentifier('1.3.6.1.5.5.7.1') 

86id_qt = univ.ObjectIdentifier('1.3.6.1.5.5.7.2') 

87id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3') 

88id_ad = univ.ObjectIdentifier('1.3.6.1.5.5.7.48') 

89 

90id_qt_cps = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.1') 

91id_qt_unotice = univ.ObjectIdentifier('1.3.6.1.5.5.7.2.2') 

92 

93id_ad_ocsp = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.1') 

94id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2') 

95 

96 

97 

98 

99id_at = univ.ObjectIdentifier('2.5.4') 

100id_at_name = univ.ObjectIdentifier('2.5.4.41') 

101# preserve misspelled variable for compatibility 

102id_at_sutname = id_at_surname = univ.ObjectIdentifier('2.5.4.4') 

103id_at_givenName = univ.ObjectIdentifier('2.5.4.42') 

104id_at_initials = univ.ObjectIdentifier('2.5.4.43') 

105id_at_generationQualifier = univ.ObjectIdentifier('2.5.4.44') 

106 

107 

108class X520name(univ.Choice): 

109 componentType = namedtype.NamedTypes( 

110 namedtype.NamedType('teletexString', 

111 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 

112 namedtype.NamedType('printableString', 

113 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 

114 namedtype.NamedType('universalString', 

115 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 

116 namedtype.NamedType('utf8String', 

117 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))), 

118 namedtype.NamedType('bmpString', 

119 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))) 

120 ) 

121 

122 

123id_at_commonName = univ.ObjectIdentifier('2.5.4.3') 

124 

125 

126class X520CommonName(univ.Choice): 

127 componentType = namedtype.NamedTypes( 

128 namedtype.NamedType('teletexString', char.TeletexString().subtype( 

129 subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 

130 namedtype.NamedType('printableString', char.PrintableString().subtype( 

131 subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 

132 namedtype.NamedType('universalString', char.UniversalString().subtype( 

133 subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 

134 namedtype.NamedType('utf8String', 

135 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))), 

136 namedtype.NamedType('bmpString', 

137 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))) 

138 ) 

139 

140 

141id_at_localityName = univ.ObjectIdentifier('2.5.4.7') 

142 

143 

144class X520LocalityName(univ.Choice): 

145 componentType = namedtype.NamedTypes( 

146 namedtype.NamedType('teletexString', char.TeletexString().subtype( 

147 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 

148 namedtype.NamedType('printableString', char.PrintableString().subtype( 

149 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 

150 namedtype.NamedType('universalString', char.UniversalString().subtype( 

151 subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 

152 namedtype.NamedType('utf8String', 

153 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))), 

154 namedtype.NamedType('bmpString', 

155 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))) 

156 ) 

157 

158 

159id_at_stateOrProvinceName = univ.ObjectIdentifier('2.5.4.8') 

160 

161 

162class X520StateOrProvinceName(univ.Choice): 

163 componentType = namedtype.NamedTypes( 

164 namedtype.NamedType('teletexString', 

165 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 

166 namedtype.NamedType('printableString', char.PrintableString().subtype( 

167 subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 

168 namedtype.NamedType('universalString', char.UniversalString().subtype( 

169 subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 

170 namedtype.NamedType('utf8String', 

171 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))), 

172 namedtype.NamedType('bmpString', 

173 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))) 

174 ) 

175 

176 

177id_at_organizationName = univ.ObjectIdentifier('2.5.4.10') 

178 

179 

180class X520OrganizationName(univ.Choice): 

181 componentType = namedtype.NamedTypes( 

182 namedtype.NamedType('teletexString', char.TeletexString().subtype( 

183 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 

184 namedtype.NamedType('printableString', char.PrintableString().subtype( 

185 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 

186 namedtype.NamedType('universalString', char.UniversalString().subtype( 

187 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 

188 namedtype.NamedType('utf8String', char.UTF8String().subtype( 

189 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))), 

190 namedtype.NamedType('bmpString', char.BMPString().subtype( 

191 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))) 

192 ) 

193 

194 

195id_at_organizationalUnitName = univ.ObjectIdentifier('2.5.4.11') 

196 

197 

198class X520OrganizationalUnitName(univ.Choice): 

199 componentType = namedtype.NamedTypes( 

200 namedtype.NamedType('teletexString', char.TeletexString().subtype( 

201 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 

202 namedtype.NamedType('printableString', char.PrintableString().subtype( 

203 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 

204 namedtype.NamedType('universalString', char.UniversalString().subtype( 

205 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 

206 namedtype.NamedType('utf8String', char.UTF8String().subtype( 

207 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))), 

208 namedtype.NamedType('bmpString', char.BMPString().subtype( 

209 subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))) 

210 ) 

211 

212 

213id_at_title = univ.ObjectIdentifier('2.5.4.12') 

214 

215 

216class X520Title(univ.Choice): 

217 componentType = namedtype.NamedTypes( 

218 namedtype.NamedType('teletexString', 

219 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 

220 namedtype.NamedType('printableString', 

221 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 

222 namedtype.NamedType('universalString', 

223 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 

224 namedtype.NamedType('utf8String', 

225 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))), 

226 namedtype.NamedType('bmpString', 

227 char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))) 

228 ) 

229 

230 

231id_at_dnQualifier = univ.ObjectIdentifier('2.5.4.46') 

232 

233 

234class X520dnQualifier(char.PrintableString): 

235 pass 

236 

237 

238id_at_countryName = univ.ObjectIdentifier('2.5.4.6') 

239 

240 

241class X520countryName(char.PrintableString): 

242 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(2, 2) 

243 

244 

245pkcs_9 = univ.ObjectIdentifier('1.2.840.113549.1.9') 

246 

247emailAddress = univ.ObjectIdentifier('1.2.840.113549.1.9.1') 

248 

249 

250class Pkcs9email(char.IA5String): 

251 subtypeSpec = char.IA5String.subtypeSpec + constraint.ValueSizeConstraint(1, ub_emailaddress_length) 

252 

253 

254# ---- 

255 

256class DSAPrivateKey(univ.Sequence): 

257 """PKIX compliant DSA private key structure""" 

258 componentType = namedtype.NamedTypes( 

259 namedtype.NamedType('version', univ.Integer(namedValues=namedval.NamedValues(('v1', 0)))), 

260 namedtype.NamedType('p', univ.Integer()), 

261 namedtype.NamedType('q', univ.Integer()), 

262 namedtype.NamedType('g', univ.Integer()), 

263 namedtype.NamedType('public', univ.Integer()), 

264 namedtype.NamedType('private', univ.Integer()) 

265 ) 

266 

267 

268# ---- 

269 

270 

271class DirectoryString(univ.Choice): 

272 componentType = namedtype.NamedTypes( 

273 namedtype.NamedType('teletexString', 

274 char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 

275 namedtype.NamedType('printableString', 

276 char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 

277 namedtype.NamedType('universalString', 

278 char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 

279 namedtype.NamedType('utf8String', 

280 char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 

281 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 

282 namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) 

283 # hm, this should not be here!? XXX 

284 ) 

285 

286 

287# certificate and CRL specific structures begin here 

288 

289class AlgorithmIdentifier(univ.Sequence): 

290 componentType = namedtype.NamedTypes( 

291 namedtype.NamedType('algorithm', univ.ObjectIdentifier()), 

292 namedtype.OptionalNamedType('parameters', univ.Any()) 

293 ) 

294 

295 

296 

297# Algorithm OIDs and parameter structures 

298 

299pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') 

300rsaEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.1') 

301md2WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.2') 

302md5WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.4') 

303sha1WithRSAEncryption = univ.ObjectIdentifier('1.2.840.113549.1.1.5') 

304id_dsa_with_sha1 = univ.ObjectIdentifier('1.2.840.10040.4.3') 

305 

306 

307class Dss_Sig_Value(univ.Sequence): 

308 componentType = namedtype.NamedTypes( 

309 namedtype.NamedType('r', univ.Integer()), 

310 namedtype.NamedType('s', univ.Integer()) 

311 ) 

312 

313 

314dhpublicnumber = univ.ObjectIdentifier('1.2.840.10046.2.1') 

315 

316 

317class ValidationParms(univ.Sequence): 

318 componentType = namedtype.NamedTypes( 

319 namedtype.NamedType('seed', univ.BitString()), 

320 namedtype.NamedType('pgenCounter', univ.Integer()) 

321 ) 

322 

323 

324class DomainParameters(univ.Sequence): 

325 componentType = namedtype.NamedTypes( 

326 namedtype.NamedType('p', univ.Integer()), 

327 namedtype.NamedType('g', univ.Integer()), 

328 namedtype.NamedType('q', univ.Integer()), 

329 namedtype.NamedType('j', univ.Integer()), 

330 namedtype.OptionalNamedType('validationParms', ValidationParms()) 

331 ) 

332 

333 

334id_dsa = univ.ObjectIdentifier('1.2.840.10040.4.1') 

335 

336 

337class Dss_Parms(univ.Sequence): 

338 componentType = namedtype.NamedTypes( 

339 namedtype.NamedType('p', univ.Integer()), 

340 namedtype.NamedType('q', univ.Integer()), 

341 namedtype.NamedType('g', univ.Integer()) 

342 ) 

343 

344 

345# x400 address syntax starts here 

346 

347teletex_domain_defined_attributes = univ.Integer(6) 

348 

349 

350class TeletexDomainDefinedAttribute(univ.Sequence): 

351 componentType = namedtype.NamedTypes( 

352 namedtype.NamedType('type', char.TeletexString().subtype( 

353 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 

354 namedtype.NamedType('value', char.TeletexString()) 

355 ) 

356 

357 

358class TeletexDomainDefinedAttributes(univ.SequenceOf): 

359 componentType = TeletexDomainDefinedAttribute() 

360 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 

361 

362 

363terminal_type = univ.Integer(23) 

364 

365 

366class TerminalType(univ.Integer): 

367 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, ub_integer_options) 

368 namedValues = namedval.NamedValues( 

369 ('telex', 3), 

370 ('teletelex', 4), 

371 ('g3-facsimile', 5), 

372 ('g4-facsimile', 6), 

373 ('ia5-terminal', 7), 

374 ('videotex', 8) 

375 ) 

376 

377 

378class PresentationAddress(univ.Sequence): 

379 componentType = namedtype.NamedTypes( 

380 namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype( 

381 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

382 namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype( 

383 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

384 namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype( 

385 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

386 namedtype.OptionalNamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype( 

387 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3), 

388 subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), 

389 ) 

390 

391 

392extended_network_address = univ.Integer(22) 

393 

394 

395class E163_4_address(univ.Sequence): 

396 componentType = namedtype.NamedTypes( 

397 namedtype.NamedType('number', char.NumericString().subtype( 

398 subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length), 

399 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

400 namedtype.OptionalNamedType('sub-address', char.NumericString().subtype( 

401 subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length), 

402 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 

403 ) 

404 

405 

406class ExtendedNetworkAddress(univ.Choice): 

407 componentType = namedtype.NamedTypes( 

408 namedtype.NamedType('e163-4-address', E163_4_address()), 

409 namedtype.NamedType('psap-address', PresentationAddress().subtype( 

410 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 

411 ) 

412 

413 

414class PDSParameter(univ.Set): 

415 componentType = namedtype.NamedTypes( 

416 namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype( 

417 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))), 

418 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( 

419 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))) 

420 ) 

421 

422 

423local_postal_attributes = univ.Integer(21) 

424 

425 

426class LocalPostalAttributes(PDSParameter): 

427 pass 

428 

429 

430class UniquePostalName(PDSParameter): 

431 pass 

432 

433 

434unique_postal_name = univ.Integer(20) 

435 

436poste_restante_address = univ.Integer(19) 

437 

438 

439class PosteRestanteAddress(PDSParameter): 

440 pass 

441 

442 

443post_office_box_address = univ.Integer(18) 

444 

445 

446class PostOfficeBoxAddress(PDSParameter): 

447 pass 

448 

449 

450street_address = univ.Integer(17) 

451 

452 

453class StreetAddress(PDSParameter): 

454 pass 

455 

456 

457class UnformattedPostalAddress(univ.Set): 

458 componentType = namedtype.NamedTypes( 

459 namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype( 

460 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)).subtype( 

461 subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_physical_address_lines)))), 

462 namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype( 

463 subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length))) 

464 ) 

465 

466 

467physical_delivery_office_name = univ.Integer(10) 

468 

469 

470class PhysicalDeliveryOfficeName(PDSParameter): 

471 pass 

472 

473 

474physical_delivery_office_number = univ.Integer(11) 

475 

476 

477class PhysicalDeliveryOfficeNumber(PDSParameter): 

478 pass 

479 

480 

481extension_OR_address_components = univ.Integer(12) 

482 

483 

484class ExtensionORAddressComponents(PDSParameter): 

485 pass 

486 

487 

488physical_delivery_personal_name = univ.Integer(13) 

489 

490 

491class PhysicalDeliveryPersonalName(PDSParameter): 

492 pass 

493 

494 

495physical_delivery_organization_name = univ.Integer(14) 

496 

497 

498class PhysicalDeliveryOrganizationName(PDSParameter): 

499 pass 

500 

501 

502extension_physical_delivery_address_components = univ.Integer(15) 

503 

504 

505class ExtensionPhysicalDeliveryAddressComponents(PDSParameter): 

506 pass 

507 

508 

509unformatted_postal_address = univ.Integer(16) 

510 

511postal_code = univ.Integer(9) 

512 

513 

514class PostalCode(univ.Choice): 

515 componentType = namedtype.NamedTypes( 

516 namedtype.NamedType('numeric-code', char.NumericString().subtype( 

517 subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))), 

518 namedtype.NamedType('printable-code', char.PrintableString().subtype( 

519 subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))) 

520 ) 

521 

522 

523class PhysicalDeliveryCountryName(univ.Choice): 

524 componentType = namedtype.NamedTypes( 

525 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( 

526 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, 

527 ub_country_name_numeric_length))), 

528 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( 

529 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 

530 ) 

531 

532 

533class PDSName(char.PrintableString): 

534 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_pds_name_length) 

535 

536 

537physical_delivery_country_name = univ.Integer(8) 

538 

539 

540class TeletexOrganizationalUnitName(char.TeletexString): 

541 subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 

542 

543 

544pds_name = univ.Integer(7) 

545 

546teletex_organizational_unit_names = univ.Integer(5) 

547 

548 

549class TeletexOrganizationalUnitNames(univ.SequenceOf): 

550 componentType = TeletexOrganizationalUnitName() 

551 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) 

552 

553 

554teletex_personal_name = univ.Integer(4) 

555 

556 

557class TeletexPersonalName(univ.Set): 

558 componentType = namedtype.NamedTypes( 

559 namedtype.NamedType('surname', char.TeletexString().subtype( 

560 subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), 

561 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

562 namedtype.OptionalNamedType('given-name', char.TeletexString().subtype( 

563 subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), 

564 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

565 namedtype.OptionalNamedType('initials', char.TeletexString().subtype( 

566 subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), 

567 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

568 namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype( 

569 subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), 

570 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 

571 ) 

572 

573 

574teletex_organization_name = univ.Integer(3) 

575 

576 

577class TeletexOrganizationName(char.TeletexString): 

578 subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) 

579 

580 

581teletex_common_name = univ.Integer(2) 

582 

583 

584class TeletexCommonName(char.TeletexString): 

585 subtypeSpec = char.TeletexString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) 

586 

587 

588class CommonName(char.PrintableString): 

589 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_common_name_length) 

590 

591 

592common_name = univ.Integer(1) 

593 

594 

595class ExtensionAttribute(univ.Sequence): 

596 componentType = namedtype.NamedTypes( 

597 namedtype.NamedType('extension-attribute-type', univ.Integer().subtype( 

598 subtypeSpec=constraint.ValueSizeConstraint(0, ub_extension_attributes), 

599 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

600 namedtype.NamedType('extension-attribute-value', 

601 univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 

602 ) 

603 

604 

605class ExtensionAttributes(univ.SetOf): 

606 componentType = ExtensionAttribute() 

607 sizeSpec = univ.SetOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_extension_attributes) 

608 

609 

610class BuiltInDomainDefinedAttribute(univ.Sequence): 

611 componentType = namedtype.NamedTypes( 

612 namedtype.NamedType('type', char.PrintableString().subtype( 

613 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))), 

614 namedtype.NamedType('value', char.PrintableString().subtype( 

615 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length))) 

616 ) 

617 

618 

619class BuiltInDomainDefinedAttributes(univ.SequenceOf): 

620 componentType = BuiltInDomainDefinedAttribute() 

621 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_domain_defined_attributes) 

622 

623 

624class OrganizationalUnitName(char.PrintableString): 

625 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length) 

626 

627 

628class OrganizationalUnitNames(univ.SequenceOf): 

629 componentType = OrganizationalUnitName() 

630 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, ub_organizational_units) 

631 

632 

633class PersonalName(univ.Set): 

634 componentType = namedtype.NamedTypes( 

635 namedtype.NamedType('surname', char.PrintableString().subtype( 

636 subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length), 

637 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

638 namedtype.OptionalNamedType('given-name', char.PrintableString().subtype( 

639 subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length), 

640 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

641 namedtype.OptionalNamedType('initials', char.PrintableString().subtype( 

642 subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length), 

643 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

644 namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype( 

645 subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length), 

646 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 

647 ) 

648 

649 

650class NumericUserIdentifier(char.NumericString): 

651 subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_numeric_user_id_length) 

652 

653 

654class OrganizationName(char.PrintableString): 

655 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_organization_name_length) 

656 

657 

658class PrivateDomainName(univ.Choice): 

659 componentType = namedtype.NamedTypes( 

660 namedtype.NamedType('numeric', char.NumericString().subtype( 

661 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))), 

662 namedtype.NamedType('printable', char.PrintableString().subtype( 

663 subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))) 

664 ) 

665 

666 

667class TerminalIdentifier(char.PrintableString): 

668 subtypeSpec = char.PrintableString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_terminal_id_length) 

669 

670 

671class X121Address(char.NumericString): 

672 subtypeSpec = char.NumericString.subtypeSpec + constraint.ValueSizeConstraint(1, ub_x121_address_length) 

673 

674 

675class NetworkAddress(X121Address): 

676 pass 

677 

678 

679class AdministrationDomainName(univ.Choice): 

680 tagSet = univ.Choice.tagSet.tagExplicitly( 

681 tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2) 

682 ) 

683 componentType = namedtype.NamedTypes( 

684 namedtype.NamedType('numeric', char.NumericString().subtype( 

685 subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))), 

686 namedtype.NamedType('printable', char.PrintableString().subtype( 

687 subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))) 

688 ) 

689 

690 

691class CountryName(univ.Choice): 

692 tagSet = univ.Choice.tagSet.tagExplicitly( 

693 tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1) 

694 ) 

695 componentType = namedtype.NamedTypes( 

696 namedtype.NamedType('x121-dcc-code', char.NumericString().subtype( 

697 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, 

698 ub_country_name_numeric_length))), 

699 namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype( 

700 subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length))) 

701 ) 

702 

703 

704class BuiltInStandardAttributes(univ.Sequence): 

705 componentType = namedtype.NamedTypes( 

706 namedtype.OptionalNamedType('country-name', CountryName()), 

707 namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()), 

708 namedtype.OptionalNamedType('network-address', NetworkAddress().subtype( 

709 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

710 namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype( 

711 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

712 namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype( 

713 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

714 namedtype.OptionalNamedType('organization-name', OrganizationName().subtype( 

715 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 

716 namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype( 

717 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), 

718 namedtype.OptionalNamedType('personal-name', PersonalName().subtype( 

719 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), 

720 namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype( 

721 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))) 

722 ) 

723 

724 

725class ORAddress(univ.Sequence): 

726 componentType = namedtype.NamedTypes( 

727 namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()), 

728 namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()), 

729 namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes()) 

730 ) 

731 

732 

733# 

734# PKIX1Implicit88 

735# 

736 

737id_ce_invalidityDate = univ.ObjectIdentifier('2.5.29.24') 

738 

739 

740class InvalidityDate(useful.GeneralizedTime): 

741 pass 

742 

743 

744id_holdinstruction_none = univ.ObjectIdentifier('2.2.840.10040.2.1') 

745id_holdinstruction_callissuer = univ.ObjectIdentifier('2.2.840.10040.2.2') 

746id_holdinstruction_reject = univ.ObjectIdentifier('2.2.840.10040.2.3') 

747 

748holdInstruction = univ.ObjectIdentifier('2.2.840.10040.2') 

749 

750id_ce_holdInstructionCode = univ.ObjectIdentifier('2.5.29.23') 

751 

752 

753class HoldInstructionCode(univ.ObjectIdentifier): 

754 pass 

755 

756 

757id_ce_cRLReasons = univ.ObjectIdentifier('2.5.29.21') 

758 

759 

760class CRLReason(univ.Enumerated): 

761 namedValues = namedval.NamedValues( 

762 ('unspecified', 0), 

763 ('keyCompromise', 1), 

764 ('cACompromise', 2), 

765 ('affiliationChanged', 3), 

766 ('superseded', 4), 

767 ('cessationOfOperation', 5), 

768 ('certificateHold', 6), 

769 ('removeFromCRL', 8) 

770 ) 

771 

772 

773id_ce_cRLNumber = univ.ObjectIdentifier('2.5.29.20') 

774 

775 

776class CRLNumber(univ.Integer): 

777 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) 

778 

779 

780class BaseCRLNumber(CRLNumber): 

781 pass 

782 

783 

784id_kp_serverAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.1') 

785id_kp_clientAuth = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.2') 

786id_kp_codeSigning = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.3') 

787id_kp_emailProtection = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.4') 

788id_kp_ipsecEndSystem = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.5') 

789id_kp_ipsecTunnel = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.6') 

790id_kp_ipsecUser = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.7') 

791id_kp_timeStamping = univ.ObjectIdentifier('1.3.6.1.5.5.7.3.8') 

792id_pe_authorityInfoAccess = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.1') 

793id_ce_extKeyUsage = univ.ObjectIdentifier('2.5.29.37') 

794 

795 

796class KeyPurposeId(univ.ObjectIdentifier): 

797 pass 

798 

799 

800class ExtKeyUsageSyntax(univ.SequenceOf): 

801 componentType = KeyPurposeId() 

802 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

803 

804 

805class ReasonFlags(univ.BitString): 

806 namedValues = namedval.NamedValues( 

807 ('unused', 0), 

808 ('keyCompromise', 1), 

809 ('cACompromise', 2), 

810 ('affiliationChanged', 3), 

811 ('superseded', 4), 

812 ('cessationOfOperation', 5), 

813 ('certificateHold', 6) 

814 ) 

815 

816 

817class SkipCerts(univ.Integer): 

818 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueSizeConstraint(0, MAX) 

819 

820 

821id_ce_policyConstraints = univ.ObjectIdentifier('2.5.29.36') 

822 

823 

824class PolicyConstraints(univ.Sequence): 

825 componentType = namedtype.NamedTypes( 

826 namedtype.OptionalNamedType('requireExplicitPolicy', SkipCerts().subtype( 

827 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 

828 namedtype.OptionalNamedType('inhibitPolicyMapping', SkipCerts().subtype( 

829 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 

830 ) 

831 

832 

833id_ce_basicConstraints = univ.ObjectIdentifier('2.5.29.19') 

834 

835 

836class BasicConstraints(univ.Sequence): 

837 componentType = namedtype.NamedTypes( 

838 namedtype.DefaultedNamedType('cA', univ.Boolean(False)), 

839 namedtype.OptionalNamedType('pathLenConstraint', 

840 univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) 

841 ) 

842 

843 

844id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9') 

845 

846 

847class EDIPartyName(univ.Sequence): 

848 componentType = namedtype.NamedTypes( 

849 namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype( 

850 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

851 namedtype.NamedType('partyName', 

852 DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 

853 ) 

854 

855 

856 

857id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27') 

858 

859 

860 

861class BaseDistance(univ.Integer): 

862 subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX) 

863 

864 

865id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31') 

866 

867 

868id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28') 

869 

870 

871 

872 

873id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30') 

874 

875 

876class DisplayText(univ.Choice): 

877 componentType = namedtype.NamedTypes( 

878 namedtype.NamedType('visibleString', 

879 char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 

880 namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))), 

881 namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))) 

882 ) 

883 

884 

885class NoticeReference(univ.Sequence): 

886 componentType = namedtype.NamedTypes( 

887 namedtype.NamedType('organization', DisplayText()), 

888 namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer())) 

889 ) 

890 

891 

892class UserNotice(univ.Sequence): 

893 componentType = namedtype.NamedTypes( 

894 namedtype.OptionalNamedType('noticeRef', NoticeReference()), 

895 namedtype.OptionalNamedType('explicitText', DisplayText()) 

896 ) 

897 

898 

899class CPSuri(char.IA5String): 

900 pass 

901 

902 

903class PolicyQualifierId(univ.ObjectIdentifier): 

904 subtypeSpec = univ.ObjectIdentifier.subtypeSpec + constraint.SingleValueConstraint(id_qt_cps, id_qt_unotice) 

905 

906 

907class CertPolicyId(univ.ObjectIdentifier): 

908 pass 

909 

910 

911class PolicyQualifierInfo(univ.Sequence): 

912 componentType = namedtype.NamedTypes( 

913 namedtype.NamedType('policyQualifierId', PolicyQualifierId()), 

914 namedtype.NamedType('qualifier', univ.Any()) 

915 ) 

916 

917 

918id_ce_certificatePolicies = univ.ObjectIdentifier('2.5.29.32') 

919 

920 

921class PolicyInformation(univ.Sequence): 

922 componentType = namedtype.NamedTypes( 

923 namedtype.NamedType('policyIdentifier', CertPolicyId()), 

924 namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()).subtype( 

925 subtypeSpec=constraint.ValueSizeConstraint(1, MAX))) 

926 ) 

927 

928 

929class CertificatePolicies(univ.SequenceOf): 

930 componentType = PolicyInformation() 

931 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

932 

933 

934id_ce_policyMappings = univ.ObjectIdentifier('2.5.29.33') 

935 

936 

937class PolicyMapping(univ.Sequence): 

938 componentType = namedtype.NamedTypes( 

939 namedtype.NamedType('issuerDomainPolicy', CertPolicyId()), 

940 namedtype.NamedType('subjectDomainPolicy', CertPolicyId()) 

941 ) 

942 

943 

944class PolicyMappings(univ.SequenceOf): 

945 componentType = PolicyMapping() 

946 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

947 

948 

949id_ce_privateKeyUsagePeriod = univ.ObjectIdentifier('2.5.29.16') 

950 

951 

952class PrivateKeyUsagePeriod(univ.Sequence): 

953 componentType = namedtype.NamedTypes( 

954 namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype( 

955 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

956 namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype( 

957 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 

958 ) 

959 

960 

961id_ce_keyUsage = univ.ObjectIdentifier('2.5.29.15') 

962 

963 

964class KeyUsage(univ.BitString): 

965 namedValues = namedval.NamedValues( 

966 ('digitalSignature', 0), 

967 ('nonRepudiation', 1), 

968 ('keyEncipherment', 2), 

969 ('dataEncipherment', 3), 

970 ('keyAgreement', 4), 

971 ('keyCertSign', 5), 

972 ('cRLSign', 6), 

973 ('encipherOnly', 7), 

974 ('decipherOnly', 8) 

975 ) 

976 

977 

978id_ce = univ.ObjectIdentifier('2.5.29') 

979 

980id_ce_authorityKeyIdentifier = univ.ObjectIdentifier('2.5.29.35') 

981 

982 

983class KeyIdentifier(univ.OctetString): 

984 pass 

985 

986 

987id_ce_subjectKeyIdentifier = univ.ObjectIdentifier('2.5.29.14') 

988 

989 

990class SubjectKeyIdentifier(KeyIdentifier): 

991 pass 

992 

993 

994id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29') 

995 

996 

997id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17') 

998 

999 

1000id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18') 

1001 

1002 

1003class AttributeValue(univ.Any): 

1004 pass 

1005 

1006 

1007class AttributeType(univ.ObjectIdentifier): 

1008 pass 

1009 

1010certificateAttributesMap = {} 

1011 

1012 

1013class AttributeTypeAndValue(univ.Sequence): 

1014 componentType = namedtype.NamedTypes( 

1015 namedtype.NamedType('type', AttributeType()), 

1016 namedtype.NamedType('value', AttributeValue(), 

1017 openType=opentype.OpenType('type', certificateAttributesMap)) 

1018 ) 

1019 

1020 

1021class Attribute(univ.Sequence): 

1022 componentType = namedtype.NamedTypes( 

1023 namedtype.NamedType('type', AttributeType()), 

1024 namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue())) 

1025 ) 

1026 

1027 

1028class SubjectDirectoryAttributes(univ.SequenceOf): 

1029 componentType = Attribute() 

1030 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

1031 

1032 

1033class RelativeDistinguishedName(univ.SetOf): 

1034 componentType = AttributeTypeAndValue() 

1035 

1036 

1037class RDNSequence(univ.SequenceOf): 

1038 componentType = RelativeDistinguishedName() 

1039 

1040 

1041class Name(univ.Choice): 

1042 componentType = namedtype.NamedTypes( 

1043 namedtype.NamedType('', RDNSequence()) 

1044 ) 

1045 

1046class CertificateSerialNumber(univ.Integer): 

1047 pass 

1048 

1049 

1050class AnotherName(univ.Sequence): 

1051 componentType = namedtype.NamedTypes( 

1052 namedtype.NamedType('type-id', univ.ObjectIdentifier()), 

1053 namedtype.NamedType('value', 

1054 univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))) 

1055 ) 

1056 

1057 

1058class GeneralName(univ.Choice): 

1059 componentType = namedtype.NamedTypes( 

1060 namedtype.NamedType('otherName', 

1061 AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

1062 namedtype.NamedType('rfc822Name', 

1063 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

1064 namedtype.NamedType('dNSName', 

1065 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

1066 namedtype.NamedType('x400Address', 

1067 ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 

1068 namedtype.NamedType('directoryName', 

1069 Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), 

1070 namedtype.NamedType('ediPartyName', 

1071 EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), 

1072 namedtype.NamedType('uniformResourceIdentifier', 

1073 char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))), 

1074 namedtype.NamedType('iPAddress', univ.OctetString().subtype( 

1075 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), 

1076 namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype( 

1077 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))) 

1078 ) 

1079 

1080 

1081class GeneralNames(univ.SequenceOf): 

1082 componentType = GeneralName() 

1083 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

1084 

1085 

1086class AccessDescription(univ.Sequence): 

1087 componentType = namedtype.NamedTypes( 

1088 namedtype.NamedType('accessMethod', univ.ObjectIdentifier()), 

1089 namedtype.NamedType('accessLocation', GeneralName()) 

1090 ) 

1091 

1092 

1093class AuthorityInfoAccessSyntax(univ.SequenceOf): 

1094 componentType = AccessDescription() 

1095 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

1096 

1097 

1098class AuthorityKeyIdentifier(univ.Sequence): 

1099 componentType = namedtype.NamedTypes( 

1100 namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype( 

1101 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

1102 namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype( 

1103 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

1104 namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype( 

1105 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 

1106 ) 

1107 

1108 

1109class DistributionPointName(univ.Choice): 

1110 componentType = namedtype.NamedTypes( 

1111 namedtype.NamedType('fullName', GeneralNames().subtype( 

1112 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 

1113 namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype( 

1114 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 

1115 ) 

1116 

1117 

1118class DistributionPoint(univ.Sequence): 

1119 componentType = namedtype.NamedTypes( 

1120 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( 

1121 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 

1122 namedtype.OptionalNamedType('reasons', ReasonFlags().subtype( 

1123 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

1124 namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype( 

1125 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) 

1126 ) 

1127 

1128 

1129class CRLDistPointsSyntax(univ.SequenceOf): 

1130 componentType = DistributionPoint() 

1131 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

1132 

1133 

1134class IssuingDistributionPoint(univ.Sequence): 

1135 componentType = namedtype.NamedTypes( 

1136 namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype( 

1137 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 

1138 namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype( 

1139 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

1140 namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype( 

1141 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

1142 namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype( 

1143 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 

1144 namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype( 

1145 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))) 

1146 ) 

1147 

1148 

1149class GeneralSubtree(univ.Sequence): 

1150 componentType = namedtype.NamedTypes( 

1151 namedtype.NamedType('base', GeneralName()), 

1152 namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype( 

1153 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 

1154 namedtype.OptionalNamedType('maximum', BaseDistance().subtype( 

1155 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 

1156 ) 

1157 

1158 

1159class GeneralSubtrees(univ.SequenceOf): 

1160 componentType = GeneralSubtree() 

1161 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

1162 

1163 

1164class NameConstraints(univ.Sequence): 

1165 componentType = namedtype.NamedTypes( 

1166 namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype( 

1167 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), 

1168 namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype( 

1169 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) 

1170 ) 

1171 

1172 

1173class CertificateIssuer(GeneralNames): 

1174 pass 

1175 

1176 

1177class SubjectAltName(GeneralNames): 

1178 pass 

1179 

1180 

1181class IssuerAltName(GeneralNames): 

1182 pass 

1183 

1184 

1185certificateExtensionsMap = {} 

1186 

1187 

1188class Extension(univ.Sequence): 

1189 componentType = namedtype.NamedTypes( 

1190 namedtype.NamedType('extnID', univ.ObjectIdentifier()), 

1191 namedtype.DefaultedNamedType('critical', univ.Boolean('False')), 

1192 namedtype.NamedType('extnValue', univ.OctetString(), 

1193 openType=opentype.OpenType('extnID', certificateExtensionsMap)) 

1194 ) 

1195 

1196 

1197class Extensions(univ.SequenceOf): 

1198 componentType = Extension() 

1199 sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX) 

1200 

1201 

1202class SubjectPublicKeyInfo(univ.Sequence): 

1203 componentType = namedtype.NamedTypes( 

1204 namedtype.NamedType('algorithm', AlgorithmIdentifier()), 

1205 namedtype.NamedType('subjectPublicKey', univ.BitString()) 

1206 ) 

1207 

1208 

1209class UniqueIdentifier(univ.BitString): 

1210 pass 

1211 

1212 

1213class Time(univ.Choice): 

1214 componentType = namedtype.NamedTypes( 

1215 namedtype.NamedType('utcTime', useful.UTCTime()), 

1216 namedtype.NamedType('generalTime', useful.GeneralizedTime()) 

1217 ) 

1218 

1219 

1220class Validity(univ.Sequence): 

1221 componentType = namedtype.NamedTypes( 

1222 namedtype.NamedType('notBefore', Time()), 

1223 namedtype.NamedType('notAfter', Time()) 

1224 ) 

1225 

1226 

1227class Version(univ.Integer): 

1228 namedValues = namedval.NamedValues( 

1229 ('v1', 0), ('v2', 1), ('v3', 2) 

1230 ) 

1231 

1232 

1233class TBSCertificate(univ.Sequence): 

1234 componentType = namedtype.NamedTypes( 

1235 namedtype.DefaultedNamedType('version', Version('v1').subtype( 

1236 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 

1237 namedtype.NamedType('serialNumber', CertificateSerialNumber()), 

1238 namedtype.NamedType('signature', AlgorithmIdentifier()), 

1239 namedtype.NamedType('issuer', Name()), 

1240 namedtype.NamedType('validity', Validity()), 

1241 namedtype.NamedType('subject', Name()), 

1242 namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()), 

1243 namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype( 

1244 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 

1245 namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype( 

1246 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 

1247 namedtype.OptionalNamedType('extensions', Extensions().subtype( 

1248 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 

1249 ) 

1250 

1251 

1252class Certificate(univ.Sequence): 

1253 componentType = namedtype.NamedTypes( 

1254 namedtype.NamedType('tbsCertificate', TBSCertificate()), 

1255 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 

1256 namedtype.NamedType('signatureValue', univ.BitString()) 

1257 ) 

1258 

1259# CRL structures 

1260 

1261class RevokedCertificate(univ.Sequence): 

1262 componentType = namedtype.NamedTypes( 

1263 namedtype.NamedType('userCertificate', CertificateSerialNumber()), 

1264 namedtype.NamedType('revocationDate', Time()), 

1265 namedtype.OptionalNamedType('crlEntryExtensions', Extensions()) 

1266 ) 

1267 

1268 

1269class TBSCertList(univ.Sequence): 

1270 componentType = namedtype.NamedTypes( 

1271 namedtype.OptionalNamedType('version', Version()), 

1272 namedtype.NamedType('signature', AlgorithmIdentifier()), 

1273 namedtype.NamedType('issuer', Name()), 

1274 namedtype.NamedType('thisUpdate', Time()), 

1275 namedtype.OptionalNamedType('nextUpdate', Time()), 

1276 namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())), 

1277 namedtype.OptionalNamedType('crlExtensions', Extensions().subtype( 

1278 explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))) 

1279 ) 

1280 

1281 

1282class CertificateList(univ.Sequence): 

1283 componentType = namedtype.NamedTypes( 

1284 namedtype.NamedType('tbsCertList', TBSCertList()), 

1285 namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()), 

1286 namedtype.NamedType('signature', univ.BitString()) 

1287 ) 

1288 

1289# map of AttributeType -> AttributeValue 

1290 

1291_certificateAttributesMapUpdate = { 

1292 id_at_name: X520name(), 

1293 id_at_surname: X520name(), 

1294 id_at_givenName: X520name(), 

1295 id_at_initials: X520name(), 

1296 id_at_generationQualifier: X520name(), 

1297 id_at_commonName: X520CommonName(), 

1298 id_at_localityName: X520LocalityName(), 

1299 id_at_stateOrProvinceName: X520StateOrProvinceName(), 

1300 id_at_organizationName: X520OrganizationName(), 

1301 id_at_organizationalUnitName: X520OrganizationalUnitName(), 

1302 id_at_title: X520Title(), 

1303 id_at_dnQualifier: X520dnQualifier(), 

1304 id_at_countryName: X520countryName(), 

1305 emailAddress: Pkcs9email(), 

1306} 

1307 

1308certificateAttributesMap.update(_certificateAttributesMapUpdate) 

1309 

1310 

1311# map of Certificate Extension OIDs to Extensions 

1312 

1313_certificateExtensionsMapUpdate = { 

1314 id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(), 

1315 id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(), 

1316 id_ce_keyUsage: KeyUsage(), 

1317 id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(), 

1318 id_ce_certificatePolicies: CertificatePolicies(), 

1319 id_ce_policyMappings: PolicyMappings(), 

1320 id_ce_subjectAltName: SubjectAltName(), 

1321 id_ce_issuerAltName: IssuerAltName(), 

1322 id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(), 

1323 id_ce_basicConstraints: BasicConstraints(), 

1324 id_ce_nameConstraints: NameConstraints(), 

1325 id_ce_policyConstraints: PolicyConstraints(), 

1326 id_ce_extKeyUsage: ExtKeyUsageSyntax(), 

1327 id_ce_cRLDistributionPoints: CRLDistPointsSyntax(), 

1328 id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(), 

1329 id_ce_cRLNumber: univ.Integer(), 

1330 id_ce_deltaCRLIndicator: BaseCRLNumber(), 

1331 id_ce_issuingDistributionPoint: IssuingDistributionPoint(), 

1332 id_ce_cRLReasons: CRLReason(), 

1333 id_ce_holdInstructionCode: univ.ObjectIdentifier(), 

1334 id_ce_invalidityDate: useful.GeneralizedTime(), 

1335 id_ce_certificateIssuer: GeneralNames(), 

1336} 

1337 

1338certificateExtensionsMap.update(_certificateExtensionsMapUpdate) 

1339