rfc5280.py 50 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658
  1. # coding: utf-8
  2. #
  3. # This file is part of pyasn1-modules software.
  4. #
  5. # Created by Stanisław Pitucha with asn1ate tool.
  6. # Updated by Russ Housley for ORAddress Extension Attribute opentype support.
  7. # Updated by Russ Housley for AlgorithmIdentifier opentype support.
  8. #
  9. # Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
  10. # License: http://snmplabs.com/pyasn1/license.html
  11. #
  12. # Internet X.509 Public Key Infrastructure Certificate and Certificate
  13. # Revocation List (CRL) Profile
  14. #
  15. # ASN.1 source from:
  16. # https://www.rfc-editor.org/rfc/rfc5280.txt
  17. #
  18. from pyasn1.type import char
  19. from pyasn1.type import constraint
  20. from pyasn1.type import namedtype
  21. from pyasn1.type import namedval
  22. from pyasn1.type import opentype
  23. from pyasn1.type import tag
  24. from pyasn1.type import univ
  25. from pyasn1.type import useful
  26. MAX = float('inf')
  27. def _buildOid(*components):
  28. output = []
  29. for x in tuple(components):
  30. if isinstance(x, univ.ObjectIdentifier):
  31. output.extend(list(x))
  32. else:
  33. output.append(int(x))
  34. return univ.ObjectIdentifier(output)
  35. ub_e163_4_sub_address_length = univ.Integer(40)
  36. ub_e163_4_number_length = univ.Integer(15)
  37. unformatted_postal_address = univ.Integer(16)
  38. class TerminalType(univ.Integer):
  39. pass
  40. TerminalType.namedValues = namedval.NamedValues(
  41. ('telex', 3),
  42. ('teletex', 4),
  43. ('g3-facsimile', 5),
  44. ('g4-facsimile', 6),
  45. ('ia5-terminal', 7),
  46. ('videotex', 8)
  47. )
  48. class Extension(univ.Sequence):
  49. pass
  50. Extension.componentType = namedtype.NamedTypes(
  51. namedtype.NamedType('extnID', univ.ObjectIdentifier()),
  52. namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)),
  53. namedtype.NamedType('extnValue', univ.OctetString())
  54. )
  55. class Extensions(univ.SequenceOf):
  56. pass
  57. Extensions.componentType = Extension()
  58. Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  59. physical_delivery_personal_name = univ.Integer(13)
  60. ub_unformatted_address_length = univ.Integer(180)
  61. ub_pds_parameter_length = univ.Integer(30)
  62. ub_pds_physical_address_lines = univ.Integer(6)
  63. class UnformattedPostalAddress(univ.Set):
  64. pass
  65. UnformattedPostalAddress.componentType = namedtype.NamedTypes(
  66. namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(
  67. subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))),
  68. namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(
  69. subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length)))
  70. )
  71. ub_organization_name = univ.Integer(64)
  72. class X520OrganizationName(univ.Choice):
  73. pass
  74. X520OrganizationName.componentType = namedtype.NamedTypes(
  75. namedtype.NamedType('teletexString', char.TeletexString().subtype(
  76. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  77. namedtype.NamedType('printableString', char.PrintableString().subtype(
  78. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  79. namedtype.NamedType('universalString', char.UniversalString().subtype(
  80. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  81. namedtype.NamedType('utf8String',
  82. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  83. namedtype.NamedType('bmpString',
  84. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name)))
  85. )
  86. ub_x121_address_length = univ.Integer(16)
  87. pds_name = univ.Integer(7)
  88. id_pkix = _buildOid(1, 3, 6, 1, 5, 5, 7)
  89. id_kp = _buildOid(id_pkix, 3)
  90. ub_postal_code_length = univ.Integer(16)
  91. class PostalCode(univ.Choice):
  92. pass
  93. PostalCode.componentType = namedtype.NamedTypes(
  94. namedtype.NamedType('numeric-code', char.NumericString().subtype(
  95. subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))),
  96. namedtype.NamedType('printable-code', char.PrintableString().subtype(
  97. subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length)))
  98. )
  99. ub_generation_qualifier_length = univ.Integer(3)
  100. unique_postal_name = univ.Integer(20)
  101. class DomainComponent(char.IA5String):
  102. pass
  103. ub_domain_defined_attribute_value_length = univ.Integer(128)
  104. ub_match = univ.Integer(128)
  105. id_at = _buildOid(2, 5, 4)
  106. class AttributeType(univ.ObjectIdentifier):
  107. pass
  108. id_at_organizationalUnitName = _buildOid(id_at, 11)
  109. terminal_type = univ.Integer(23)
  110. class PDSParameter(univ.Set):
  111. pass
  112. PDSParameter.componentType = namedtype.NamedTypes(
  113. namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(
  114. subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))),
  115. namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(
  116. subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))
  117. )
  118. class PhysicalDeliveryPersonalName(PDSParameter):
  119. pass
  120. ub_surname_length = univ.Integer(40)
  121. id_ad = _buildOid(id_pkix, 48)
  122. ub_domain_defined_attribute_type_length = univ.Integer(8)
  123. class TeletexDomainDefinedAttribute(univ.Sequence):
  124. pass
  125. TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes(
  126. namedtype.NamedType('type', char.TeletexString().subtype(
  127. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))),
  128. namedtype.NamedType('value', char.TeletexString().subtype(
  129. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length)))
  130. )
  131. ub_domain_defined_attributes = univ.Integer(4)
  132. class TeletexDomainDefinedAttributes(univ.SequenceOf):
  133. pass
  134. TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute()
  135. TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
  136. extended_network_address = univ.Integer(22)
  137. ub_locality_name = univ.Integer(128)
  138. class X520LocalityName(univ.Choice):
  139. pass
  140. X520LocalityName.componentType = namedtype.NamedTypes(
  141. namedtype.NamedType('teletexString',
  142. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  143. namedtype.NamedType('printableString', char.PrintableString().subtype(
  144. subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  145. namedtype.NamedType('universalString', char.UniversalString().subtype(
  146. subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  147. namedtype.NamedType('utf8String',
  148. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  149. namedtype.NamedType('bmpString',
  150. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name)))
  151. )
  152. teletex_organization_name = univ.Integer(3)
  153. ub_given_name_length = univ.Integer(16)
  154. ub_initials_length = univ.Integer(5)
  155. class PersonalName(univ.Set):
  156. pass
  157. PersonalName.componentType = namedtype.NamedTypes(
  158. namedtype.NamedType('surname', char.PrintableString().subtype(
  159. subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(
  160. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  161. namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(
  162. subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(
  163. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  164. namedtype.OptionalNamedType('initials', char.PrintableString().subtype(
  165. subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(
  166. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  167. namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(
  168. subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(
  169. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  170. )
  171. ub_organizational_unit_name_length = univ.Integer(32)
  172. class OrganizationalUnitName(char.PrintableString):
  173. pass
  174. OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length)
  175. id_at_generationQualifier = _buildOid(id_at, 44)
  176. class Version(univ.Integer):
  177. pass
  178. Version.namedValues = namedval.NamedValues(
  179. ('v1', 0),
  180. ('v2', 1),
  181. ('v3', 2)
  182. )
  183. class CertificateSerialNumber(univ.Integer):
  184. pass
  185. algorithmIdentifierMap = {}
  186. class AlgorithmIdentifier(univ.Sequence):
  187. componentType = namedtype.NamedTypes(
  188. namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
  189. namedtype.OptionalNamedType('parameters', univ.Any(),
  190. openType=opentype.OpenType('algorithm', algorithmIdentifierMap)
  191. )
  192. )
  193. class Time(univ.Choice):
  194. pass
  195. Time.componentType = namedtype.NamedTypes(
  196. namedtype.NamedType('utcTime', useful.UTCTime()),
  197. namedtype.NamedType('generalTime', useful.GeneralizedTime())
  198. )
  199. class AttributeValue(univ.Any):
  200. pass
  201. certificateAttributesMap = {}
  202. class AttributeTypeAndValue(univ.Sequence):
  203. componentType = namedtype.NamedTypes(
  204. namedtype.NamedType('type', AttributeType()),
  205. namedtype.NamedType(
  206. 'value', AttributeValue(),
  207. openType=opentype.OpenType('type', certificateAttributesMap)
  208. )
  209. )
  210. class RelativeDistinguishedName(univ.SetOf):
  211. pass
  212. RelativeDistinguishedName.componentType = AttributeTypeAndValue()
  213. RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  214. class RDNSequence(univ.SequenceOf):
  215. pass
  216. RDNSequence.componentType = RelativeDistinguishedName()
  217. class Name(univ.Choice):
  218. pass
  219. Name.componentType = namedtype.NamedTypes(
  220. namedtype.NamedType('rdnSequence', RDNSequence())
  221. )
  222. class TBSCertList(univ.Sequence):
  223. pass
  224. TBSCertList.componentType = namedtype.NamedTypes(
  225. namedtype.OptionalNamedType('version', Version()),
  226. namedtype.NamedType('signature', AlgorithmIdentifier()),
  227. namedtype.NamedType('issuer', Name()),
  228. namedtype.NamedType('thisUpdate', Time()),
  229. namedtype.OptionalNamedType('nextUpdate', Time()),
  230. namedtype.OptionalNamedType(
  231. 'revokedCertificates', univ.SequenceOf(
  232. componentType=univ.Sequence(
  233. componentType=namedtype.NamedTypes(
  234. namedtype.NamedType('userCertificate', CertificateSerialNumber()),
  235. namedtype.NamedType('revocationDate', Time()),
  236. namedtype.OptionalNamedType('crlEntryExtensions', Extensions())
  237. )
  238. )
  239. )
  240. ),
  241. namedtype.OptionalNamedType(
  242. 'crlExtensions', Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
  243. )
  244. class CertificateList(univ.Sequence):
  245. pass
  246. CertificateList.componentType = namedtype.NamedTypes(
  247. namedtype.NamedType('tbsCertList', TBSCertList()),
  248. namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
  249. namedtype.NamedType('signature', univ.BitString())
  250. )
  251. class PhysicalDeliveryOfficeName(PDSParameter):
  252. pass
  253. ub_extension_attributes = univ.Integer(256)
  254. certificateExtensionsMap = {
  255. }
  256. oraddressExtensionAttributeMap = {
  257. }
  258. class ExtensionAttribute(univ.Sequence):
  259. componentType = namedtype.NamedTypes(
  260. namedtype.NamedType(
  261. 'extension-attribute-type',
  262. univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  263. namedtype.NamedType(
  264. 'extension-attribute-value',
  265. univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)),
  266. openType=opentype.OpenType('extension-attribute-type', oraddressExtensionAttributeMap))
  267. )
  268. id_qt = _buildOid(id_pkix, 2)
  269. id_qt_cps = _buildOid(id_qt, 1)
  270. id_at_stateOrProvinceName = _buildOid(id_at, 8)
  271. id_at_title = _buildOid(id_at, 12)
  272. id_at_serialNumber = _buildOid(id_at, 5)
  273. class X520dnQualifier(char.PrintableString):
  274. pass
  275. class PosteRestanteAddress(PDSParameter):
  276. pass
  277. poste_restante_address = univ.Integer(19)
  278. class UniqueIdentifier(univ.BitString):
  279. pass
  280. class Validity(univ.Sequence):
  281. pass
  282. Validity.componentType = namedtype.NamedTypes(
  283. namedtype.NamedType('notBefore', Time()),
  284. namedtype.NamedType('notAfter', Time())
  285. )
  286. class SubjectPublicKeyInfo(univ.Sequence):
  287. pass
  288. SubjectPublicKeyInfo.componentType = namedtype.NamedTypes(
  289. namedtype.NamedType('algorithm', AlgorithmIdentifier()),
  290. namedtype.NamedType('subjectPublicKey', univ.BitString())
  291. )
  292. class TBSCertificate(univ.Sequence):
  293. pass
  294. TBSCertificate.componentType = namedtype.NamedTypes(
  295. namedtype.DefaultedNamedType('version',
  296. Version().subtype(explicitTag=tag.Tag(tag.tagClassContext,
  297. tag.tagFormatSimple, 0)).subtype(value="v1")),
  298. namedtype.NamedType('serialNumber', CertificateSerialNumber()),
  299. namedtype.NamedType('signature', AlgorithmIdentifier()),
  300. namedtype.NamedType('issuer', Name()),
  301. namedtype.NamedType('validity', Validity()),
  302. namedtype.NamedType('subject', Name()),
  303. namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
  304. namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(
  305. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  306. namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(
  307. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  308. namedtype.OptionalNamedType('extensions',
  309. Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  310. )
  311. physical_delivery_office_name = univ.Integer(10)
  312. ub_name = univ.Integer(32768)
  313. class X520name(univ.Choice):
  314. pass
  315. X520name.componentType = namedtype.NamedTypes(
  316. namedtype.NamedType('teletexString',
  317. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  318. namedtype.NamedType('printableString',
  319. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  320. namedtype.NamedType('universalString',
  321. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  322. namedtype.NamedType('utf8String',
  323. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  324. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name)))
  325. )
  326. id_at_dnQualifier = _buildOid(id_at, 46)
  327. ub_serial_number = univ.Integer(64)
  328. ub_pseudonym = univ.Integer(128)
  329. pkcs_9 = _buildOid(1, 2, 840, 113549, 1, 9)
  330. class X121Address(char.NumericString):
  331. pass
  332. X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length)
  333. class NetworkAddress(X121Address):
  334. pass
  335. ub_integer_options = univ.Integer(256)
  336. id_at_commonName = _buildOid(id_at, 3)
  337. ub_organization_name_length = univ.Integer(64)
  338. id_ad_ocsp = _buildOid(id_ad, 1)
  339. ub_country_name_numeric_length = univ.Integer(3)
  340. ub_country_name_alpha_length = univ.Integer(2)
  341. class PhysicalDeliveryCountryName(univ.Choice):
  342. pass
  343. PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes(
  344. namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(
  345. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))),
  346. namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(
  347. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length)))
  348. )
  349. id_emailAddress = _buildOid(pkcs_9, 1)
  350. common_name = univ.Integer(1)
  351. class X520Pseudonym(univ.Choice):
  352. pass
  353. X520Pseudonym.componentType = namedtype.NamedTypes(
  354. namedtype.NamedType('teletexString',
  355. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  356. namedtype.NamedType('printableString',
  357. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  358. namedtype.NamedType('universalString',
  359. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  360. namedtype.NamedType('utf8String',
  361. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  362. namedtype.NamedType('bmpString',
  363. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym)))
  364. )
  365. ub_domain_name_length = univ.Integer(16)
  366. class AdministrationDomainName(univ.Choice):
  367. pass
  368. AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly(
  369. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2))
  370. AdministrationDomainName.componentType = namedtype.NamedTypes(
  371. namedtype.NamedType('numeric', char.NumericString().subtype(
  372. subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))),
  373. namedtype.NamedType('printable', char.PrintableString().subtype(
  374. subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length)))
  375. )
  376. class PresentationAddress(univ.Sequence):
  377. pass
  378. PresentationAddress.componentType = namedtype.NamedTypes(
  379. namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(
  380. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  381. namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(
  382. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  383. namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(
  384. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  385. namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(
  386. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  387. )
  388. class ExtendedNetworkAddress(univ.Choice):
  389. pass
  390. ExtendedNetworkAddress.componentType = namedtype.NamedTypes(
  391. namedtype.NamedType(
  392. 'e163-4-address', univ.Sequence(
  393. componentType=namedtype.NamedTypes(
  394. namedtype.NamedType('number', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  395. namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  396. )
  397. )
  398. ),
  399. namedtype.NamedType('psap-address', PresentationAddress().subtype(
  400. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
  401. )
  402. class TeletexOrganizationName(char.TeletexString):
  403. pass
  404. TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length)
  405. ub_terminal_id_length = univ.Integer(24)
  406. class TerminalIdentifier(char.PrintableString):
  407. pass
  408. TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length)
  409. id_ad_caIssuers = _buildOid(id_ad, 2)
  410. id_at_countryName = _buildOid(id_at, 6)
  411. class StreetAddress(PDSParameter):
  412. pass
  413. postal_code = univ.Integer(9)
  414. id_at_givenName = _buildOid(id_at, 42)
  415. ub_title = univ.Integer(64)
  416. class ExtensionAttributes(univ.SetOf):
  417. pass
  418. ExtensionAttributes.componentType = ExtensionAttribute()
  419. ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes)
  420. ub_emailaddress_length = univ.Integer(255)
  421. id_ad_caRepository = _buildOid(id_ad, 5)
  422. class ExtensionORAddressComponents(PDSParameter):
  423. pass
  424. ub_organizational_unit_name = univ.Integer(64)
  425. class X520OrganizationalUnitName(univ.Choice):
  426. pass
  427. X520OrganizationalUnitName.componentType = namedtype.NamedTypes(
  428. namedtype.NamedType('teletexString', char.TeletexString().subtype(
  429. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  430. namedtype.NamedType('printableString', char.PrintableString().subtype(
  431. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  432. namedtype.NamedType('universalString', char.UniversalString().subtype(
  433. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  434. namedtype.NamedType('utf8String', char.UTF8String().subtype(
  435. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  436. namedtype.NamedType('bmpString', char.BMPString().subtype(
  437. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name)))
  438. )
  439. class LocalPostalAttributes(PDSParameter):
  440. pass
  441. teletex_organizational_unit_names = univ.Integer(5)
  442. class X520Title(univ.Choice):
  443. pass
  444. X520Title.componentType = namedtype.NamedTypes(
  445. namedtype.NamedType('teletexString',
  446. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  447. namedtype.NamedType('printableString',
  448. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  449. namedtype.NamedType('universalString',
  450. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  451. namedtype.NamedType('utf8String',
  452. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  453. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title)))
  454. )
  455. id_at_localityName = _buildOid(id_at, 7)
  456. id_at_initials = _buildOid(id_at, 43)
  457. ub_state_name = univ.Integer(128)
  458. class X520StateOrProvinceName(univ.Choice):
  459. pass
  460. X520StateOrProvinceName.componentType = namedtype.NamedTypes(
  461. namedtype.NamedType('teletexString',
  462. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  463. namedtype.NamedType('printableString',
  464. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  465. namedtype.NamedType('universalString',
  466. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  467. namedtype.NamedType('utf8String',
  468. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  469. namedtype.NamedType('bmpString',
  470. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name)))
  471. )
  472. physical_delivery_organization_name = univ.Integer(14)
  473. id_at_surname = _buildOid(id_at, 4)
  474. class X520countryName(char.PrintableString):
  475. pass
  476. X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2)
  477. physical_delivery_office_number = univ.Integer(11)
  478. id_qt_unotice = _buildOid(id_qt, 2)
  479. class X520SerialNumber(char.PrintableString):
  480. pass
  481. X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number)
  482. class Attribute(univ.Sequence):
  483. componentType = namedtype.NamedTypes(
  484. namedtype.NamedType('type', AttributeType()),
  485. namedtype.NamedType('values',
  486. univ.SetOf(componentType=AttributeValue()),
  487. openType=opentype.OpenType('type', certificateAttributesMap))
  488. )
  489. ub_common_name = univ.Integer(64)
  490. id_pe = _buildOid(id_pkix, 1)
  491. class ExtensionPhysicalDeliveryAddressComponents(PDSParameter):
  492. pass
  493. class EmailAddress(char.IA5String):
  494. pass
  495. EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length)
  496. id_at_organizationName = _buildOid(id_at, 10)
  497. post_office_box_address = univ.Integer(18)
  498. class BuiltInDomainDefinedAttribute(univ.Sequence):
  499. pass
  500. BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes(
  501. namedtype.NamedType('type', char.PrintableString().subtype(
  502. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))),
  503. namedtype.NamedType('value', char.PrintableString().subtype(
  504. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length)))
  505. )
  506. class BuiltInDomainDefinedAttributes(univ.SequenceOf):
  507. pass
  508. BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute()
  509. BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
  510. id_at_pseudonym = _buildOid(id_at, 65)
  511. id_domainComponent = _buildOid(0, 9, 2342, 19200300, 100, 1, 25)
  512. class X520CommonName(univ.Choice):
  513. pass
  514. X520CommonName.componentType = namedtype.NamedTypes(
  515. namedtype.NamedType('teletexString',
  516. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  517. namedtype.NamedType('printableString',
  518. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  519. namedtype.NamedType('universalString',
  520. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  521. namedtype.NamedType('utf8String',
  522. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  523. namedtype.NamedType('bmpString',
  524. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name)))
  525. )
  526. extension_OR_address_components = univ.Integer(12)
  527. ub_organizational_units = univ.Integer(4)
  528. teletex_personal_name = univ.Integer(4)
  529. ub_numeric_user_id_length = univ.Integer(32)
  530. ub_common_name_length = univ.Integer(64)
  531. class TeletexCommonName(char.TeletexString):
  532. pass
  533. TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length)
  534. class PhysicalDeliveryOrganizationName(PDSParameter):
  535. pass
  536. extension_physical_delivery_address_components = univ.Integer(15)
  537. class NumericUserIdentifier(char.NumericString):
  538. pass
  539. NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length)
  540. class CountryName(univ.Choice):
  541. pass
  542. CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1))
  543. CountryName.componentType = namedtype.NamedTypes(
  544. namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(
  545. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))),
  546. namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(
  547. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length)))
  548. )
  549. class OrganizationName(char.PrintableString):
  550. pass
  551. OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length)
  552. class OrganizationalUnitNames(univ.SequenceOf):
  553. pass
  554. OrganizationalUnitNames.componentType = OrganizationalUnitName()
  555. OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units)
  556. class PrivateDomainName(univ.Choice):
  557. pass
  558. PrivateDomainName.componentType = namedtype.NamedTypes(
  559. namedtype.NamedType('numeric', char.NumericString().subtype(
  560. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))),
  561. namedtype.NamedType('printable', char.PrintableString().subtype(
  562. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length)))
  563. )
  564. class BuiltInStandardAttributes(univ.Sequence):
  565. pass
  566. BuiltInStandardAttributes.componentType = namedtype.NamedTypes(
  567. namedtype.OptionalNamedType('country-name', CountryName()),
  568. namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()),
  569. namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(
  570. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  571. namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(
  572. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  573. namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(
  574. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
  575. namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(
  576. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  577. namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(
  578. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
  579. namedtype.OptionalNamedType('personal-name', PersonalName().subtype(
  580. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  581. namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(
  582. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6)))
  583. )
  584. class ORAddress(univ.Sequence):
  585. pass
  586. ORAddress.componentType = namedtype.NamedTypes(
  587. namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()),
  588. namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()),
  589. namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes())
  590. )
  591. class DistinguishedName(RDNSequence):
  592. pass
  593. id_ad_timeStamping = _buildOid(id_ad, 3)
  594. class PhysicalDeliveryOfficeNumber(PDSParameter):
  595. pass
  596. teletex_domain_defined_attributes = univ.Integer(6)
  597. class UniquePostalName(PDSParameter):
  598. pass
  599. physical_delivery_country_name = univ.Integer(8)
  600. ub_pds_name_length = univ.Integer(16)
  601. class PDSName(char.PrintableString):
  602. pass
  603. PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length)
  604. class TeletexPersonalName(univ.Set):
  605. pass
  606. TeletexPersonalName.componentType = namedtype.NamedTypes(
  607. namedtype.NamedType('surname', char.TeletexString().subtype(
  608. subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(
  609. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  610. namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(
  611. subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(
  612. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  613. namedtype.OptionalNamedType('initials', char.TeletexString().subtype(
  614. subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(
  615. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  616. namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(
  617. subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(
  618. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  619. )
  620. street_address = univ.Integer(17)
  621. class PostOfficeBoxAddress(PDSParameter):
  622. pass
  623. local_postal_attributes = univ.Integer(21)
  624. class DirectoryString(univ.Choice):
  625. pass
  626. DirectoryString.componentType = namedtype.NamedTypes(
  627. namedtype.NamedType('teletexString',
  628. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  629. namedtype.NamedType('printableString',
  630. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  631. namedtype.NamedType('universalString',
  632. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  633. namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  634. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
  635. )
  636. teletex_common_name = univ.Integer(2)
  637. class CommonName(char.PrintableString):
  638. pass
  639. CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length)
  640. class Certificate(univ.Sequence):
  641. pass
  642. Certificate.componentType = namedtype.NamedTypes(
  643. namedtype.NamedType('tbsCertificate', TBSCertificate()),
  644. namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
  645. namedtype.NamedType('signature', univ.BitString())
  646. )
  647. class TeletexOrganizationalUnitName(char.TeletexString):
  648. pass
  649. TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length)
  650. id_at_name = _buildOid(id_at, 41)
  651. class TeletexOrganizationalUnitNames(univ.SequenceOf):
  652. pass
  653. TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName()
  654. TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units)
  655. id_ce = _buildOid(2, 5, 29)
  656. id_ce_issuerAltName = _buildOid(id_ce, 18)
  657. class SkipCerts(univ.Integer):
  658. pass
  659. SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
  660. class CRLReason(univ.Enumerated):
  661. pass
  662. CRLReason.namedValues = namedval.NamedValues(
  663. ('unspecified', 0),
  664. ('keyCompromise', 1),
  665. ('cACompromise', 2),
  666. ('affiliationChanged', 3),
  667. ('superseded', 4),
  668. ('cessationOfOperation', 5),
  669. ('certificateHold', 6),
  670. ('removeFromCRL', 8),
  671. ('privilegeWithdrawn', 9),
  672. ('aACompromise', 10)
  673. )
  674. class PrivateKeyUsagePeriod(univ.Sequence):
  675. pass
  676. PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes(
  677. namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(
  678. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  679. namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(
  680. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  681. )
  682. anotherNameMap = {
  683. }
  684. class AnotherName(univ.Sequence):
  685. componentType = namedtype.NamedTypes(
  686. namedtype.NamedType('type-id', univ.ObjectIdentifier()),
  687. namedtype.NamedType(
  688. 'value',
  689. univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)),
  690. openType=opentype.OpenType('type-id', anotherNameMap)
  691. )
  692. )
  693. class EDIPartyName(univ.Sequence):
  694. pass
  695. EDIPartyName.componentType = namedtype.NamedTypes(
  696. namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(
  697. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  698. namedtype.NamedType('partyName', DirectoryString().subtype(
  699. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
  700. )
  701. class GeneralName(univ.Choice):
  702. pass
  703. GeneralName.componentType = namedtype.NamedTypes(
  704. namedtype.NamedType('otherName',
  705. AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  706. namedtype.NamedType('rfc822Name',
  707. char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  708. namedtype.NamedType('dNSName',
  709. char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  710. namedtype.NamedType('x400Address',
  711. ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  712. namedtype.NamedType('directoryName',
  713. Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
  714. namedtype.NamedType('ediPartyName',
  715. EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  716. namedtype.NamedType('uniformResourceIdentifier',
  717. char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
  718. namedtype.NamedType('iPAddress',
  719. univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
  720. namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(
  721. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)))
  722. )
  723. class BaseDistance(univ.Integer):
  724. pass
  725. BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
  726. class GeneralSubtree(univ.Sequence):
  727. pass
  728. GeneralSubtree.componentType = namedtype.NamedTypes(
  729. namedtype.NamedType('base', GeneralName()),
  730. namedtype.DefaultedNamedType('minimum', BaseDistance().subtype(
  731. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)),
  732. namedtype.OptionalNamedType('maximum', BaseDistance().subtype(
  733. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  734. )
  735. class GeneralNames(univ.SequenceOf):
  736. pass
  737. GeneralNames.componentType = GeneralName()
  738. GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  739. class DistributionPointName(univ.Choice):
  740. pass
  741. DistributionPointName.componentType = namedtype.NamedTypes(
  742. namedtype.NamedType('fullName',
  743. GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  744. namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(
  745. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  746. )
  747. class ReasonFlags(univ.BitString):
  748. pass
  749. ReasonFlags.namedValues = namedval.NamedValues(
  750. ('unused', 0),
  751. ('keyCompromise', 1),
  752. ('cACompromise', 2),
  753. ('affiliationChanged', 3),
  754. ('superseded', 4),
  755. ('cessationOfOperation', 5),
  756. ('certificateHold', 6),
  757. ('privilegeWithdrawn', 7),
  758. ('aACompromise', 8)
  759. )
  760. class IssuingDistributionPoint(univ.Sequence):
  761. pass
  762. IssuingDistributionPoint.componentType = namedtype.NamedTypes(
  763. namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
  764. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  765. namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype(
  766. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)),
  767. namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype(
  768. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)),
  769. namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(
  770. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  771. namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype(
  772. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)),
  773. namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype(
  774. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0))
  775. )
  776. id_ce_certificatePolicies = _buildOid(id_ce, 32)
  777. id_kp_emailProtection = _buildOid(id_kp, 4)
  778. class AccessDescription(univ.Sequence):
  779. pass
  780. AccessDescription.componentType = namedtype.NamedTypes(
  781. namedtype.NamedType('accessMethod', univ.ObjectIdentifier()),
  782. namedtype.NamedType('accessLocation', GeneralName())
  783. )
  784. class IssuerAltName(GeneralNames):
  785. pass
  786. id_ce_cRLDistributionPoints = _buildOid(id_ce, 31)
  787. holdInstruction = _buildOid(2, 2, 840, 10040, 2)
  788. id_holdinstruction_callissuer = _buildOid(holdInstruction, 2)
  789. id_ce_subjectDirectoryAttributes = _buildOid(id_ce, 9)
  790. id_ce_issuingDistributionPoint = _buildOid(id_ce, 28)
  791. class DistributionPoint(univ.Sequence):
  792. pass
  793. DistributionPoint.componentType = namedtype.NamedTypes(
  794. namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
  795. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  796. namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(
  797. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  798. namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(
  799. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
  800. )
  801. class CRLDistributionPoints(univ.SequenceOf):
  802. pass
  803. CRLDistributionPoints.componentType = DistributionPoint()
  804. CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  805. class GeneralSubtrees(univ.SequenceOf):
  806. pass
  807. GeneralSubtrees.componentType = GeneralSubtree()
  808. GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  809. class NameConstraints(univ.Sequence):
  810. pass
  811. NameConstraints.componentType = namedtype.NamedTypes(
  812. namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(
  813. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  814. namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(
  815. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  816. )
  817. class SubjectDirectoryAttributes(univ.SequenceOf):
  818. pass
  819. SubjectDirectoryAttributes.componentType = Attribute()
  820. SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  821. id_kp_OCSPSigning = _buildOid(id_kp, 9)
  822. id_kp_timeStamping = _buildOid(id_kp, 8)
  823. class DisplayText(univ.Choice):
  824. pass
  825. DisplayText.componentType = namedtype.NamedTypes(
  826. namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
  827. namedtype.NamedType('visibleString',
  828. char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
  829. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
  830. namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200)))
  831. )
  832. class NoticeReference(univ.Sequence):
  833. pass
  834. NoticeReference.componentType = namedtype.NamedTypes(
  835. namedtype.NamedType('organization', DisplayText()),
  836. namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer()))
  837. )
  838. class UserNotice(univ.Sequence):
  839. pass
  840. UserNotice.componentType = namedtype.NamedTypes(
  841. namedtype.OptionalNamedType('noticeRef', NoticeReference()),
  842. namedtype.OptionalNamedType('explicitText', DisplayText())
  843. )
  844. class PolicyQualifierId(univ.ObjectIdentifier):
  845. pass
  846. policyQualifierInfoMap = {
  847. }
  848. class PolicyQualifierInfo(univ.Sequence):
  849. componentType = namedtype.NamedTypes(
  850. namedtype.NamedType('policyQualifierId', PolicyQualifierId()),
  851. namedtype.NamedType(
  852. 'qualifier', univ.Any(),
  853. openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap)
  854. )
  855. )
  856. class CertPolicyId(univ.ObjectIdentifier):
  857. pass
  858. class PolicyInformation(univ.Sequence):
  859. pass
  860. PolicyInformation.componentType = namedtype.NamedTypes(
  861. namedtype.NamedType('policyIdentifier', CertPolicyId()),
  862. namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()))
  863. )
  864. class CertificatePolicies(univ.SequenceOf):
  865. pass
  866. CertificatePolicies.componentType = PolicyInformation()
  867. CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  868. class SubjectAltName(GeneralNames):
  869. pass
  870. id_ce_basicConstraints = _buildOid(id_ce, 19)
  871. id_ce_authorityKeyIdentifier = _buildOid(id_ce, 35)
  872. id_kp_codeSigning = _buildOid(id_kp, 3)
  873. class BasicConstraints(univ.Sequence):
  874. pass
  875. BasicConstraints.componentType = namedtype.NamedTypes(
  876. namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)),
  877. namedtype.OptionalNamedType('pathLenConstraint',
  878. univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX)))
  879. )
  880. id_ce_certificateIssuer = _buildOid(id_ce, 29)
  881. class PolicyMappings(univ.SequenceOf):
  882. pass
  883. PolicyMappings.componentType = univ.Sequence(
  884. componentType=namedtype.NamedTypes(
  885. namedtype.NamedType('issuerDomainPolicy', CertPolicyId()),
  886. namedtype.NamedType('subjectDomainPolicy', CertPolicyId())
  887. )
  888. )
  889. PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  890. class InhibitAnyPolicy(SkipCerts):
  891. pass
  892. anyPolicy = _buildOid(id_ce_certificatePolicies, 0)
  893. class CRLNumber(univ.Integer):
  894. pass
  895. CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
  896. class BaseCRLNumber(CRLNumber):
  897. pass
  898. id_ce_nameConstraints = _buildOid(id_ce, 30)
  899. id_kp_serverAuth = _buildOid(id_kp, 1)
  900. id_ce_freshestCRL = _buildOid(id_ce, 46)
  901. id_ce_cRLReasons = _buildOid(id_ce, 21)
  902. id_ce_extKeyUsage = _buildOid(id_ce, 37)
  903. class KeyIdentifier(univ.OctetString):
  904. pass
  905. class AuthorityKeyIdentifier(univ.Sequence):
  906. pass
  907. AuthorityKeyIdentifier.componentType = namedtype.NamedTypes(
  908. namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(
  909. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  910. namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(
  911. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  912. namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(
  913. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
  914. )
  915. class FreshestCRL(CRLDistributionPoints):
  916. pass
  917. id_ce_policyConstraints = _buildOid(id_ce, 36)
  918. id_pe_authorityInfoAccess = _buildOid(id_pe, 1)
  919. class AuthorityInfoAccessSyntax(univ.SequenceOf):
  920. pass
  921. AuthorityInfoAccessSyntax.componentType = AccessDescription()
  922. AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  923. id_holdinstruction_none = _buildOid(holdInstruction, 1)
  924. class CPSuri(char.IA5String):
  925. pass
  926. id_pe_subjectInfoAccess = _buildOid(id_pe, 11)
  927. class SubjectKeyIdentifier(KeyIdentifier):
  928. pass
  929. id_ce_subjectAltName = _buildOid(id_ce, 17)
  930. class KeyPurposeId(univ.ObjectIdentifier):
  931. pass
  932. class ExtKeyUsageSyntax(univ.SequenceOf):
  933. pass
  934. ExtKeyUsageSyntax.componentType = KeyPurposeId()
  935. ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  936. class HoldInstructionCode(univ.ObjectIdentifier):
  937. pass
  938. id_ce_deltaCRLIndicator = _buildOid(id_ce, 27)
  939. id_ce_keyUsage = _buildOid(id_ce, 15)
  940. id_ce_holdInstructionCode = _buildOid(id_ce, 23)
  941. class SubjectInfoAccessSyntax(univ.SequenceOf):
  942. pass
  943. SubjectInfoAccessSyntax.componentType = AccessDescription()
  944. SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  945. class InvalidityDate(useful.GeneralizedTime):
  946. pass
  947. class KeyUsage(univ.BitString):
  948. pass
  949. KeyUsage.namedValues = namedval.NamedValues(
  950. ('digitalSignature', 0),
  951. ('nonRepudiation', 1),
  952. ('keyEncipherment', 2),
  953. ('dataEncipherment', 3),
  954. ('keyAgreement', 4),
  955. ('keyCertSign', 5),
  956. ('cRLSign', 6),
  957. ('encipherOnly', 7),
  958. ('decipherOnly', 8)
  959. )
  960. id_ce_invalidityDate = _buildOid(id_ce, 24)
  961. id_ce_policyMappings = _buildOid(id_ce, 33)
  962. anyExtendedKeyUsage = _buildOid(id_ce_extKeyUsage, 0)
  963. id_ce_privateKeyUsagePeriod = _buildOid(id_ce, 16)
  964. id_ce_cRLNumber = _buildOid(id_ce, 20)
  965. class CertificateIssuer(GeneralNames):
  966. pass
  967. id_holdinstruction_reject = _buildOid(holdInstruction, 3)
  968. class PolicyConstraints(univ.Sequence):
  969. pass
  970. PolicyConstraints.componentType = namedtype.NamedTypes(
  971. namedtype.OptionalNamedType('requireExplicitPolicy',
  972. SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  973. namedtype.OptionalNamedType('inhibitPolicyMapping',
  974. SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  975. )
  976. id_kp_clientAuth = _buildOid(id_kp, 2)
  977. id_ce_subjectKeyIdentifier = _buildOid(id_ce, 14)
  978. id_ce_inhibitAnyPolicy = _buildOid(id_ce, 54)
  979. # map of ORAddress ExtensionAttribute type to ExtensionAttribute value
  980. _oraddressExtensionAttributeMapUpdate = {
  981. common_name: CommonName(),
  982. teletex_common_name: TeletexCommonName(),
  983. teletex_organization_name: TeletexOrganizationName(),
  984. teletex_personal_name: TeletexPersonalName(),
  985. teletex_organizational_unit_names: TeletexOrganizationalUnitNames(),
  986. pds_name: PDSName(),
  987. physical_delivery_country_name: PhysicalDeliveryCountryName(),
  988. postal_code: PostalCode(),
  989. physical_delivery_office_name: PhysicalDeliveryOfficeName(),
  990. physical_delivery_office_number: PhysicalDeliveryOfficeNumber(),
  991. extension_OR_address_components: ExtensionORAddressComponents(),
  992. physical_delivery_personal_name: PhysicalDeliveryPersonalName(),
  993. physical_delivery_organization_name: PhysicalDeliveryOrganizationName(),
  994. extension_physical_delivery_address_components: ExtensionPhysicalDeliveryAddressComponents(),
  995. unformatted_postal_address: UnformattedPostalAddress(),
  996. street_address: StreetAddress(),
  997. post_office_box_address: PostOfficeBoxAddress(),
  998. poste_restante_address: PosteRestanteAddress(),
  999. unique_postal_name: UniquePostalName(),
  1000. local_postal_attributes: LocalPostalAttributes(),
  1001. extended_network_address: ExtendedNetworkAddress(),
  1002. terminal_type: TerminalType(),
  1003. teletex_domain_defined_attributes: TeletexDomainDefinedAttributes(),
  1004. }
  1005. oraddressExtensionAttributeMap.update(_oraddressExtensionAttributeMapUpdate)
  1006. # map of AttributeType -> AttributeValue
  1007. _certificateAttributesMapUpdate = {
  1008. id_at_name: X520name(),
  1009. id_at_surname: X520name(),
  1010. id_at_givenName: X520name(),
  1011. id_at_initials: X520name(),
  1012. id_at_generationQualifier: X520name(),
  1013. id_at_commonName: X520CommonName(),
  1014. id_at_localityName: X520LocalityName(),
  1015. id_at_stateOrProvinceName: X520StateOrProvinceName(),
  1016. id_at_organizationName: X520OrganizationName(),
  1017. id_at_organizationalUnitName: X520OrganizationalUnitName(),
  1018. id_at_title: X520Title(),
  1019. id_at_dnQualifier: X520dnQualifier(),
  1020. id_at_countryName: X520countryName(),
  1021. id_at_serialNumber: X520SerialNumber(),
  1022. id_at_pseudonym: X520Pseudonym(),
  1023. id_domainComponent: DomainComponent(),
  1024. id_emailAddress: EmailAddress(),
  1025. }
  1026. certificateAttributesMap.update(_certificateAttributesMapUpdate)
  1027. # map of Certificate Extension OIDs to Extensions
  1028. _certificateExtensionsMap = {
  1029. id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
  1030. id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(),
  1031. id_ce_keyUsage: KeyUsage(),
  1032. id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(),
  1033. id_ce_certificatePolicies: CertificatePolicies(),
  1034. id_ce_policyMappings: PolicyMappings(),
  1035. id_ce_subjectAltName: SubjectAltName(),
  1036. id_ce_issuerAltName: IssuerAltName(),
  1037. id_ce_subjectDirectoryAttributes: SubjectDirectoryAttributes(),
  1038. id_ce_basicConstraints: BasicConstraints(),
  1039. id_ce_nameConstraints: NameConstraints(),
  1040. id_ce_policyConstraints: PolicyConstraints(),
  1041. id_ce_extKeyUsage: ExtKeyUsageSyntax(),
  1042. id_ce_cRLDistributionPoints: CRLDistributionPoints(),
  1043. id_pe_authorityInfoAccess: AuthorityInfoAccessSyntax(),
  1044. id_ce_cRLNumber: univ.Integer(),
  1045. id_ce_deltaCRLIndicator: BaseCRLNumber(),
  1046. id_ce_issuingDistributionPoint: IssuingDistributionPoint(),
  1047. id_ce_cRLReasons: CRLReason(),
  1048. id_ce_holdInstructionCode: univ.ObjectIdentifier(),
  1049. id_ce_invalidityDate: useful.GeneralizedTime(),
  1050. id_ce_certificateIssuer: GeneralNames(),
  1051. }
  1052. certificateExtensionsMap.update(_certificateExtensionsMap)