pyasn1-alt-modules 0.4.5__py3-none-any.whl

pyasn1_alt_modules/rfc8995.py

@@ -0,0 +1,39 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# BRSKI MASA Certificate Extension
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc8995.txt
+#
+
+from pyasn1.type import char
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import opentypemap
+
+certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
+
+
+id_pe = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 1))
+
+id_pe_masa_url = id_pe + (32,)
+
+
+class MASAURLSyntax(char.IA5String):
+    pass
+
+
+# Update the Certificate Extensions Map
+
+_certificateExtensionsMapUpdate = {
+    id_pe_masa_url: MASAURLSyntax(),	
+}
+
+certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

pyasn1_alt_modules/rfc9044.py

@@ -0,0 +1,80 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Algorithm Identifiers for AES-GMAC
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9044.txt
+#
+
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap')
+
+smimeCapabilityMap = opentypemap.get('smimeCapabilityMap')
+
+# Object Identifiers
+
+aes = univ.ObjectIdentifier((2, 16, 840, 1, 101, 3, 4, 1))
+
+id_aes128_GMAC = aes + (9, )
+    
+id_aes192_GMAC = aes + (29, )
+
+id_aes256_GMAC = aes + (49, )
+
+
+# GMAC Parameters
+
+class MACLength(univ.Integer):
+    subtypeSpec = constraint.ValueRangeConstraint(12, 16)
+
+class GCMParameters(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('nonce', univ.OctetString()),
+        # The nonce may have any number of bits between 8 and 2^64,
+        # but it MUST be a multiple of 8 bits. Within the scope of any
+        # content-authenticated-encryption key, the nonce value MUST be
+        # unique.  A nonce value of 12 octets can be processed more
+        # efficiently, so that length is RECOMMENDED.
+        namedtype.DefaultedNamedType('length', MACLength().subtype(value=12))
+    )
+
+
+# GMAC Algorithm Identifiers
+
+maca_aes128_GMAC = rfc5280.AlgorithmIdentifier()
+maca_aes128_GMAC['algorithm'] = id_aes128_GMAC
+# maca_aes128_GMAC['parameters'] are absent
+
+maca_aes192_GMAC = rfc5280.AlgorithmIdentifier()
+maca_aes192_GMAC['algorithm'] = id_aes192_GMAC
+# maca_aes192_GMAC['parameters'] are absent
+
+maca_aes256_GMAC = rfc5280.AlgorithmIdentifier()
+maca_aes256_GMAC['algorithm'] = id_aes256_GMAC
+# maca_aes256_GMAC['parameters'] are absent
+
+
+# Update the Algorithm Identifiers Map and the SMIMECapability Map
+
+_algorithmIdentifierMapUpdate = {
+    id_aes128_GMAC: GCMParameters(),
+    id_aes192_GMAC: GCMParameters(),
+    id_aes256_GMAC: GCMParameters(),
+}
+
+algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
+
+smimeCapabilityMap.update(_algorithmIdentifierMapUpdate)

pyasn1_alt_modules/rfc9092.py

@@ -0,0 +1,35 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Digital Signatures on geofeed data
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9092.txt
+#
+
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import opentypemap
+
+cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
+
+
+# CMS Content Type for Geofeed CSV with CRLF
+
+id_ct = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1')
+
+id_ct_geofeedCSVwithCRLF = id_ct + (47, )
+
+
+# Update the CMS Content Type Map
+
+_cmsContentTypesMapUpdate = {
+    id_ct_geofeedCSVwithCRLF: univ.OctetString(),
+}
+
+cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

pyasn1_alt_modules/rfc9118.py

@@ -0,0 +1,82 @@
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Enhanced JWT Claim Constraints certificate extensions
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9118.txt
+
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import tag
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import opentypemap
+
+certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
+
+MAX = float('inf')
+
+
+# EnhancedJWTClaimConstraints Certificate Extension
+
+id_pe_eJWTClaimConstraints = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.33')
+
+
+class JWTClaimName(char.IA5String):
+    pass
+
+
+class JWTClaimNames(univ.SequenceOf):
+    componentType = JWTClaimName()
+    subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+class JWTClaimValues(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('claim', JWTClaimName()),
+        namedtype.NamedType('values', univ.SequenceOf(
+            componentType=char.UTF8String()).subtype(
+                sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
+    )
+
+
+class JWTClaimValuesList(univ.SequenceOf):
+    componentType = JWTClaimValues()
+    subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
+
+
+class EnhancedJWTClaimConstraints(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('mustInclude',
+            JWTClaimNames().subtype(explicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.OptionalNamedType('permittedValues',
+            JWTClaimValuesList().subtype(explicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.OptionalNamedType('mustExclude',
+            JWTClaimNames().subtype(explicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )
+    subtypeSpec = constraint.ConstraintsUnion(
+        constraint.WithComponentsConstraint(
+            ('mustInclude', constraint.ComponentPresentConstraint())),
+        constraint.WithComponentsConstraint(
+            ('permittedValues', constraint.ComponentPresentConstraint())),
+        constraint.WithComponentsConstraint(
+            ('mustExclude', constraint.ComponentPresentConstraint()))
+    )
+
+
+# Update the Certificate Extension Map
+
+_certificateExtensionsMapUpdate = {
+    id_pe_eJWTClaimConstraints: EnhancedJWTClaimConstraints(),
+}
+
+certificateExtensionsMap.update(_certificateExtensionsMapUpdate)

pyasn1_alt_modules/rfc9174.py

@@ -0,0 +1,55 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Delay-Tolerant Networking TCP Convergence Layer Version 4
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9174.txt
+#
+
+from pyasn1.type import char
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+otherNamesMap = opentypemap.get('otherNamesMap')
+ 
+id_pkix = rfc5280.id_pkix
+
+id_kp = id_pkix + (3, )
+
+id_on = id_pkix + (8, )
+
+
+# DTN Bundle EID
+
+id_on_bundleEID = id_on + (11, )
+   
+
+class BundleEID(char.IA5String):
+    pass
+
+
+on_BundleEID = rfc5280.AnotherName()
+on_BundleEID['type-id'] = id_on_bundleEID
+on_BundleEID['value'] = BundleEID()
+
+
+# Extended Key Usage for bundle security
+
+id_kp_bundleSecurity = id_kp + (35, )
+
+
+# Update the Other Names Map
+
+_otherNamesMapUpdate = {
+    id_on_bundleEID: BundleEID(),
+}
+
+otherNamesMap.update(_otherNamesMapUpdate)

pyasn1_alt_modules/rfc9189.py

@@ -0,0 +1,74 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2022-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# GOST Cipher Suites for TLS 1.2
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9189.txt
+#
+
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import tag
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import rfc4357
+
+
+#-- IMPORTS from RFC 9189
+
+AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
+
+SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
+
+
+#-- IMPORTS from RFC 4357
+
+Gost28147_89_Key = rfc4357.Gost28147_89_Key
+
+Gost28147_89_MAC = rfc4357.Gost28147_89_MAC
+
+Gost28147_89_EncryptedKey = rfc4357.Gost28147_89_EncryptedKey
+
+
+#-- RFC 9189 -- Section 4.2.4.1 --
+
+class GostKeyTransport(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('keyExp', univ.OctetString()),
+        namedtype.NamedType('ephemeralPublicKey', SubjectPublicKeyInfo()),
+        namedtype.OptionalNamedType('ukm', univ.OctetString())
+    )
+
+
+#-- RFC 9189 -- Section 4.2.4.2 --
+
+class GostR3410_TransportParameters(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('encryptionParamSet', univ.ObjectIdentifier()),
+        namedtype.OptionalNamedType('ephemeralPublicKey',
+            SubjectPublicKeyInfo().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.NamedType('ukm', univ.OctetString())
+    )
+
+
+class GostR3410_KeyTransport(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('sessionEncryptedKey', Gost28147_89_EncryptedKey()),
+        namedtype.OptionalNamedType('transportParameters',
+            GostR3410_TransportParameters().subtype(implicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatConstructed, 0)))
+    )
+
+
+class TLSGostKeyTransportBlob(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('keyBlob', GostR3410_KeyTransport())
+    )

pyasn1_alt_modules/rfc9215.py

@@ -0,0 +1,228 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+# Modified by Russ Housley to add synonyms with two digit years for
+#   some of the OIDs to align with the ASN.1 module in RFC 9215.
+#
+# Copyright (c) 2022-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# GOST R 34.10-2012 and GOST R 34.11-2012 Algorithms
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9215.txt
+#
+
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import opentypemap
+
+algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap')
+
+certificateAttributesMap = opentypemap.get('certificateAttributesMap')
+
+certificateExtensionsMap = opentypemap.get('certificateExtensionsMap')
+
+
+# MODULE: GostR3410-2012-PKISyntax { 1 2 643 7 1 0 2 }
+
+id_tc26 = univ.ObjectIdentifier((1, 2, 643, 7, 1))
+
+id_tc26_sign = id_tc26 + (1, 1)
+
+id_tc26_digest = id_tc26 + (1, 2)
+
+id_tc26_sign_constants = id_tc26 + (2, 1)
+
+id_tc26_gost_3410_2012_256_constants = id_tc26_sign_constants + (1,)
+
+id_tc26_gost_3410_2012_512_constants = id_tc26_sign_constants + (2,)
+
+id_tc26_gost3410_2012_256 = id_tc26_sign + (1,)
+
+id_tc26_gost3410_12_256 = id_tc26_gost3410_2012_256
+
+id_tc26_gost3410_2012_512 = id_tc26_sign + (2,)
+
+id_tc26_gost3410_12_512 = id_tc26_gost3410_2012_512
+
+id_tc26_gost3411_12_256 = id_tc26_digest + (2,)
+
+id_tc26_gost3411_12_512 = id_tc26_digest + (3,)
+
+id_tc26_signwithdigest = id_tc26 + (1, 3)
+
+id_tc26_signwithdigest_gost3410_2012_256 = id_tc26_signwithdigest + (2,)
+
+id_tc26_signwithdigest_gost3410_12_256 = id_tc26_signwithdigest_gost3410_2012_256
+
+id_tc26_signwithdigest_gost3410_2012_512 = id_tc26_signwithdigest + (3,)
+
+id_tc26_signwithdigest_gost3410_12_512 = id_tc26_signwithdigest_gost3410_2012_512
+
+id_tc26_gost_3410_2012_256_paramSetA = id_tc26_gost_3410_2012_256_constants + (1,)
+
+id_tc26_gost_3410_2012_256_paramSetB = id_tc26_gost_3410_2012_256_constants + (2,)
+
+id_tc26_gost_3410_2012_256_paramSetC = id_tc26_gost_3410_2012_256_constants + (3,)
+
+id_tc26_gost_3410_2012_256_paramSetD = id_tc26_gost_3410_2012_256_constants + (4,)
+
+id_tc26_gost_3410_2012_512_paramSetTest = id_tc26_gost_3410_2012_512_constants + (0,)
+
+id_tc26_gost_3410_2012_512_paramSetA = id_tc26_gost_3410_2012_512_constants + (1,)
+
+id_tc26_gost_3410_2012_512_paramSetB = id_tc26_gost_3410_2012_512_constants + (2,)
+
+id_tc26_gost_3410_2012_512_paramSetC = id_tc26_gost_3410_2012_512_constants + (3,)
+
+
+class GostR3410_2012_256_PublicKey(univ.OctetString):
+    subtypeSpec = constraint.ValueSizeConstraint(64, 64)
+
+
+class GostR3410_2012_512_PublicKey(univ.OctetString):
+    subtypeSpec = constraint.ValueSizeConstraint(128, 128)
+
+
+class GostR3410_2012_PublicKey(univ.OctetString):
+    subtypeSpec = constraint.ConstraintsUnion(
+        constraint.ValueSizeConstraint(64, 64),
+        constraint.ValueSizeConstraint(128, 128)
+    )
+
+
+class GostR3410_2012_PublicKeyParameters(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('publicKeyParamSet', univ.ObjectIdentifier()),
+        namedtype.OptionalNamedType('digestParamSet', univ.ObjectIdentifier())
+    )
+
+
+# MODULE: RuStrongCertsSyntax { 1 2 643 7 1 0 6 }
+
+id_ca = univ.ObjectIdentifier((1, 2, 643, 3))
+
+id_fss = univ.ObjectIdentifier((1, 2, 643, 100))
+
+id_fns = id_ca + (131,)
+
+
+class OGRN(char.NumericString):
+    subtypeSpec = constraint.ValueSizeConstraint(13, 13)
+
+id_OGRN = id_fss + (1,)
+
+
+class SNILS(char.NumericString):
+    subtypeSpec = constraint.ValueSizeConstraint(11, 11)
+
+id_SNILS = id_fss + (3,)
+
+
+class OGRNIP(char.NumericString):
+    subtypeSpec = constraint.ValueSizeConstraint(15, 15)
+
+id_OGRNIP = id_fss + (5,)
+
+
+id_class = id_fss + (113,)
+
+id_class_kc1 = id_class + (1,)
+
+id_class_kc2 = id_class + (2,)
+
+id_class_kc3 = id_class + (3,)
+
+id_class_kb1 = id_class + (4,)
+
+id_class_kb2 = id_class + (5,)
+
+id_class_ka = id_class + (6,)
+
+
+class INN(char.NumericString):
+    subtypeSpec = constraint.ValueSizeConstraint(12, 12)
+
+id_INN = id_fns + (1, 1)
+
+
+class INNLE(char.NumericString):
+    subtypeSpec = constraint.ValueSizeConstraint(10, 10)
+
+id_INNLE = id_fss + (4,)
+
+
+class SubjectSignTool(char.UTF8String):
+    subtypeSpec = constraint.ValueSizeConstraint(1, 200)
+
+id_SubjectSignTool = id_fss + (111,)
+
+
+class IssuerSignTool(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('signTool',
+            char.UTF8String().subtype(
+                subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
+        namedtype.NamedType('cATool',
+            char.UTF8String().subtype(
+                subtypeSpec=constraint.ValueSizeConstraint(1, 200))),
+        namedtype.NamedType('signToolCert',
+            char.UTF8String().subtype(
+                subtypeSpec=constraint.ValueSizeConstraint(1, 100))),
+        namedtype.NamedType('cAToolCert',
+            char.UTF8String().subtype(
+                subtypeSpec=constraint.ValueSizeConstraint(1, 100)))
+    )
+
+id_IssuerSignTool = id_fss + (112,)
+
+
+class IdentificationKind(univ.Integer):
+    namedValues = namedval.NamedValues(
+        ('personal', 0),
+        ('remote_cert', 1),
+        ('remote_passport', 2),
+        ('remote_system', 3)
+    )
+
+id_IdentificationKind = id_fss + (114,)
+
+
+# Update the Algorithm Identifier Map
+
+_algorithmIdentifierMapUpdate = {
+    id_tc26_gost3410_2012_256: GostR3410_2012_PublicKeyParameters(),
+    id_tc26_gost3410_2012_512: GostR3410_2012_PublicKeyParameters(),
+}
+
+algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
+
+
+# Update the Certificate Attribute Map
+
+_certificateAttributesMapUpdate = {
+    id_INN: INN(),
+    id_INNLE: INNLE(),
+    id_OGRN: OGRN(),
+    id_OGRNIP: OGRNIP(),
+    id_SNILS: SNILS(),
+    id_IdentificationKind: IdentificationKind()
+}
+
+certificateAttributesMap.update(_certificateAttributesMapUpdate)
+
+
+# Update the Certificate Extension Map
+
+_certificateExtensionsMap = {
+    id_SubjectSignTool: SubjectSignTool(),
+    id_IssuerSignTool: IssuerSignTool(),
+}
+
+certificateExtensionsMap.update(_certificateExtensionsMap)

pyasn1_alt_modules/rfc9286.py

@@ -0,0 +1,78 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley from rfc6486.py, adding the permitted alphabet
+#   constraint to the file name.  Note that RFC 9286 obsoletes RFC 6486.
+# Modified by Russ Housley to apply eid7118.
+#
+# Copyright (c) 2022-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# RPKI Manifests
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9286.txt
+# https://www.rfc-editor.org/errata/eid7118
+#
+
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import tag
+from pyasn1.type import useful
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import opentypemap
+
+cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
+
+MAX = float('inf')
+
+
+id_smime = univ.ObjectIdentifier('1.2.840.113549.1.9.16')
+
+id_ct = id_smime + (1, )
+
+id_ct_rpkiManifest = id_ct + (26, )
+
+
+class FileAndHash(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('file', char.IA5String().subtype(subtypeSpec=
+            constraint.PermittedAlphabetConstraint('a', 'b', 'c', 'd', 'e',
+                'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q',
+                'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C',
+                'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O',
+                'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', '0',
+                '1', '2', '3', '4', '5', '6', '7', '8', '9', '-', '_', '.'))),
+        namedtype.NamedType('hash', univ.BitString())
+    )
+
+
+class Manifest(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.DefaultedNamedType('version',
+            univ.Integer().subtype(explicitTag=tag.Tag(
+                tag.tagClassContext, tag.tagFormatSimple, 0)).subtype(value=0)),
+        namedtype.NamedType('manifestNumber',
+            univ.Integer().subtype(
+                subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
+        namedtype.NamedType('thisUpdate',
+            useful.GeneralizedTime()),
+        namedtype.NamedType('nextUpdate',
+            useful.GeneralizedTime()),
+        namedtype.NamedType('fileHashAlg',
+            univ.ObjectIdentifier()),
+        namedtype.NamedType('fileList',
+            univ.SequenceOf(componentType=FileAndHash()).subtype(
+                subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
+    )
+
+
+# Update the CMS Content Types Map
+
+_cmsContentTypesMapUpdate = {
+    id_ct_rpkiManifest: Manifest(),
+}
+
+cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

pyasn1_alt_modules/rfc9289.py

@@ -0,0 +1,22 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2022-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Extended Key Usage values for RPC over TLS
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc9289.txt
+#
+
+from pyasn1.type import univ
+
+
+id_kp = univ.ObjectIdentifier('1.3.6.1.5.5.7.3')
+
+id_kp_rpcTLSClient = id_kp + (33,)
+
+id_kp_rpcTLSServer = id_kp + (34,)