rfc3280.py 46 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543
  1. # coding: utf-8
  2. #
  3. # This file is part of pyasn1-modules software.
  4. #
  5. # Created by Stanisław Pitucha with asn1ate tool.
  6. # Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
  7. # License: http://snmplabs.com/pyasn1/license.html
  8. #
  9. # Internet X.509 Public Key Infrastructure Certificate and Certificate
  10. # Revocation List (CRL) Profile
  11. #
  12. # ASN.1 source from:
  13. # http://www.ietf.org/rfc/rfc3280.txt
  14. #
  15. from pyasn1.type import char
  16. from pyasn1.type import constraint
  17. from pyasn1.type import namedtype
  18. from pyasn1.type import namedval
  19. from pyasn1.type import tag
  20. from pyasn1.type import univ
  21. from pyasn1.type import useful
  22. MAX = float('inf')
  23. def _OID(*components):
  24. output = []
  25. for x in tuple(components):
  26. if isinstance(x, univ.ObjectIdentifier):
  27. output.extend(list(x))
  28. else:
  29. output.append(int(x))
  30. return univ.ObjectIdentifier(output)
  31. unformatted_postal_address = univ.Integer(16)
  32. ub_organizational_units = univ.Integer(4)
  33. ub_organizational_unit_name_length = univ.Integer(32)
  34. class OrganizationalUnitName(char.PrintableString):
  35. pass
  36. OrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length)
  37. class OrganizationalUnitNames(univ.SequenceOf):
  38. pass
  39. OrganizationalUnitNames.componentType = OrganizationalUnitName()
  40. OrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units)
  41. class AttributeType(univ.ObjectIdentifier):
  42. pass
  43. id_at = _OID(2, 5, 4)
  44. id_at_name = _OID(id_at, 41)
  45. ub_pds_parameter_length = univ.Integer(30)
  46. class PDSParameter(univ.Set):
  47. pass
  48. PDSParameter.componentType = namedtype.NamedTypes(
  49. namedtype.OptionalNamedType('printable-string', char.PrintableString().subtype(
  50. subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length))),
  51. namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(
  52. subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))
  53. )
  54. class PhysicalDeliveryOrganizationName(PDSParameter):
  55. pass
  56. ub_organization_name_length = univ.Integer(64)
  57. ub_domain_defined_attribute_type_length = univ.Integer(8)
  58. ub_domain_defined_attribute_value_length = univ.Integer(128)
  59. class TeletexDomainDefinedAttribute(univ.Sequence):
  60. pass
  61. TeletexDomainDefinedAttribute.componentType = namedtype.NamedTypes(
  62. namedtype.NamedType('type', char.TeletexString().subtype(
  63. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))),
  64. namedtype.NamedType('value', char.TeletexString().subtype(
  65. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length)))
  66. )
  67. id_pkix = _OID(1, 3, 6, 1, 5, 5, 7)
  68. id_qt = _OID(id_pkix, 2)
  69. class PresentationAddress(univ.Sequence):
  70. pass
  71. PresentationAddress.componentType = namedtype.NamedTypes(
  72. namedtype.OptionalNamedType('pSelector', univ.OctetString().subtype(
  73. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  74. namedtype.OptionalNamedType('sSelector', univ.OctetString().subtype(
  75. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  76. namedtype.OptionalNamedType('tSelector', univ.OctetString().subtype(
  77. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  78. namedtype.NamedType('nAddresses', univ.SetOf(componentType=univ.OctetString()).subtype(
  79. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  80. )
  81. class AlgorithmIdentifier(univ.Sequence):
  82. pass
  83. AlgorithmIdentifier.componentType = namedtype.NamedTypes(
  84. namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
  85. namedtype.OptionalNamedType('parameters', univ.Any())
  86. )
  87. class UniqueIdentifier(univ.BitString):
  88. pass
  89. class Extension(univ.Sequence):
  90. pass
  91. Extension.componentType = namedtype.NamedTypes(
  92. namedtype.NamedType('extnID', univ.ObjectIdentifier()),
  93. namedtype.DefaultedNamedType('critical', univ.Boolean().subtype(value=0)),
  94. namedtype.NamedType('extnValue', univ.OctetString())
  95. )
  96. class Extensions(univ.SequenceOf):
  97. pass
  98. Extensions.componentType = Extension()
  99. Extensions.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  100. class CertificateSerialNumber(univ.Integer):
  101. pass
  102. class SubjectPublicKeyInfo(univ.Sequence):
  103. pass
  104. SubjectPublicKeyInfo.componentType = namedtype.NamedTypes(
  105. namedtype.NamedType('algorithm', AlgorithmIdentifier()),
  106. namedtype.NamedType('subjectPublicKey', univ.BitString())
  107. )
  108. class Time(univ.Choice):
  109. pass
  110. Time.componentType = namedtype.NamedTypes(
  111. namedtype.NamedType('utcTime', useful.UTCTime()),
  112. namedtype.NamedType('generalTime', useful.GeneralizedTime())
  113. )
  114. class Validity(univ.Sequence):
  115. pass
  116. Validity.componentType = namedtype.NamedTypes(
  117. namedtype.NamedType('notBefore', Time()),
  118. namedtype.NamedType('notAfter', Time())
  119. )
  120. class Version(univ.Integer):
  121. pass
  122. Version.namedValues = namedval.NamedValues(
  123. ('v1', 0),
  124. ('v2', 1),
  125. ('v3', 2)
  126. )
  127. class AttributeValue(univ.Any):
  128. pass
  129. class AttributeTypeAndValue(univ.Sequence):
  130. pass
  131. AttributeTypeAndValue.componentType = namedtype.NamedTypes(
  132. namedtype.NamedType('type', AttributeType()),
  133. namedtype.NamedType('value', AttributeValue())
  134. )
  135. class RelativeDistinguishedName(univ.SetOf):
  136. pass
  137. RelativeDistinguishedName.componentType = AttributeTypeAndValue()
  138. RelativeDistinguishedName.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  139. class RDNSequence(univ.SequenceOf):
  140. pass
  141. RDNSequence.componentType = RelativeDistinguishedName()
  142. class Name(univ.Choice):
  143. pass
  144. Name.componentType = namedtype.NamedTypes(
  145. namedtype.NamedType('rdnSequence', RDNSequence())
  146. )
  147. class TBSCertificate(univ.Sequence):
  148. pass
  149. TBSCertificate.componentType = namedtype.NamedTypes(
  150. namedtype.DefaultedNamedType('version',
  151. Version().subtype(explicitTag=tag.Tag(tag.tagClassContext,
  152. tag.tagFormatSimple, 0)).subtype(value="v1")),
  153. namedtype.NamedType('serialNumber', CertificateSerialNumber()),
  154. namedtype.NamedType('signature', AlgorithmIdentifier()),
  155. namedtype.NamedType('issuer', Name()),
  156. namedtype.NamedType('validity', Validity()),
  157. namedtype.NamedType('subject', Name()),
  158. namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
  159. namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(
  160. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  161. namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(
  162. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  163. namedtype.OptionalNamedType('extensions',
  164. Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  165. )
  166. class Certificate(univ.Sequence):
  167. pass
  168. Certificate.componentType = namedtype.NamedTypes(
  169. namedtype.NamedType('tbsCertificate', TBSCertificate()),
  170. namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
  171. namedtype.NamedType('signature', univ.BitString())
  172. )
  173. ub_surname_length = univ.Integer(40)
  174. class TeletexOrganizationName(char.TeletexString):
  175. pass
  176. TeletexOrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length)
  177. ub_e163_4_sub_address_length = univ.Integer(40)
  178. teletex_common_name = univ.Integer(2)
  179. ub_country_name_alpha_length = univ.Integer(2)
  180. ub_country_name_numeric_length = univ.Integer(3)
  181. class CountryName(univ.Choice):
  182. pass
  183. CountryName.tagSet = univ.Choice.tagSet.tagExplicitly(tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 1))
  184. CountryName.componentType = namedtype.NamedTypes(
  185. namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(
  186. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))),
  187. namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(
  188. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length)))
  189. )
  190. extension_OR_address_components = univ.Integer(12)
  191. id_at_dnQualifier = _OID(id_at, 46)
  192. ub_e163_4_number_length = univ.Integer(15)
  193. class ExtendedNetworkAddress(univ.Choice):
  194. pass
  195. ExtendedNetworkAddress.componentType = namedtype.NamedTypes(
  196. namedtype.NamedType('e163-4-address', univ.Sequence(componentType=namedtype.NamedTypes(
  197. namedtype.NamedType('number', char.NumericString().subtype(
  198. subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_number_length)).subtype(
  199. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  200. namedtype.OptionalNamedType('sub-address', char.NumericString().subtype(
  201. subtypeSpec=constraint.ValueSizeConstraint(1, ub_e163_4_sub_address_length)).subtype(
  202. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  203. ))
  204. ),
  205. namedtype.NamedType('psap-address', PresentationAddress().subtype(
  206. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
  207. )
  208. terminal_type = univ.Integer(23)
  209. id_domainComponent = _OID(0, 9, 2342, 19200300, 100, 1, 25)
  210. ub_state_name = univ.Integer(128)
  211. class X520StateOrProvinceName(univ.Choice):
  212. pass
  213. X520StateOrProvinceName.componentType = namedtype.NamedTypes(
  214. namedtype.NamedType('teletexString',
  215. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  216. namedtype.NamedType('printableString',
  217. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  218. namedtype.NamedType('universalString',
  219. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  220. namedtype.NamedType('utf8String',
  221. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name))),
  222. namedtype.NamedType('bmpString',
  223. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_state_name)))
  224. )
  225. ub_organization_name = univ.Integer(64)
  226. class X520OrganizationName(univ.Choice):
  227. pass
  228. X520OrganizationName.componentType = namedtype.NamedTypes(
  229. namedtype.NamedType('teletexString', char.TeletexString().subtype(
  230. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  231. namedtype.NamedType('printableString', char.PrintableString().subtype(
  232. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  233. namedtype.NamedType('universalString', char.UniversalString().subtype(
  234. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  235. namedtype.NamedType('utf8String',
  236. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name))),
  237. namedtype.NamedType('bmpString',
  238. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_organization_name)))
  239. )
  240. ub_emailaddress_length = univ.Integer(128)
  241. class ExtensionPhysicalDeliveryAddressComponents(PDSParameter):
  242. pass
  243. id_at_surname = _OID(id_at, 4)
  244. ub_common_name_length = univ.Integer(64)
  245. id_ad = _OID(id_pkix, 48)
  246. ub_numeric_user_id_length = univ.Integer(32)
  247. class NumericUserIdentifier(char.NumericString):
  248. pass
  249. NumericUserIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_numeric_user_id_length)
  250. class OrganizationName(char.PrintableString):
  251. pass
  252. OrganizationName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organization_name_length)
  253. ub_domain_name_length = univ.Integer(16)
  254. class AdministrationDomainName(univ.Choice):
  255. pass
  256. AdministrationDomainName.tagSet = univ.Choice.tagSet.tagExplicitly(
  257. tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 2))
  258. AdministrationDomainName.componentType = namedtype.NamedTypes(
  259. namedtype.NamedType('numeric', char.NumericString().subtype(
  260. subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length))),
  261. namedtype.NamedType('printable', char.PrintableString().subtype(
  262. subtypeSpec=constraint.ValueSizeConstraint(0, ub_domain_name_length)))
  263. )
  264. class PrivateDomainName(univ.Choice):
  265. pass
  266. PrivateDomainName.componentType = namedtype.NamedTypes(
  267. namedtype.NamedType('numeric', char.NumericString().subtype(
  268. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length))),
  269. namedtype.NamedType('printable', char.PrintableString().subtype(
  270. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_name_length)))
  271. )
  272. ub_generation_qualifier_length = univ.Integer(3)
  273. ub_given_name_length = univ.Integer(16)
  274. ub_initials_length = univ.Integer(5)
  275. class PersonalName(univ.Set):
  276. pass
  277. PersonalName.componentType = namedtype.NamedTypes(
  278. namedtype.NamedType('surname', char.PrintableString().subtype(
  279. subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(
  280. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  281. namedtype.OptionalNamedType('given-name', char.PrintableString().subtype(
  282. subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(
  283. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  284. namedtype.OptionalNamedType('initials', char.PrintableString().subtype(
  285. subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(
  286. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  287. namedtype.OptionalNamedType('generation-qualifier', char.PrintableString().subtype(
  288. subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(
  289. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  290. )
  291. ub_terminal_id_length = univ.Integer(24)
  292. class TerminalIdentifier(char.PrintableString):
  293. pass
  294. TerminalIdentifier.subtypeSpec = constraint.ValueSizeConstraint(1, ub_terminal_id_length)
  295. ub_x121_address_length = univ.Integer(16)
  296. class X121Address(char.NumericString):
  297. pass
  298. X121Address.subtypeSpec = constraint.ValueSizeConstraint(1, ub_x121_address_length)
  299. class NetworkAddress(X121Address):
  300. pass
  301. class BuiltInStandardAttributes(univ.Sequence):
  302. pass
  303. BuiltInStandardAttributes.componentType = namedtype.NamedTypes(
  304. namedtype.OptionalNamedType('country-name', CountryName()),
  305. namedtype.OptionalNamedType('administration-domain-name', AdministrationDomainName()),
  306. namedtype.OptionalNamedType('network-address', NetworkAddress().subtype(
  307. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  308. namedtype.OptionalNamedType('terminal-identifier', TerminalIdentifier().subtype(
  309. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  310. namedtype.OptionalNamedType('private-domain-name', PrivateDomainName().subtype(
  311. explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
  312. namedtype.OptionalNamedType('organization-name', OrganizationName().subtype(
  313. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  314. namedtype.OptionalNamedType('numeric-user-identifier', NumericUserIdentifier().subtype(
  315. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
  316. namedtype.OptionalNamedType('personal-name', PersonalName().subtype(
  317. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  318. namedtype.OptionalNamedType('organizational-unit-names', OrganizationalUnitNames().subtype(
  319. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6)))
  320. )
  321. ub_domain_defined_attributes = univ.Integer(4)
  322. class BuiltInDomainDefinedAttribute(univ.Sequence):
  323. pass
  324. BuiltInDomainDefinedAttribute.componentType = namedtype.NamedTypes(
  325. namedtype.NamedType('type', char.PrintableString().subtype(
  326. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_type_length))),
  327. namedtype.NamedType('value', char.PrintableString().subtype(
  328. subtypeSpec=constraint.ValueSizeConstraint(1, ub_domain_defined_attribute_value_length)))
  329. )
  330. class BuiltInDomainDefinedAttributes(univ.SequenceOf):
  331. pass
  332. BuiltInDomainDefinedAttributes.componentType = BuiltInDomainDefinedAttribute()
  333. BuiltInDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
  334. ub_extension_attributes = univ.Integer(256)
  335. class ExtensionAttribute(univ.Sequence):
  336. pass
  337. ExtensionAttribute.componentType = namedtype.NamedTypes(
  338. namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(
  339. subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(
  340. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  341. namedtype.NamedType('extension-attribute-value',
  342. univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  343. )
  344. class ExtensionAttributes(univ.SetOf):
  345. pass
  346. ExtensionAttributes.componentType = ExtensionAttribute()
  347. ExtensionAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_extension_attributes)
  348. class ORAddress(univ.Sequence):
  349. pass
  350. ORAddress.componentType = namedtype.NamedTypes(
  351. namedtype.NamedType('built-in-standard-attributes', BuiltInStandardAttributes()),
  352. namedtype.OptionalNamedType('built-in-domain-defined-attributes', BuiltInDomainDefinedAttributes()),
  353. namedtype.OptionalNamedType('extension-attributes', ExtensionAttributes())
  354. )
  355. id_pe = _OID(id_pkix, 1)
  356. ub_title = univ.Integer(64)
  357. class X520Title(univ.Choice):
  358. pass
  359. X520Title.componentType = namedtype.NamedTypes(
  360. namedtype.NamedType('teletexString',
  361. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  362. namedtype.NamedType('printableString',
  363. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  364. namedtype.NamedType('universalString',
  365. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  366. namedtype.NamedType('utf8String',
  367. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title))),
  368. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_title)))
  369. )
  370. id_at_organizationalUnitName = _OID(id_at, 11)
  371. class EmailAddress(char.IA5String):
  372. pass
  373. EmailAddress.subtypeSpec = constraint.ValueSizeConstraint(1, ub_emailaddress_length)
  374. physical_delivery_country_name = univ.Integer(8)
  375. id_at_givenName = _OID(id_at, 42)
  376. class TeletexCommonName(char.TeletexString):
  377. pass
  378. TeletexCommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length)
  379. id_qt_cps = _OID(id_qt, 1)
  380. class LocalPostalAttributes(PDSParameter):
  381. pass
  382. class StreetAddress(PDSParameter):
  383. pass
  384. id_kp = _OID(id_pkix, 3)
  385. class DirectoryString(univ.Choice):
  386. pass
  387. DirectoryString.componentType = namedtype.NamedTypes(
  388. namedtype.NamedType('teletexString',
  389. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  390. namedtype.NamedType('printableString',
  391. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  392. namedtype.NamedType('universalString',
  393. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  394. namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
  395. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
  396. )
  397. class DomainComponent(char.IA5String):
  398. pass
  399. id_at_initials = _OID(id_at, 43)
  400. id_qt_unotice = _OID(id_qt, 2)
  401. ub_pds_name_length = univ.Integer(16)
  402. class PDSName(char.PrintableString):
  403. pass
  404. PDSName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_pds_name_length)
  405. class PosteRestanteAddress(PDSParameter):
  406. pass
  407. class DistinguishedName(RDNSequence):
  408. pass
  409. class CommonName(char.PrintableString):
  410. pass
  411. CommonName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_common_name_length)
  412. ub_serial_number = univ.Integer(64)
  413. class X520SerialNumber(char.PrintableString):
  414. pass
  415. X520SerialNumber.subtypeSpec = constraint.ValueSizeConstraint(1, ub_serial_number)
  416. id_at_generationQualifier = _OID(id_at, 44)
  417. ub_organizational_unit_name = univ.Integer(64)
  418. id_ad_ocsp = _OID(id_ad, 1)
  419. class TeletexOrganizationalUnitName(char.TeletexString):
  420. pass
  421. TeletexOrganizationalUnitName.subtypeSpec = constraint.ValueSizeConstraint(1, ub_organizational_unit_name_length)
  422. class TeletexPersonalName(univ.Set):
  423. pass
  424. TeletexPersonalName.componentType = namedtype.NamedTypes(
  425. namedtype.NamedType('surname', char.TeletexString().subtype(
  426. subtypeSpec=constraint.ValueSizeConstraint(1, ub_surname_length)).subtype(
  427. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  428. namedtype.OptionalNamedType('given-name', char.TeletexString().subtype(
  429. subtypeSpec=constraint.ValueSizeConstraint(1, ub_given_name_length)).subtype(
  430. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  431. namedtype.OptionalNamedType('initials', char.TeletexString().subtype(
  432. subtypeSpec=constraint.ValueSizeConstraint(1, ub_initials_length)).subtype(
  433. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  434. namedtype.OptionalNamedType('generation-qualifier', char.TeletexString().subtype(
  435. subtypeSpec=constraint.ValueSizeConstraint(1, ub_generation_qualifier_length)).subtype(
  436. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
  437. )
  438. class TeletexDomainDefinedAttributes(univ.SequenceOf):
  439. pass
  440. TeletexDomainDefinedAttributes.componentType = TeletexDomainDefinedAttribute()
  441. TeletexDomainDefinedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, ub_domain_defined_attributes)
  442. class TBSCertList(univ.Sequence):
  443. pass
  444. TBSCertList.componentType = namedtype.NamedTypes(
  445. namedtype.OptionalNamedType('version', Version()),
  446. namedtype.NamedType('signature', AlgorithmIdentifier()),
  447. namedtype.NamedType('issuer', Name()),
  448. namedtype.NamedType('thisUpdate', Time()),
  449. namedtype.OptionalNamedType('nextUpdate', Time()),
  450. namedtype.OptionalNamedType('revokedCertificates',
  451. univ.SequenceOf(componentType=univ.Sequence(componentType=namedtype.NamedTypes(
  452. namedtype.NamedType('userCertificate', CertificateSerialNumber()),
  453. namedtype.NamedType('revocationDate', Time()),
  454. namedtype.OptionalNamedType('crlEntryExtensions', Extensions())
  455. ))
  456. )),
  457. namedtype.OptionalNamedType('crlExtensions',
  458. Extensions().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
  459. )
  460. local_postal_attributes = univ.Integer(21)
  461. pkcs_9 = _OID(1, 2, 840, 113549, 1, 9)
  462. class PhysicalDeliveryCountryName(univ.Choice):
  463. pass
  464. PhysicalDeliveryCountryName.componentType = namedtype.NamedTypes(
  465. namedtype.NamedType('x121-dcc-code', char.NumericString().subtype(
  466. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_numeric_length, ub_country_name_numeric_length))),
  467. namedtype.NamedType('iso-3166-alpha2-code', char.PrintableString().subtype(
  468. subtypeSpec=constraint.ValueSizeConstraint(ub_country_name_alpha_length, ub_country_name_alpha_length)))
  469. )
  470. ub_name = univ.Integer(32768)
  471. class X520name(univ.Choice):
  472. pass
  473. X520name.componentType = namedtype.NamedTypes(
  474. namedtype.NamedType('teletexString',
  475. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  476. namedtype.NamedType('printableString',
  477. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  478. namedtype.NamedType('universalString',
  479. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  480. namedtype.NamedType('utf8String',
  481. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name))),
  482. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_name)))
  483. )
  484. id_emailAddress = _OID(pkcs_9, 1)
  485. class TerminalType(univ.Integer):
  486. pass
  487. TerminalType.namedValues = namedval.NamedValues(
  488. ('telex', 3),
  489. ('teletex', 4),
  490. ('g3-facsimile', 5),
  491. ('g4-facsimile', 6),
  492. ('ia5-terminal', 7),
  493. ('videotex', 8)
  494. )
  495. class X520OrganizationalUnitName(univ.Choice):
  496. pass
  497. X520OrganizationalUnitName.componentType = namedtype.NamedTypes(
  498. namedtype.NamedType('teletexString', char.TeletexString().subtype(
  499. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  500. namedtype.NamedType('printableString', char.PrintableString().subtype(
  501. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  502. namedtype.NamedType('universalString', char.UniversalString().subtype(
  503. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  504. namedtype.NamedType('utf8String', char.UTF8String().subtype(
  505. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name))),
  506. namedtype.NamedType('bmpString', char.BMPString().subtype(
  507. subtypeSpec=constraint.ValueSizeConstraint(1, ub_organizational_unit_name)))
  508. )
  509. id_at_commonName = _OID(id_at, 3)
  510. pds_name = univ.Integer(7)
  511. post_office_box_address = univ.Integer(18)
  512. ub_locality_name = univ.Integer(128)
  513. class X520LocalityName(univ.Choice):
  514. pass
  515. X520LocalityName.componentType = namedtype.NamedTypes(
  516. namedtype.NamedType('teletexString',
  517. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  518. namedtype.NamedType('printableString', char.PrintableString().subtype(
  519. subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  520. namedtype.NamedType('universalString', char.UniversalString().subtype(
  521. subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  522. namedtype.NamedType('utf8String',
  523. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name))),
  524. namedtype.NamedType('bmpString',
  525. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_locality_name)))
  526. )
  527. id_ad_timeStamping = _OID(id_ad, 3)
  528. id_at_countryName = _OID(id_at, 6)
  529. physical_delivery_personal_name = univ.Integer(13)
  530. teletex_personal_name = univ.Integer(4)
  531. teletex_organizational_unit_names = univ.Integer(5)
  532. class PhysicalDeliveryPersonalName(PDSParameter):
  533. pass
  534. ub_postal_code_length = univ.Integer(16)
  535. class PostalCode(univ.Choice):
  536. pass
  537. PostalCode.componentType = namedtype.NamedTypes(
  538. namedtype.NamedType('numeric-code', char.NumericString().subtype(
  539. subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length))),
  540. namedtype.NamedType('printable-code', char.PrintableString().subtype(
  541. subtypeSpec=constraint.ValueSizeConstraint(1, ub_postal_code_length)))
  542. )
  543. class X520countryName(char.PrintableString):
  544. pass
  545. X520countryName.subtypeSpec = constraint.ValueSizeConstraint(2, 2)
  546. postal_code = univ.Integer(9)
  547. id_ad_caRepository = _OID(id_ad, 5)
  548. extension_physical_delivery_address_components = univ.Integer(15)
  549. class PostOfficeBoxAddress(PDSParameter):
  550. pass
  551. class PhysicalDeliveryOfficeName(PDSParameter):
  552. pass
  553. id_at_title = _OID(id_at, 12)
  554. id_at_serialNumber = _OID(id_at, 5)
  555. id_ad_caIssuers = _OID(id_ad, 2)
  556. ub_integer_options = univ.Integer(256)
  557. class CertificateList(univ.Sequence):
  558. pass
  559. CertificateList.componentType = namedtype.NamedTypes(
  560. namedtype.NamedType('tbsCertList', TBSCertList()),
  561. namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
  562. namedtype.NamedType('signature', univ.BitString())
  563. )
  564. class PhysicalDeliveryOfficeNumber(PDSParameter):
  565. pass
  566. class TeletexOrganizationalUnitNames(univ.SequenceOf):
  567. pass
  568. TeletexOrganizationalUnitNames.componentType = TeletexOrganizationalUnitName()
  569. TeletexOrganizationalUnitNames.sizeSpec = constraint.ValueSizeConstraint(1, ub_organizational_units)
  570. physical_delivery_office_name = univ.Integer(10)
  571. ub_common_name = univ.Integer(64)
  572. class ExtensionORAddressComponents(PDSParameter):
  573. pass
  574. ub_pseudonym = univ.Integer(128)
  575. poste_restante_address = univ.Integer(19)
  576. id_at_organizationName = _OID(id_at, 10)
  577. physical_delivery_office_number = univ.Integer(11)
  578. id_at_pseudonym = _OID(id_at, 65)
  579. class X520CommonName(univ.Choice):
  580. pass
  581. X520CommonName.componentType = namedtype.NamedTypes(
  582. namedtype.NamedType('teletexString',
  583. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  584. namedtype.NamedType('printableString',
  585. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  586. namedtype.NamedType('universalString',
  587. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  588. namedtype.NamedType('utf8String',
  589. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name))),
  590. namedtype.NamedType('bmpString',
  591. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_common_name)))
  592. )
  593. physical_delivery_organization_name = univ.Integer(14)
  594. class X520dnQualifier(char.PrintableString):
  595. pass
  596. id_at_stateOrProvinceName = _OID(id_at, 8)
  597. common_name = univ.Integer(1)
  598. id_at_localityName = _OID(id_at, 7)
  599. ub_match = univ.Integer(128)
  600. ub_unformatted_address_length = univ.Integer(180)
  601. class Attribute(univ.Sequence):
  602. pass
  603. Attribute.componentType = namedtype.NamedTypes(
  604. namedtype.NamedType('type', AttributeType()),
  605. namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue()))
  606. )
  607. extended_network_address = univ.Integer(22)
  608. unique_postal_name = univ.Integer(20)
  609. ub_pds_physical_address_lines = univ.Integer(6)
  610. class UnformattedPostalAddress(univ.Set):
  611. pass
  612. UnformattedPostalAddress.componentType = namedtype.NamedTypes(
  613. namedtype.OptionalNamedType('printable-address', univ.SequenceOf(componentType=char.PrintableString().subtype(
  614. subtypeSpec=constraint.ValueSizeConstraint(1, ub_pds_parameter_length)))),
  615. namedtype.OptionalNamedType('teletex-string', char.TeletexString().subtype(
  616. subtypeSpec=constraint.ValueSizeConstraint(1, ub_unformatted_address_length)))
  617. )
  618. class UniquePostalName(PDSParameter):
  619. pass
  620. class X520Pseudonym(univ.Choice):
  621. pass
  622. X520Pseudonym.componentType = namedtype.NamedTypes(
  623. namedtype.NamedType('teletexString',
  624. char.TeletexString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  625. namedtype.NamedType('printableString',
  626. char.PrintableString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  627. namedtype.NamedType('universalString',
  628. char.UniversalString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  629. namedtype.NamedType('utf8String',
  630. char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym))),
  631. namedtype.NamedType('bmpString',
  632. char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, ub_pseudonym)))
  633. )
  634. teletex_organization_name = univ.Integer(3)
  635. teletex_domain_defined_attributes = univ.Integer(6)
  636. street_address = univ.Integer(17)
  637. id_kp_OCSPSigning = _OID(id_kp, 9)
  638. id_ce = _OID(2, 5, 29)
  639. id_ce_certificatePolicies = _OID(id_ce, 32)
  640. class EDIPartyName(univ.Sequence):
  641. pass
  642. EDIPartyName.componentType = namedtype.NamedTypes(
  643. namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(
  644. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  645. namedtype.NamedType('partyName',
  646. DirectoryString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  647. )
  648. class AnotherName(univ.Sequence):
  649. pass
  650. AnotherName.componentType = namedtype.NamedTypes(
  651. namedtype.NamedType('type-id', univ.ObjectIdentifier()),
  652. namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
  653. )
  654. class GeneralName(univ.Choice):
  655. pass
  656. GeneralName.componentType = namedtype.NamedTypes(
  657. namedtype.NamedType('otherName',
  658. AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  659. namedtype.NamedType('rfc822Name',
  660. char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  661. namedtype.NamedType('dNSName',
  662. char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
  663. namedtype.NamedType('x400Address',
  664. ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  665. namedtype.NamedType('directoryName',
  666. Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
  667. namedtype.NamedType('ediPartyName',
  668. EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
  669. namedtype.NamedType('uniformResourceIdentifier',
  670. char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
  671. namedtype.NamedType('iPAddress',
  672. univ.OctetString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
  673. namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(
  674. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)))
  675. )
  676. class GeneralNames(univ.SequenceOf):
  677. pass
  678. GeneralNames.componentType = GeneralName()
  679. GeneralNames.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  680. class IssuerAltName(GeneralNames):
  681. pass
  682. id_ce_cRLDistributionPoints = _OID(id_ce, 31)
  683. class CertPolicyId(univ.ObjectIdentifier):
  684. pass
  685. class PolicyMappings(univ.SequenceOf):
  686. pass
  687. PolicyMappings.componentType = univ.Sequence(componentType=namedtype.NamedTypes(
  688. namedtype.NamedType('issuerDomainPolicy', CertPolicyId()),
  689. namedtype.NamedType('subjectDomainPolicy', CertPolicyId())
  690. ))
  691. PolicyMappings.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  692. class PolicyQualifierId(univ.ObjectIdentifier):
  693. pass
  694. holdInstruction = _OID(2, 2, 840, 10040, 2)
  695. id_ce_subjectDirectoryAttributes = _OID(id_ce, 9)
  696. id_holdinstruction_callissuer = _OID(holdInstruction, 2)
  697. class SubjectDirectoryAttributes(univ.SequenceOf):
  698. pass
  699. SubjectDirectoryAttributes.componentType = Attribute()
  700. SubjectDirectoryAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  701. anyPolicy = _OID(id_ce_certificatePolicies, 0)
  702. id_ce_subjectAltName = _OID(id_ce, 17)
  703. id_kp_emailProtection = _OID(id_kp, 4)
  704. class ReasonFlags(univ.BitString):
  705. pass
  706. ReasonFlags.namedValues = namedval.NamedValues(
  707. ('unused', 0),
  708. ('keyCompromise', 1),
  709. ('cACompromise', 2),
  710. ('affiliationChanged', 3),
  711. ('superseded', 4),
  712. ('cessationOfOperation', 5),
  713. ('certificateHold', 6),
  714. ('privilegeWithdrawn', 7),
  715. ('aACompromise', 8)
  716. )
  717. class DistributionPointName(univ.Choice):
  718. pass
  719. DistributionPointName.componentType = namedtype.NamedTypes(
  720. namedtype.NamedType('fullName',
  721. GeneralNames().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  722. namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(
  723. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  724. )
  725. class DistributionPoint(univ.Sequence):
  726. pass
  727. DistributionPoint.componentType = namedtype.NamedTypes(
  728. namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
  729. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  730. namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(
  731. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  732. namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(
  733. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
  734. )
  735. id_ce_keyUsage = _OID(id_ce, 15)
  736. class PolicyQualifierInfo(univ.Sequence):
  737. pass
  738. PolicyQualifierInfo.componentType = namedtype.NamedTypes(
  739. namedtype.NamedType('policyQualifierId', PolicyQualifierId()),
  740. namedtype.NamedType('qualifier', univ.Any())
  741. )
  742. class PolicyInformation(univ.Sequence):
  743. pass
  744. PolicyInformation.componentType = namedtype.NamedTypes(
  745. namedtype.NamedType('policyIdentifier', CertPolicyId()),
  746. namedtype.OptionalNamedType('policyQualifiers', univ.SequenceOf(componentType=PolicyQualifierInfo()))
  747. )
  748. class CertificatePolicies(univ.SequenceOf):
  749. pass
  750. CertificatePolicies.componentType = PolicyInformation()
  751. CertificatePolicies.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  752. id_ce_basicConstraints = _OID(id_ce, 19)
  753. class HoldInstructionCode(univ.ObjectIdentifier):
  754. pass
  755. class KeyPurposeId(univ.ObjectIdentifier):
  756. pass
  757. class ExtKeyUsageSyntax(univ.SequenceOf):
  758. pass
  759. ExtKeyUsageSyntax.componentType = KeyPurposeId()
  760. ExtKeyUsageSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  761. class SubjectAltName(GeneralNames):
  762. pass
  763. class BasicConstraints(univ.Sequence):
  764. pass
  765. BasicConstraints.componentType = namedtype.NamedTypes(
  766. namedtype.DefaultedNamedType('cA', univ.Boolean().subtype(value=0)),
  767. namedtype.OptionalNamedType('pathLenConstraint',
  768. univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, MAX)))
  769. )
  770. class SkipCerts(univ.Integer):
  771. pass
  772. SkipCerts.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
  773. class InhibitAnyPolicy(SkipCerts):
  774. pass
  775. class CRLNumber(univ.Integer):
  776. pass
  777. CRLNumber.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
  778. class BaseCRLNumber(CRLNumber):
  779. pass
  780. class KeyIdentifier(univ.OctetString):
  781. pass
  782. class AuthorityKeyIdentifier(univ.Sequence):
  783. pass
  784. AuthorityKeyIdentifier.componentType = namedtype.NamedTypes(
  785. namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(
  786. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  787. namedtype.OptionalNamedType('authorityCertIssuer', GeneralNames().subtype(
  788. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
  789. namedtype.OptionalNamedType('authorityCertSerialNumber', CertificateSerialNumber().subtype(
  790. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
  791. )
  792. id_ce_nameConstraints = _OID(id_ce, 30)
  793. id_kp_serverAuth = _OID(id_kp, 1)
  794. id_ce_freshestCRL = _OID(id_ce, 46)
  795. id_ce_cRLReasons = _OID(id_ce, 21)
  796. class CRLDistributionPoints(univ.SequenceOf):
  797. pass
  798. CRLDistributionPoints.componentType = DistributionPoint()
  799. CRLDistributionPoints.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  800. class FreshestCRL(CRLDistributionPoints):
  801. pass
  802. id_ce_inhibitAnyPolicy = _OID(id_ce, 54)
  803. class CRLReason(univ.Enumerated):
  804. pass
  805. CRLReason.namedValues = namedval.NamedValues(
  806. ('unspecified', 0),
  807. ('keyCompromise', 1),
  808. ('cACompromise', 2),
  809. ('affiliationChanged', 3),
  810. ('superseded', 4),
  811. ('cessationOfOperation', 5),
  812. ('certificateHold', 6),
  813. ('removeFromCRL', 8),
  814. ('privilegeWithdrawn', 9),
  815. ('aACompromise', 10)
  816. )
  817. class BaseDistance(univ.Integer):
  818. pass
  819. BaseDistance.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
  820. class GeneralSubtree(univ.Sequence):
  821. pass
  822. GeneralSubtree.componentType = namedtype.NamedTypes(
  823. namedtype.NamedType('base', GeneralName()),
  824. namedtype.DefaultedNamedType('minimum', BaseDistance().subtype(
  825. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)),
  826. namedtype.OptionalNamedType('maximum', BaseDistance().subtype(
  827. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  828. )
  829. class GeneralSubtrees(univ.SequenceOf):
  830. pass
  831. GeneralSubtrees.componentType = GeneralSubtree()
  832. GeneralSubtrees.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  833. class NameConstraints(univ.Sequence):
  834. pass
  835. NameConstraints.componentType = namedtype.NamedTypes(
  836. namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(
  837. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  838. namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(
  839. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  840. )
  841. id_pe_authorityInfoAccess = _OID(id_pe, 1)
  842. id_pe_subjectInfoAccess = _OID(id_pe, 11)
  843. id_ce_certificateIssuer = _OID(id_ce, 29)
  844. id_ce_invalidityDate = _OID(id_ce, 24)
  845. class DirectoryString(univ.Choice):
  846. pass
  847. DirectoryString.componentType = namedtype.NamedTypes(
  848. namedtype.NamedType('any', univ.Any())
  849. )
  850. id_ce_authorityKeyIdentifier = _OID(id_ce, 35)
  851. class AccessDescription(univ.Sequence):
  852. pass
  853. AccessDescription.componentType = namedtype.NamedTypes(
  854. namedtype.NamedType('accessMethod', univ.ObjectIdentifier()),
  855. namedtype.NamedType('accessLocation', GeneralName())
  856. )
  857. class AuthorityInfoAccessSyntax(univ.SequenceOf):
  858. pass
  859. AuthorityInfoAccessSyntax.componentType = AccessDescription()
  860. AuthorityInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  861. id_ce_issuingDistributionPoint = _OID(id_ce, 28)
  862. class CPSuri(char.IA5String):
  863. pass
  864. class DisplayText(univ.Choice):
  865. pass
  866. DisplayText.componentType = namedtype.NamedTypes(
  867. namedtype.NamedType('ia5String', char.IA5String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
  868. namedtype.NamedType('visibleString',
  869. char.VisibleString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
  870. namedtype.NamedType('bmpString', char.BMPString().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
  871. namedtype.NamedType('utf8String', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, 200)))
  872. )
  873. class NoticeReference(univ.Sequence):
  874. pass
  875. NoticeReference.componentType = namedtype.NamedTypes(
  876. namedtype.NamedType('organization', DisplayText()),
  877. namedtype.NamedType('noticeNumbers', univ.SequenceOf(componentType=univ.Integer()))
  878. )
  879. class UserNotice(univ.Sequence):
  880. pass
  881. UserNotice.componentType = namedtype.NamedTypes(
  882. namedtype.OptionalNamedType('noticeRef', NoticeReference()),
  883. namedtype.OptionalNamedType('explicitText', DisplayText())
  884. )
  885. class PrivateKeyUsagePeriod(univ.Sequence):
  886. pass
  887. PrivateKeyUsagePeriod.componentType = namedtype.NamedTypes(
  888. namedtype.OptionalNamedType('notBefore', useful.GeneralizedTime().subtype(
  889. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  890. namedtype.OptionalNamedType('notAfter', useful.GeneralizedTime().subtype(
  891. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  892. )
  893. id_ce_subjectKeyIdentifier = _OID(id_ce, 14)
  894. class CertificateIssuer(GeneralNames):
  895. pass
  896. class InvalidityDate(useful.GeneralizedTime):
  897. pass
  898. class SubjectInfoAccessSyntax(univ.SequenceOf):
  899. pass
  900. SubjectInfoAccessSyntax.componentType = AccessDescription()
  901. SubjectInfoAccessSyntax.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
  902. class KeyUsage(univ.BitString):
  903. pass
  904. KeyUsage.namedValues = namedval.NamedValues(
  905. ('digitalSignature', 0),
  906. ('nonRepudiation', 1),
  907. ('keyEncipherment', 2),
  908. ('dataEncipherment', 3),
  909. ('keyAgreement', 4),
  910. ('keyCertSign', 5),
  911. ('cRLSign', 6),
  912. ('encipherOnly', 7),
  913. ('decipherOnly', 8)
  914. )
  915. id_ce_extKeyUsage = _OID(id_ce, 37)
  916. anyExtendedKeyUsage = _OID(id_ce_extKeyUsage, 0)
  917. id_ce_privateKeyUsagePeriod = _OID(id_ce, 16)
  918. id_ce_policyMappings = _OID(id_ce, 33)
  919. id_ce_cRLNumber = _OID(id_ce, 20)
  920. id_ce_policyConstraints = _OID(id_ce, 36)
  921. id_holdinstruction_none = _OID(holdInstruction, 1)
  922. id_holdinstruction_reject = _OID(holdInstruction, 3)
  923. id_kp_timeStamping = _OID(id_kp, 8)
  924. class PolicyConstraints(univ.Sequence):
  925. pass
  926. PolicyConstraints.componentType = namedtype.NamedTypes(
  927. namedtype.OptionalNamedType('requireExplicitPolicy',
  928. SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
  929. namedtype.OptionalNamedType('inhibitPolicyMapping',
  930. SkipCerts().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
  931. )
  932. class SubjectKeyIdentifier(KeyIdentifier):
  933. pass
  934. id_kp_clientAuth = _OID(id_kp, 2)
  935. id_ce_deltaCRLIndicator = _OID(id_ce, 27)
  936. id_ce_issuerAltName = _OID(id_ce, 18)
  937. id_kp_codeSigning = _OID(id_kp, 3)
  938. id_ce_holdInstructionCode = _OID(id_ce, 23)
  939. class IssuingDistributionPoint(univ.Sequence):
  940. pass
  941. IssuingDistributionPoint.componentType = namedtype.NamedTypes(
  942. namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
  943. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
  944. namedtype.DefaultedNamedType('onlyContainsUserCerts', univ.Boolean().subtype(
  945. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)).subtype(value=0)),
  946. namedtype.DefaultedNamedType('onlyContainsCACerts', univ.Boolean().subtype(
  947. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)).subtype(value=0)),
  948. namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(
  949. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
  950. namedtype.DefaultedNamedType('indirectCRL', univ.Boolean().subtype(
  951. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)).subtype(value=0)),
  952. namedtype.DefaultedNamedType('onlyContainsAttributeCerts', univ.Boolean().subtype(
  953. implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)).subtype(value=0))
  954. )