pyasn1-alt-modules 0.4.5__py3-none-any.whl

pyasn1_alt_modules/rfc4490.py

@@ -0,0 +1,119 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94, and
+#   GOST R 34.10-2001 Algorithms with the CMS
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc4490.txt
+#
+
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import tag
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc4357
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap')
+
+
+# Imports from RFC 4357
+
+id_CryptoPro_algorithms = rfc4357.id_CryptoPro_algorithms
+
+id_GostR3410_94 = rfc4357.id_GostR3410_94
+
+id_GostR3410_2001 = rfc4357.id_GostR3410_2001
+
+Gost28147_89_ParamSet = rfc4357.Gost28147_89_ParamSet
+
+Gost28147_89_EncryptedKey = rfc4357.Gost28147_89_EncryptedKey
+
+GostR3410_94_PublicKeyParameters = rfc4357.GostR3410_94_PublicKeyParameters
+
+GostR3410_2001_PublicKeyParameters = rfc4357.GostR3410_2001_PublicKeyParameters
+
+
+# Imports from RFC 5280
+
+SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
+
+
+# CMS/PKCS#7 key agreement algorithms & parameters
+
+class Gost28147_89_KeyWrapParameters(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()),
+        namedtype.OptionalNamedType('ukm', univ.OctetString().subtype(
+            subtypeSpec=constraint.ValueSizeConstraint(8, 8)))
+    )
+
+
+id_Gost28147_89_CryptoPro_KeyWrap = id_CryptoPro_algorithms + (13, 1, )
+
+
+id_Gost28147_89_None_KeyWrap = id_CryptoPro_algorithms + (13, 0, )
+
+
+id_GostR3410_2001_CryptoPro_ESDH = id_CryptoPro_algorithms + (96, )
+
+
+id_GostR3410_94_CryptoPro_ESDH = id_CryptoPro_algorithms + (97, )
+
+
+# CMS/PKCS#7 key transport algorithms & parameters
+
+id_GostR3410_2001_KeyTransportSMIMECapability = id_GostR3410_2001
+
+
+id_GostR3410_94_KeyTransportSMIMECapability = id_GostR3410_94
+
+
+class GostR3410_TransportParameters(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('encryptionParamSet', Gost28147_89_ParamSet()),
+        namedtype.OptionalNamedType('ephemeralPublicKey', 
+            SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('ukm', univ.OctetString().subtype(
+            subtypeSpec=constraint.ValueSizeConstraint(8, 8)))
+    )
+
+class GostR3410_KeyTransport(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('sessionEncryptedKey', Gost28147_89_EncryptedKey()),
+        namedtype.OptionalNamedType('transportParameters',
+            GostR3410_TransportParameters().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatConstructed, 0)))
+    )
+
+
+# GOST R 34.10-94 signature algorithm & parameters
+
+class GostR3410_94_Signature(univ.OctetString):
+    subtypeSpec = constraint.ValueSizeConstraint(64, 64)
+
+
+# GOST R 34.10-2001 signature algorithms and parameters
+
+class GostR3410_2001_Signature(univ.OctetString):
+    subtypeSpec = constraint.ValueSizeConstraint(64, 64)
+
+
+# Update the Algorithm Identifier Map and the S/MIME Capability Map
+
+_algorithmIdentifierMapUpdate = {
+    id_Gost28147_89_CryptoPro_KeyWrap: Gost28147_89_KeyWrapParameters(),
+    id_Gost28147_89_None_KeyWrap: Gost28147_89_KeyWrapParameters(),
+}
+
+algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)

pyasn1_alt_modules/rfc4491.py

@@ -0,0 +1,44 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Using the GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94
+#   Algorithms with Certificates and CRLs
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc4491.txt
+#
+
+from pyasn1_alt_modules import rfc4357
+
+
+# Signature Algorithm GOST R 34.10-94
+
+id_GostR3411_94_with_GostR3410_94 = rfc4357.id_GostR3411_94_with_GostR3410_94
+
+
+# Signature Algorithm GOST R 34.10-2001
+
+id_GostR3411_94_with_GostR3410_2001 = rfc4357.id_GostR3411_94_with_GostR3410_2001
+
+
+# GOST R 34.10-94 Keys
+
+id_GostR3410_94 = rfc4357.id_GostR3410_94
+
+GostR3410_2001_PublicKey = rfc4357.GostR3410_2001_PublicKey
+
+GostR3410_2001_PublicKeyParameters = rfc4357.GostR3410_2001_PublicKeyParameters
+
+
+# GOST R 34.10-2001 Keys
+
+id_GostR3410_2001 = rfc4357.id_GostR3410_2001
+
+GostR3410_94_PublicKey = rfc4357.GostR3410_94_PublicKey
+
+GostR3410_94_PublicKeyParameters = rfc4357.GostR3410_94_PublicKeyParameters

pyasn1_alt_modules/rfc4683.py

@@ -0,0 +1,76 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Subject Identification Method (SIM)
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc4683.txt
+# https://www.rfc-editor.org/errata/eid1047
+#
+
+from pyasn1.type import char
+from pyasn1.type import namedtype
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+otherNamesMap = opentypemap.get('otherNamesMap')
+
+
+# Used to compute the PEPSI value
+
+class HashContent(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('userPassword', char.UTF8String()),
+        namedtype.NamedType('authorityRandom', univ.OctetString()),
+        namedtype.NamedType('identifierType', univ.ObjectIdentifier()),
+        namedtype.NamedType('identifier', char.UTF8String())
+    )
+
+
+# Used to encode the PEPSI value as the SIM Other Name
+
+id_pkix = rfc5280.id_pkix
+
+id_on = id_pkix + (8,)
+
+id_on_SIM = id_on + (6,)
+
+
+class SIM(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('hashAlg', rfc5280.AlgorithmIdentifier()),
+        namedtype.NamedType('authorityRandom', univ.OctetString()),
+        namedtype.NamedType('pEPSI', univ.OctetString())
+    )
+
+
+# Used to encrypt the PEPSI value during certificate request
+
+id_pkip = id_pkix + (5,)
+
+id_regEPEPSI = id_pkip + (3,)
+
+
+class EncryptedPEPSI(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('identifierType', univ.ObjectIdentifier()),
+        namedtype.NamedType('identifier', char.UTF8String()),
+        namedtype.NamedType('sIM', SIM())
+    )
+
+
+# Update the Other Names Map
+
+_otherNamesMapUpdate = {
+    id_on_SIM: SIM(),
+}
+
+otherNamesMap.update(_otherNamesMapUpdate)

pyasn1_alt_modules/rfc4985.py

@@ -0,0 +1,52 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Expression of Service Names in X.509 Certificates
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc4985.txt
+#
+
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+otherNamesMap = opentypemap.get('otherNamesMap')
+
+MAX = float('inf')
+
+
+# As specified in Appendix A.2 of RFC 4985
+
+id_pkix = rfc5280.id_pkix
+
+id_on = id_pkix + (8, )
+
+id_on_dnsSRV = id_on + (7, )
+
+
+class SRVName(char.IA5String):
+    subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+srvName = rfc5280.AnotherName()
+srvName['type-id'] = id_on_dnsSRV
+srvName['value'] = SRVName()
+
+
+# Update the Other Names Map
+
+_otherNamesMapUpdate = {
+    id_on_dnsSRV: SRVName(),
+}
+
+otherNamesMap.update(_otherNamesMapUpdate)

pyasn1_alt_modules/rfc4998.py

@@ -0,0 +1,125 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with some help from asn1ate v.0.6.0
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Evidence Record Syntax (ERS)
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc4998.txt
+#
+
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import opentype
+from pyasn1.type import tag
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import rfc5652
+from pyasn1_alt_modules import opentypemap
+
+cmsAttributesMap = opentypemap.get('cmsAttributesMap')
+
+ersEncryptionInfoValuesMap = opentypemap.get('ersEncryptionInfoValuesMap')
+
+MAX = float('inf')
+
+
+# Imports from RFC 5280 and RFC 5652
+
+AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
+
+Attribute = rfc5652.Attribute
+
+ContentType = rfc5652.ContentType
+
+ContentInfo = rfc5652.ContentInfo
+
+
+# Evidence Record Syntax
+
+class PartialHashtree(univ.SequenceOf):
+    componentType = univ.OctetString()
+
+
+class Attributes(univ.SetOf):
+    componentType = Attribute()
+    subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+class ArchiveTimeStamp(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('digestAlgorithm',
+            AlgorithmIdentifier().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.OptionalNamedType('attributes',
+            Attributes().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.OptionalNamedType('reducedHashtree',
+            univ.SequenceOf(componentType=PartialHashtree()).subtype(
+                implicitTag=tag.Tag(tag.tagClassContext,
+                    tag.tagFormatSimple, 2))),
+        namedtype.NamedType('timeStamp', ContentInfo())
+    )
+
+
+class ArchiveTimeStampChain(univ.SequenceOf):
+    componentType = ArchiveTimeStamp()
+
+
+class ArchiveTimeStampSequence(univ.SequenceOf):
+    componentType = ArchiveTimeStampChain()
+
+
+class CryptoInfos(univ.SequenceOf):
+    componentType = Attribute()
+    subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+class EncryptionInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('encryptionInfoType', univ.ObjectIdentifier()),
+        namedtype.NamedType('encryptionInfoValue', univ.Any(),
+            openType=opentype.OpenType('encryptionInfoType',
+                ersEncryptionInfoValuesMap))
+    )
+
+
+class EvidenceRecord(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('version',
+            univ.Integer(namedValues=namedval.NamedValues(('v1', 1)))),
+        namedtype.NamedType('digestAlgorithms',
+            univ.SequenceOf(componentType=AlgorithmIdentifier())),
+        namedtype.OptionalNamedType('cryptoInfos',
+            CryptoInfos().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.OptionalNamedType('encryptionInfo',
+            EncryptionInfo().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatConstructed, 1))),
+        namedtype.NamedType('archiveTimeStampSequence',
+            ArchiveTimeStampSequence())
+    )
+
+
+ltans = univ.ObjectIdentifier('1.3.6.1.5.5.11')
+
+id_aa_er_internal = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.49')
+
+id_aa_er_internal = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.50')
+
+
+# Update the CMS Attribute Map
+
+_cmsAttributesMapUpdate = {
+    id_aa_er_internal: EvidenceRecord(),
+    id_aa_er_internal: EvidenceRecord(),
+}
+
+cmsAttributesMap.update(_cmsAttributesMapUpdate)

pyasn1_alt_modules/rfc5035.py

@@ -0,0 +1,206 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+# Modified by Russ Housley to add a map for use with opentypes.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Update to Enhanced Security Services for S/MIME
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc5035.txt
+#
+
+from pyasn1.codec.der.encoder import encode as der_encode
+
+from pyasn1.type import namedtype
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc2634
+from pyasn1_alt_modules import rfc4055
+from pyasn1_alt_modules import rfc5652
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+cmsAttributesMap = opentypemap.get('cmsAttributesMap')
+
+cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
+
+
+# Imports from RFC 5280 and RFC 5652
+
+ContentType = rfc5652.ContentType
+
+IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
+
+SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier
+
+AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
+
+PolicyInformation = rfc5280.PolicyInformation
+
+GeneralNames = rfc5280.GeneralNames
+
+CertificateSerialNumber = rfc5280.CertificateSerialNumber
+
+
+# Signing Certificate Attribute V1 and V2
+
+id_aa_signingCertificate = rfc2634.id_aa_signingCertificate
+
+id_aa_signingCertificateV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.47')
+
+Hash = rfc2634.Hash
+
+IssuerSerial = rfc2634.IssuerSerial
+
+ESSCertID = rfc2634.ESSCertID
+
+SigningCertificate = rfc2634.SigningCertificate
+
+
+sha256AlgId = AlgorithmIdentifier()
+sha256AlgId['algorithm'] = rfc4055.id_sha256
+# A non-schema object for sha256AlgId['parameters'] as absent
+sha256AlgId['parameters'] = der_encode(univ.OctetString(''))
+
+
+class ESSCertIDv2(univ.Sequence):
+    pass
+
+ESSCertIDv2.componentType = namedtype.NamedTypes(
+    namedtype.DefaultedNamedType('hashAlgorithm', sha256AlgId),
+    namedtype.NamedType('certHash', Hash()),
+    namedtype.OptionalNamedType('issuerSerial', IssuerSerial())
+)
+
+
+class SigningCertificateV2(univ.Sequence):
+    pass
+
+SigningCertificateV2.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('certs', univ.SequenceOf(
+        componentType=ESSCertIDv2())),
+    namedtype.OptionalNamedType('policies', univ.SequenceOf(
+        componentType=PolicyInformation()))
+)
+
+
+# Mail List Expansion History Attribute
+
+id_aa_mlExpandHistory = rfc2634.id_aa_mlExpandHistory
+
+ub_ml_expansion_history = rfc2634.ub_ml_expansion_history
+
+EntityIdentifier = rfc2634.EntityIdentifier
+
+MLReceiptPolicy = rfc2634.MLReceiptPolicy
+
+MLData = rfc2634.MLData
+
+MLExpansionHistory = rfc2634.MLExpansionHistory
+
+
+# ESS Security Label Attribute
+
+id_aa_securityLabel = rfc2634.id_aa_securityLabel
+
+ub_privacy_mark_length = rfc2634.ub_privacy_mark_length
+
+ub_security_categories = rfc2634.ub_security_categories
+
+ub_integer_options = rfc2634.ub_integer_options
+
+ESSPrivacyMark = rfc2634.ESSPrivacyMark
+
+SecurityClassification = rfc2634.SecurityClassification
+
+SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier
+
+SecurityCategory = rfc2634.SecurityCategory
+
+SecurityCategories = rfc2634.SecurityCategories
+
+ESSSecurityLabel = rfc2634.ESSSecurityLabel
+
+
+# Equivalent Labels Attribute
+
+id_aa_equivalentLabels = rfc2634.id_aa_equivalentLabels
+
+EquivalentLabels = rfc2634.EquivalentLabels
+
+
+# Content Identifier Attribute
+
+id_aa_contentIdentifier = rfc2634.id_aa_contentIdentifier
+
+ContentIdentifier = rfc2634.ContentIdentifier
+
+
+# Content Reference Attribute
+
+id_aa_contentReference = rfc2634.id_aa_contentReference
+
+ContentReference = rfc2634.ContentReference
+
+
+# Message Signature Digest Attribute
+
+id_aa_msgSigDigest = rfc2634.id_aa_msgSigDigest
+
+MsgSigDigest = rfc2634.MsgSigDigest
+
+
+# Content Hints Attribute
+
+id_aa_contentHint = rfc2634.id_aa_contentHint
+
+ContentHints = rfc2634.ContentHints
+
+
+# Receipt Request Attribute
+
+AllOrFirstTier = rfc2634.AllOrFirstTier
+
+ReceiptsFrom = rfc2634.ReceiptsFrom
+
+id_aa_receiptRequest = rfc2634.id_aa_receiptRequest
+
+ub_receiptsTo = rfc2634.ub_receiptsTo
+
+ReceiptRequest = rfc2634.ReceiptRequest
+
+
+# Receipt Content Type
+
+ESSVersion = rfc2634.ESSVersion
+
+id_ct_receipt = rfc2634.id_ct_receipt
+
+Receipt = rfc2634.Receipt
+
+ub_receiptsTo = rfc2634.ub_receiptsTo
+
+ReceiptRequest = rfc2634.ReceiptRequest
+
+
+# Update the CMS Attributes Map
+
+_cmsAttributesMapUpdate = {
+    id_aa_signingCertificateV2: SigningCertificateV2(),
+}
+
+cmsAttributesMap.update(_cmsAttributesMapUpdate)
+
+
+# Update the CMS Content Types Map
+
+_cmsContentTypesMapUpdate = {
+    id_ct_receipt: Receipt(),
+}
+
+cmsContentTypesMap.update(_cmsContentTypesMapUpdate)