summaryrefslogtreecommitdiffstats
path: root/third_party/python/pyasn1_modules/pyasn1_modules/rfc6031.py
diff options
context:
space:
mode:
Diffstat (limited to 'third_party/python/pyasn1_modules/pyasn1_modules/rfc6031.py')
-rw-r--r--third_party/python/pyasn1_modules/pyasn1_modules/rfc6031.py469
1 files changed, 469 insertions, 0 deletions
diff --git a/third_party/python/pyasn1_modules/pyasn1_modules/rfc6031.py b/third_party/python/pyasn1_modules/pyasn1_modules/rfc6031.py
new file mode 100644
index 0000000000..6e1bb2261d
--- /dev/null
+++ b/third_party/python/pyasn1_modules/pyasn1_modules/rfc6031.py
@@ -0,0 +1,469 @@
+#
+# This file is part of pyasn1-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+#
+# Copyright (c) 2019, Vigil Security, LLC
+# License: http://snmplabs.com/pyasn1/license.html
+#
+# CMS Symmetric Key Package Content Type
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc6031.txt
+#
+
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import opentype
+from pyasn1.type import tag
+from pyasn1.type import univ
+from pyasn1.type import useful
+
+from pyasn1_modules import rfc5652
+from pyasn1_modules import rfc6019
+
+
+def _OID(*components):
+ output = []
+ for x in tuple(components):
+ if isinstance(x, univ.ObjectIdentifier):
+ output.extend(list(x))
+ else:
+ output.append(int(x))
+ return univ.ObjectIdentifier(output)
+
+
+MAX = float('inf')
+
+id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12')
+
+
+# Symmetric Key Package Attributes
+
+id_pskc_manufacturer = _OID(id_pskc, 1)
+
+class at_pskc_manufacturer(char.UTF8String):
+ pass
+
+
+id_pskc_serialNo = _OID(id_pskc, 2)
+
+class at_pskc_serialNo(char.UTF8String):
+ pass
+
+
+id_pskc_model = _OID(id_pskc, 3)
+
+class at_pskc_model(char.UTF8String):
+ pass
+
+
+id_pskc_issueNo = _OID(id_pskc, 4)
+
+class at_pskc_issueNo(char.UTF8String):
+ pass
+
+
+id_pskc_deviceBinding = _OID(id_pskc, 5)
+
+class at_pskc_deviceBinding(char.UTF8String):
+ pass
+
+
+id_pskc_deviceStartDate = _OID(id_pskc, 6)
+
+class at_pskc_deviceStartDate(useful.GeneralizedTime):
+ pass
+
+
+id_pskc_deviceExpiryDate = _OID(id_pskc, 7)
+
+class at_pskc_deviceExpiryDate(useful.GeneralizedTime):
+ pass
+
+
+id_pskc_moduleId = _OID(id_pskc, 8)
+
+class at_pskc_moduleId(char.UTF8String):
+ pass
+
+
+id_pskc_deviceUserId = _OID(id_pskc, 26)
+
+class at_pskc_deviceUserId(char.UTF8String):
+ pass
+
+
+# Symmetric Key Attributes
+
+id_pskc_keyId = _OID(id_pskc, 9)
+
+class at_pskc_keyUserId(char.UTF8String):
+ pass
+
+
+id_pskc_algorithm = _OID(id_pskc, 10)
+
+class at_pskc_algorithm(char.UTF8String):
+ pass
+
+
+id_pskc_issuer = _OID(id_pskc, 11)
+
+class at_pskc_issuer(char.UTF8String):
+ pass
+
+
+id_pskc_keyProfileId = _OID(id_pskc, 12)
+
+class at_pskc_keyProfileId(char.UTF8String):
+ pass
+
+
+id_pskc_keyReference = _OID(id_pskc, 13)
+
+class at_pskc_keyReference(char.UTF8String):
+ pass
+
+
+id_pskc_friendlyName = _OID(id_pskc, 14)
+
+class FriendlyName(univ.Sequence):
+ pass
+
+FriendlyName.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('friendlyName', char.UTF8String()),
+ namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String())
+)
+
+class at_pskc_friendlyName(FriendlyName):
+ pass
+
+
+id_pskc_algorithmParameters = _OID(id_pskc, 15)
+
+class Encoding(char.UTF8String):
+ pass
+
+Encoding.namedValues = namedval.NamedValues(
+ ('dec', "DECIMAL"),
+ ('hex', "HEXADECIMAL"),
+ ('alpha', "ALPHANUMERIC"),
+ ('b64', "BASE64"),
+ ('bin', "BINARY")
+)
+
+Encoding.subtypeSpec = constraint.SingleValueConstraint(
+ "DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" )
+
+class ChallengeFormat(univ.Sequence):
+ pass
+
+ChallengeFormat.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('encoding', Encoding()),
+ namedtype.DefaultedNamedType('checkDigit',
+ univ.Boolean().subtype(value=0)),
+ namedtype.NamedType('min', univ.Integer().subtype(
+ subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
+ namedtype.NamedType('max', univ.Integer().subtype(
+ subtypeSpec=constraint.ValueRangeConstraint(0, MAX)))
+)
+
+class ResponseFormat(univ.Sequence):
+ pass
+
+ResponseFormat.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('encoding', Encoding()),
+ namedtype.NamedType('length', univ.Integer().subtype(
+ subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
+ namedtype.DefaultedNamedType('checkDigit',
+ univ.Boolean().subtype(value=0))
+)
+
+class PSKCAlgorithmParameters(univ.Choice):
+ pass
+
+PSKCAlgorithmParameters.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('suite', char.UTF8String()),
+ namedtype.NamedType('challengeFormat', ChallengeFormat().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('responseFormat', ResponseFormat().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+)
+
+class at_pskc_algorithmParameters(PSKCAlgorithmParameters):
+ pass
+
+
+id_pskc_counter = _OID(id_pskc, 16)
+
+class at_pskc_counter(univ.Integer):
+ pass
+
+at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
+
+
+id_pskc_time = _OID(id_pskc, 17)
+
+class at_pskc_time(rfc6019.BinaryTime):
+ pass
+
+
+id_pskc_timeInterval = _OID(id_pskc, 18)
+
+class at_pskc_timeInterval(univ.Integer):
+ pass
+
+at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
+
+
+id_pskc_timeDrift = _OID(id_pskc, 19)
+
+class at_pskc_timeDrift(univ.Integer):
+ pass
+
+at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
+
+
+id_pskc_valueMAC = _OID(id_pskc, 20)
+
+class ValueMac(univ.Sequence):
+ pass
+
+ValueMac.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('macAlgorithm', char.UTF8String()),
+ namedtype.NamedType('mac', char.UTF8String())
+)
+
+class at_pskc_valueMAC(ValueMac):
+ pass
+
+
+id_pskc_keyUserId = _OID(id_pskc, 27)
+
+class at_pskc_keyId(char.UTF8String):
+ pass
+
+
+id_pskc_keyStartDate = _OID(id_pskc, 21)
+
+class at_pskc_keyStartDate(useful.GeneralizedTime):
+ pass
+
+
+id_pskc_keyExpiryDate = _OID(id_pskc, 22)
+
+class at_pskc_keyExpiryDate(useful.GeneralizedTime):
+ pass
+
+
+id_pskc_numberOfTransactions = _OID(id_pskc, 23)
+
+class at_pskc_numberOfTransactions(univ.Integer):
+ pass
+
+at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
+
+
+id_pskc_keyUsages = _OID(id_pskc, 24)
+
+class PSKCKeyUsage(char.UTF8String):
+ pass
+
+PSKCKeyUsage.namedValues = namedval.NamedValues(
+ ('otp', "OTP"),
+ ('cr', "CR"),
+ ('encrypt', "Encrypt"),
+ ('integrity', "Integrity"),
+ ('verify', "Verify"),
+ ('unlock', "Unlock"),
+ ('decrypt', "Decrypt"),
+ ('keywrap', "KeyWrap"),
+ ('unwrap', "Unwrap"),
+ ('derive', "Derive"),
+ ('generate', "Generate")
+)
+
+PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint(
+ "OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock",
+ "Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" )
+
+class PSKCKeyUsages(univ.SequenceOf):
+ pass
+
+PSKCKeyUsages.componentType = PSKCKeyUsage()
+
+class at_pskc_keyUsage(PSKCKeyUsages):
+ pass
+
+
+id_pskc_pinPolicy = _OID(id_pskc, 25)
+
+class PINUsageMode(char.UTF8String):
+ pass
+
+PINUsageMode.namedValues = namedval.NamedValues(
+ ("local", "Local"),
+ ("prepend", "Prepend"),
+ ("append", "Append"),
+ ("algorithmic", "Algorithmic")
+)
+
+PINUsageMode.subtypeSpec = constraint.SingleValueConstraint(
+ "Local", "Prepend", "Append", "Algorithmic" )
+
+class PINPolicy(univ.Sequence):
+ pass
+
+PINPolicy.componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('pinUsageMode', PINUsageMode().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype(
+ subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.OptionalNamedType('minLength', univ.Integer().subtype(
+ subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+ namedtype.OptionalNamedType('maxLength', univ.Integer().subtype(
+ subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
+ namedtype.OptionalNamedType('pinEncoding', Encoding().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)))
+)
+
+class at_pskc_pinPolicy(PINPolicy):
+ pass
+
+
+# Map of Symmetric Key Package Attribute OIDs to Attributes
+
+sKeyPkgAttributesMap = {
+ id_pskc_manufacturer: at_pskc_manufacturer(),
+ id_pskc_serialNo: at_pskc_serialNo(),
+ id_pskc_model: at_pskc_model(),
+ id_pskc_issueNo: at_pskc_issueNo(),
+ id_pskc_deviceBinding: at_pskc_deviceBinding(),
+ id_pskc_deviceStartDate: at_pskc_deviceStartDate(),
+ id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(),
+ id_pskc_moduleId: at_pskc_moduleId(),
+ id_pskc_deviceUserId: at_pskc_deviceUserId(),
+}
+
+
+# Map of Symmetric Key Attribute OIDs to Attributes
+
+sKeyAttributesMap = {
+ id_pskc_keyId: at_pskc_keyId(),
+ id_pskc_algorithm: at_pskc_algorithm(),
+ id_pskc_issuer: at_pskc_issuer(),
+ id_pskc_keyProfileId: at_pskc_keyProfileId(),
+ id_pskc_keyReference: at_pskc_keyReference(),
+ id_pskc_friendlyName: at_pskc_friendlyName(),
+ id_pskc_algorithmParameters: at_pskc_algorithmParameters(),
+ id_pskc_counter: at_pskc_counter(),
+ id_pskc_time: at_pskc_time(),
+ id_pskc_timeInterval: at_pskc_timeInterval(),
+ id_pskc_timeDrift: at_pskc_timeDrift(),
+ id_pskc_valueMAC: at_pskc_valueMAC(),
+ id_pskc_keyUserId: at_pskc_keyUserId(),
+ id_pskc_keyStartDate: at_pskc_keyStartDate(),
+ id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(),
+ id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(),
+ id_pskc_keyUsages: at_pskc_keyUsage(),
+ id_pskc_pinPolicy: at_pskc_pinPolicy(),
+}
+
+
+# This definition replaces Attribute() from rfc5652.py; it is the same except
+# that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap
+
+class AttributeType(univ.ObjectIdentifier):
+ pass
+
+
+class AttributeValue(univ.Any):
+ pass
+
+
+class SKeyAttribute(univ.Sequence):
+ pass
+
+SKeyAttribute.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('attrType', AttributeType()),
+ namedtype.NamedType('attrValues',
+ univ.SetOf(componentType=AttributeValue()),
+ openType=opentype.OpenType('attrType', sKeyAttributesMap)
+ )
+)
+
+
+class SKeyPkgAttribute(univ.Sequence):
+ pass
+
+SKeyPkgAttribute.componentType = namedtype.NamedTypes(
+ namedtype.NamedType('attrType', AttributeType()),
+ namedtype.NamedType('attrValues',
+ univ.SetOf(componentType=AttributeValue()),
+ openType=opentype.OpenType('attrType', sKeyPkgAttributesMap)
+ )
+)
+
+
+# Symmetric Key Package Content Type
+
+id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25')
+
+
+class KeyPkgVersion(univ.Integer):
+ pass
+
+KeyPkgVersion.namedValues = namedval.NamedValues(
+ ('v1', 1)
+)
+
+
+class OneSymmetricKey(univ.Sequence):
+ pass
+
+OneSymmetricKey.componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('sKeyAttrs',
+ univ.SequenceOf(componentType=SKeyAttribute()).subtype(
+ subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
+ namedtype.OptionalNamedType('sKey', univ.OctetString())
+)
+
+OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2)
+
+
+class SymmetricKeys(univ.SequenceOf):
+ pass
+
+SymmetricKeys.componentType = OneSymmetricKey()
+SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
+
+
+class SymmetricKeyPackage(univ.Sequence):
+ pass
+
+SymmetricKeyPackage.componentType = namedtype.NamedTypes(
+ namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')),
+ namedtype.OptionalNamedType('sKeyPkgAttrs',
+ univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype(
+ subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('sKeys', SymmetricKeys())
+)
+
+
+# Map of Content Type OIDs to Content Types are
+# added to the ones that are in rfc5652.py
+
+_cmsContentTypesMapUpdate = {
+ id_ct_KP_sKeyPackage: SymmetricKeyPackage(),
+}
+
+rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-23 22:46:23 +0000