PyPI - pyasn1-alt-modules - Versions diffs - 0.4.5__py3-none-any.whl - Mend

pyasn1-alt-modules 0.4.5__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of pyasn1-alt-modules might be problematic. Click here for more details.

Files changed (195) hide show

pyasn1_alt_modules/__init__.py +2 -0
pyasn1_alt_modules/opentypemap.py +19 -0
pyasn1_alt_modules/pem.py +66 -0
pyasn1_alt_modules/rfc1155.py +97 -0
pyasn1_alt_modules/rfc1157.py +127 -0
pyasn1_alt_modules/rfc1901.py +23 -0
pyasn1_alt_modules/rfc1902.py +130 -0
pyasn1_alt_modules/rfc1905.py +136 -0
pyasn1_alt_modules/rfc2040.py +50 -0
pyasn1_alt_modules/rfc2251.py +564 -0
pyasn1_alt_modules/rfc2314.py +68 -0
pyasn1_alt_modules/rfc2315.py +325 -0
pyasn1_alt_modules/rfc2437.py +70 -0
pyasn1_alt_modules/rfc2459.py +1340 -0
pyasn1_alt_modules/rfc2511.py +303 -0
pyasn1_alt_modules/rfc2528.py +34 -0
pyasn1_alt_modules/rfc2560.py +226 -0
pyasn1_alt_modules/rfc2631.py +37 -0
pyasn1_alt_modules/rfc2634.py +342 -0
pyasn1_alt_modules/rfc2743.py +60 -0
pyasn1_alt_modules/rfc2876.py +61 -0
pyasn1_alt_modules/rfc2898.py +72 -0
pyasn1_alt_modules/rfc2985.py +593 -0
pyasn1_alt_modules/rfc2986.py +76 -0
pyasn1_alt_modules/rfc3058.py +48 -0
pyasn1_alt_modules/rfc3114.py +80 -0
pyasn1_alt_modules/rfc3125.py +469 -0
pyasn1_alt_modules/rfc3161.py +142 -0
pyasn1_alt_modules/rfc3217.py +42 -0
pyasn1_alt_modules/rfc3274.py +62 -0
pyasn1_alt_modules/rfc3279.py +264 -0
pyasn1_alt_modules/rfc3280.py +1544 -0
pyasn1_alt_modules/rfc3281.py +332 -0
pyasn1_alt_modules/rfc3370.py +142 -0
pyasn1_alt_modules/rfc3412.py +54 -0
pyasn1_alt_modules/rfc3414.py +29 -0
pyasn1_alt_modules/rfc3447.py +46 -0
pyasn1_alt_modules/rfc3537.py +44 -0
pyasn1_alt_modules/rfc3546.py +23 -0
pyasn1_alt_modules/rfc3560.py +74 -0
pyasn1_alt_modules/rfc3565.py +59 -0
pyasn1_alt_modules/rfc3657.py +69 -0
pyasn1_alt_modules/rfc3709.py +230 -0
pyasn1_alt_modules/rfc3739.py +207 -0
pyasn1_alt_modules/rfc3770.py +77 -0
pyasn1_alt_modules/rfc3779.py +139 -0
pyasn1_alt_modules/rfc3820.py +66 -0
pyasn1_alt_modules/rfc3852.py +707 -0
pyasn1_alt_modules/rfc3874.py +29 -0
pyasn1_alt_modules/rfc4010.py +58 -0
pyasn1_alt_modules/rfc4043.py +45 -0
pyasn1_alt_modules/rfc4055.py +285 -0
pyasn1_alt_modules/rfc4056.py +56 -0
pyasn1_alt_modules/rfc4059.py +101 -0
pyasn1_alt_modules/rfc4073.py +62 -0
pyasn1_alt_modules/rfc4108.py +355 -0
pyasn1_alt_modules/rfc4210.py +807 -0
pyasn1_alt_modules/rfc4211.py +420 -0
pyasn1_alt_modules/rfc4231.py +38 -0
pyasn1_alt_modules/rfc4262.py +37 -0
pyasn1_alt_modules/rfc4334.py +78 -0
pyasn1_alt_modules/rfc4357.py +485 -0
pyasn1_alt_modules/rfc4366.py +23 -0
pyasn1_alt_modules/rfc4387.py +23 -0
pyasn1_alt_modules/rfc4476.py +99 -0
pyasn1_alt_modules/rfc4490.py +119 -0
pyasn1_alt_modules/rfc4491.py +44 -0
pyasn1_alt_modules/rfc4683.py +76 -0
pyasn1_alt_modules/rfc4985.py +52 -0
pyasn1_alt_modules/rfc4998.py +125 -0
pyasn1_alt_modules/rfc5035.py +206 -0
pyasn1_alt_modules/rfc5055.py +763 -0
pyasn1_alt_modules/rfc5083.py +55 -0
pyasn1_alt_modules/rfc5084.py +94 -0
pyasn1_alt_modules/rfc5126.py +578 -0
pyasn1_alt_modules/rfc5208.py +73 -0
pyasn1_alt_modules/rfc5275.py +404 -0
pyasn1_alt_modules/rfc5276.py +82 -0
pyasn1_alt_modules/rfc5280.py +1666 -0
pyasn1_alt_modules/rfc5480.py +190 -0
pyasn1_alt_modules/rfc5544.py +127 -0
pyasn1_alt_modules/rfc5636.py +117 -0
pyasn1_alt_modules/rfc5639.py +49 -0
pyasn1_alt_modules/rfc5649.py +33 -0
pyasn1_alt_modules/rfc5652.py +763 -0
pyasn1_alt_modules/rfc5697.py +64 -0
pyasn1_alt_modules/rfc5698.py +159 -0
pyasn1_alt_modules/rfc5751.py +127 -0
pyasn1_alt_modules/rfc5752.py +52 -0
pyasn1_alt_modules/rfc5753.py +163 -0
pyasn1_alt_modules/rfc5755.py +400 -0
pyasn1_alt_modules/rfc5913.py +46 -0
pyasn1_alt_modules/rfc5914.py +119 -0
pyasn1_alt_modules/rfc5915.py +32 -0
pyasn1_alt_modules/rfc5916.py +39 -0
pyasn1_alt_modules/rfc5917.py +59 -0
pyasn1_alt_modules/rfc5924.py +19 -0
pyasn1_alt_modules/rfc5934.py +786 -0
pyasn1_alt_modules/rfc5940.py +62 -0
pyasn1_alt_modules/rfc5958.py +100 -0
pyasn1_alt_modules/rfc5990.py +238 -0
pyasn1_alt_modules/rfc6010.py +92 -0
pyasn1_alt_modules/rfc6019.py +46 -0
pyasn1_alt_modules/rfc6031.py +469 -0
pyasn1_alt_modules/rfc6032.py +71 -0
pyasn1_alt_modules/rfc6066.py +25 -0
pyasn1_alt_modules/rfc6120.py +46 -0
pyasn1_alt_modules/rfc6170.py +17 -0
pyasn1_alt_modules/rfc6187.py +22 -0
pyasn1_alt_modules/rfc6210.py +45 -0
pyasn1_alt_modules/rfc6211.py +75 -0
pyasn1_alt_modules/rfc6402.py +643 -0
pyasn1_alt_modules/rfc6482.py +77 -0
pyasn1_alt_modules/rfc6484.py +17 -0
pyasn1_alt_modules/rfc6486.py +70 -0
pyasn1_alt_modules/rfc6487.py +22 -0
pyasn1_alt_modules/rfc6492.py +41 -0
pyasn1_alt_modules/rfc6493.py +24 -0
pyasn1_alt_modules/rfc6494.py +23 -0
pyasn1_alt_modules/rfc6664.py +151 -0
pyasn1_alt_modules/rfc6955.py +112 -0
pyasn1_alt_modules/rfc6960.py +234 -0
pyasn1_alt_modules/rfc6962.py +52 -0
pyasn1_alt_modules/rfc7030.py +70 -0
pyasn1_alt_modules/rfc7191.py +267 -0
pyasn1_alt_modules/rfc7229.py +29 -0
pyasn1_alt_modules/rfc7292.py +359 -0
pyasn1_alt_modules/rfc7296.py +32 -0
pyasn1_alt_modules/rfc7508.py +92 -0
pyasn1_alt_modules/rfc7585.py +53 -0
pyasn1_alt_modules/rfc7633.py +40 -0
pyasn1_alt_modules/rfc7693.py +66 -0
pyasn1_alt_modules/rfc7773.py +54 -0
pyasn1_alt_modules/rfc7836.py +65 -0
pyasn1_alt_modules/rfc7894.py +100 -0
pyasn1_alt_modules/rfc7906.py +739 -0
pyasn1_alt_modules/rfc7914.py +55 -0
pyasn1_alt_modules/rfc8017.py +159 -0
pyasn1_alt_modules/rfc8018.py +269 -0
pyasn1_alt_modules/rfc8103.py +36 -0
pyasn1_alt_modules/rfc8209.py +20 -0
pyasn1_alt_modules/rfc8226.py +151 -0
pyasn1_alt_modules/rfc8358.py +54 -0
pyasn1_alt_modules/rfc8360.py +46 -0
pyasn1_alt_modules/rfc8398.py +55 -0
pyasn1_alt_modules/rfc8410.py +43 -0
pyasn1_alt_modules/rfc8418.py +36 -0
pyasn1_alt_modules/rfc8419.py +70 -0
pyasn1_alt_modules/rfc8479.py +48 -0
pyasn1_alt_modules/rfc8494.py +80 -0
pyasn1_alt_modules/rfc8520.py +66 -0
pyasn1_alt_modules/rfc8619.py +45 -0
pyasn1_alt_modules/rfc8649.py +42 -0
pyasn1_alt_modules/rfc8692.py +79 -0
pyasn1_alt_modules/rfc8696.py +108 -0
pyasn1_alt_modules/rfc8702.py +109 -0
pyasn1_alt_modules/rfc8708.py +43 -0
pyasn1_alt_modules/rfc8737.py +36 -0
pyasn1_alt_modules/rfc8769.py +21 -0
pyasn1_alt_modules/rfc8894.py +52 -0
pyasn1_alt_modules/rfc8951.py +42 -0
pyasn1_alt_modules/rfc8954.py +238 -0
pyasn1_alt_modules/rfc8994.py +52 -0
pyasn1_alt_modules/rfc8995.py +39 -0
pyasn1_alt_modules/rfc9044.py +80 -0
pyasn1_alt_modules/rfc9092.py +35 -0
pyasn1_alt_modules/rfc9118.py +82 -0
pyasn1_alt_modules/rfc9174.py +55 -0
pyasn1_alt_modules/rfc9189.py +74 -0
pyasn1_alt_modules/rfc9215.py +228 -0
pyasn1_alt_modules/rfc9286.py +78 -0
pyasn1_alt_modules/rfc9289.py +22 -0
pyasn1_alt_modules/rfc9310.py +46 -0
pyasn1_alt_modules/rfc9323.py +129 -0
pyasn1_alt_modules/rfc9336.py +20 -0
pyasn1_alt_modules/rfc9337.py +74 -0
pyasn1_alt_modules/rfc9345.py +36 -0
pyasn1_alt_modules/rfc9385.py +22 -0
pyasn1_alt_modules/rfc9399.py +59 -0
pyasn1_alt_modules/rfc9480.py +731 -0
pyasn1_alt_modules/rfc9481.py +224 -0
pyasn1_alt_modules/rfc9509.py +24 -0
pyasn1_alt_modules/rfc9548.py +23 -0
pyasn1_alt_modules/rfc9579.py +89 -0
pyasn1_alt_modules/rfc9582.py +107 -0
pyasn1_alt_modules/rfc9598.py +52 -0
pyasn1_alt_modules/rfc9608.py +35 -0
pyasn1_alt_modules/rfc9629.py +100 -0
pyasn1_alt_modules/rfc9654.py +241 -0
pyasn1_alt_modules-0.4.5.dist-info/LICENSE.txt +25 -0
pyasn1_alt_modules-0.4.5.dist-info/METADATA +34 -0
pyasn1_alt_modules-0.4.5.dist-info/RECORD +195 -0
pyasn1_alt_modules-0.4.5.dist-info/WHEEL +5 -0
pyasn1_alt_modules-0.4.5.dist-info/top_level.txt +1 -0
pyasn1_alt_modules-0.4.5.dist-info/zip-safe +1 -0

pyasn1_alt_modules/rfc2511.py ADDED Viewed

@@ -0,0 +1,303 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Modified by Russ Housley to import from RFC 5280 and RFC 5652
+#
+# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# X.509 certificate Request Message Format (CRMF) syntax
+#
+# ASN.1 source from:
+# http://tools.ietf.org/html/rfc2511
+#
+# Sample captures could be obtained with OpenSSL
+#
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import tag
+from pyasn1.type import univ
+from pyasn1_alt_modules import rfc5652
+from pyasn1_alt_modules import rfc5280
+MAX = float('inf')
+# Imports from RFC 5280
+AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
+AttributeTypeAndValue = rfc5280.AttributeTypeAndValue
+Extensions = rfc5280.Extensions
+GeneralName = rfc5280.GeneralName
+Name = rfc5280.Name
+SubjectPublicKeyInfo = rfc5280.SubjectPublicKeyInfo
+Time = rfc5280.Time
+UniqueIdentifier = rfc5280.UniqueIdentifier
+Version = rfc5280.Version
+# Imports from RFC 5652
+EnvelopedData = rfc5652.EnvelopedData
+# Object Identifiers
+id_pkix = univ.ObjectIdentifier('1.3.6.1.5.5.7')
+id_pkip = univ.ObjectIdentifier('1.3.6.1.5.5.7.5')
+id_regCtrl = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1')
+id_regCtrl_regToken = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.1')
+id_regCtrl_authenticator = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.2')
+id_regCtrl_pkiPublicationInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.3')
+id_regCtrl_pkiArchiveOptions = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.4')
+id_regCtrl_oldCertID = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.5')
+id_regCtrl_protocolEncrKey = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.1.6')
+id_regInfo = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2')
+id_regInfo_utf8Pairs = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.1')
+id_regInfo_certReq = univ.ObjectIdentifier('1.3.6.1.5.5.7.5.2.2')
+# This should be in PKIX Certificate Extensions module
+#
+# class GeneralName(univ.OctetString):
+#    pass
+#
+# end of PKIX Certificate Extensions module
+class UTF8Pairs(char.UTF8String):
+    pass
+class ProtocolEncrKey(SubjectPublicKeyInfo):
+    pass
+class CertId(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('issuer', GeneralName()),
+        namedtype.NamedType('serialNumber', univ.Integer())
+    )
+class OldCertId(CertId):
+    pass
+class KeyGenParameters(univ.OctetString):
+    pass
+class EncryptedValue(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('intendedAlg', AlgorithmIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.OptionalNamedType('symmAlg', AlgorithmIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
+        namedtype.OptionalNamedType('encSymmKey', univ.BitString().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
+        namedtype.OptionalNamedType('keyAlg', AlgorithmIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
+        namedtype.OptionalNamedType('valueHint', univ.OctetString().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
+        namedtype.NamedType('encValue', univ.BitString())
+    )
+class EncryptedKey(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('encryptedValue', EncryptedValue()),
+        namedtype.NamedType('envelopedData', EnvelopedData().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+    )
+class PKIArchiveOptions(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('encryptedPrivKey', EncryptedKey().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.NamedType('keyGenParameters', KeyGenParameters().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('archiveRemGenPrivKey',
+            univ.Boolean().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )
+class SinglePubInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('pubMethod', univ.Integer(
+            namedValues=namedval.NamedValues(
+                ('dontCare', 0),
+                ('x500', 1),
+                ('web', 2),
+                ('ldap', 3)))),
+        namedtype.OptionalNamedType('pubLocation', GeneralName())
+    )
+class PKIPublicationInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('action',
+                            univ.Integer(namedValues=namedval.NamedValues(
+                                ('dontPublish', 0),
+                                ('pleasePublish', 1)))),
+        namedtype.OptionalNamedType('pubInfos', univ.SequenceOf(componentType=SinglePubInfo()).subtype(
+            sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
+    )
+class Authenticator(char.UTF8String):
+    pass
+class RegToken(char.UTF8String):
+    pass
+class SubsequentMessage(univ.Integer):
+    namedValues = namedval.NamedValues(
+        ('encrCert', 0),
+        ('challengeResp', 1)
+    )
+class POPOPrivKey(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('thisMessage',
+            univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('subsequentMessage', SubsequentMessage().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('dhMAC',
+            univ.BitString().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )
+class PBMParameter(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('salt', univ.OctetString()),
+        namedtype.NamedType('owf', AlgorithmIdentifier()),
+        namedtype.NamedType('iterationCount', univ.Integer()),
+        namedtype.NamedType('mac', AlgorithmIdentifier())
+    )
+class PKMACValue(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('algId', AlgorithmIdentifier()),
+        namedtype.NamedType('value', univ.BitString())
+    )
+class POPOSigningKeyInput(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType(
+            'authInfo', univ.Choice(
+                componentType=namedtype.NamedTypes(
+                    namedtype.NamedType('sender',
+                        GeneralName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))
+                    ),
+                    namedtype.NamedType('publicKeyMAC', PKMACValue())
+                )
+            )
+        ),
+        namedtype.NamedType('publicKey', SubjectPublicKeyInfo())
+    )
+class POPOSigningKey(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('poposkInput', POPOSigningKeyInput().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+        namedtype.NamedType('algorithmIdentifier', AlgorithmIdentifier()),
+        namedtype.NamedType('signature', univ.BitString())
+    )
+class ProofOfPossession(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('raVerified',
+            univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('signature', POPOSigningKey().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
+        namedtype.NamedType('keyEncipherment', POPOPrivKey().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
+        namedtype.NamedType('keyAgreement', POPOPrivKey().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
+    )
+class Controls(univ.SequenceOf):
+    componentType = AttributeTypeAndValue()
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
+class OptionalValidity(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('notBefore',
+            Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.OptionalNamedType('notAfter',
+            Time().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
+    )
+class CertTemplate(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.OptionalNamedType('version', Version().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.OptionalNamedType('serialNumber', univ.Integer().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.OptionalNamedType('signingAlg', AlgorithmIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
+        namedtype.OptionalNamedType('issuer', Name().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
+        namedtype.OptionalNamedType('validity', OptionalValidity().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))),
+        namedtype.OptionalNamedType('subject', Name().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 5))),
+        namedtype.OptionalNamedType('publicKey', SubjectPublicKeyInfo().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))),
+        namedtype.OptionalNamedType('issuerUID', UniqueIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
+        namedtype.OptionalNamedType('subjectUID', UniqueIdentifier().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8))),
+        namedtype.OptionalNamedType('extensions', Extensions().subtype(
+            implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 9)))
+    )
+class CertRequest(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('certReqId', univ.Integer()),
+        namedtype.NamedType('certTemplate', CertTemplate()),
+        namedtype.OptionalNamedType('controls', Controls())
+    )
+class CertReq(CertRequest):
+    pass
+class CertReqMsg(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('certReq', CertRequest()),
+        namedtype.OptionalNamedType('pop', ProofOfPossession()),
+        namedtype.OptionalNamedType('regInfo', univ.SequenceOf(componentType=AttributeTypeAndValue()).subtype(
+            sizeSpec=constraint.ValueSizeConstraint(1, MAX)))
+    )
+class CertReqMessages(univ.SequenceOf):
+    componentType = CertReqMsg()
+    sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)

pyasn1_alt_modules/rfc2528.py ADDED Viewed

@@ -0,0 +1,34 @@
+#
+# This file is part of pyasn1-modules.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Identifiers for the Key Exchange Algorithm (KEA)
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc2528.txt
+# https://www.rfc-editor.org/rfc/rfc3279.txt
+#
+from pyasn1_alt_modules import rfc3279
+# The KEA object identifier is defined in RFC 3279
+id_keyExchangeAlgorithm = rfc3279.id_keyExchangeAlgorithm
+# The KEA parameters structure is defined in RFC 3279
+KEA_Parms_Id = rfc3279.KEA_Parms_Id
+# The Algorithm Identifier map is updated by importing rfc3279.
+# To save looking it up, the map is updated with this entry:
+#
+# _algorithmIdentifierMapUpdate = {
+#     id_keyExchangeAlgorithm: KEA_Parms_Id(),
+# }

pyasn1_alt_modules/rfc2560.py ADDED Viewed

@@ -0,0 +1,226 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Copyright (c) 2005-2020, Ilya Etingof <etingof@gmail.com>
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# OCSP request/response syntax
+#
+# Derived from a minimal OCSP library (RFC2560) code written by
+# Bud P. Bruegger <bud@ancitel.it>
+# Copyright: Ancitel, S.p.a,  Rome, Italy
+# License: BSD
+#
+#
+# current limitations:
+# * request and response works only for a single certificate
+# * only some values are parsed out of the response
+# * the request does't set a nonce nor signature
+# * there is no signature validation of the response
+# * dates are left as strings in GeneralizedTime format -- datetime.datetime
+# would be nicer
+#
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import tag
+from pyasn1.type import univ
+from pyasn1.type import useful
+from pyasn1_alt_modules import rfc2459
+# Start of OCSP module definitions
+# This should be in directory Authentication Framework (X.509) module
+class CRLReason(univ.Enumerated):
+    namedValues = namedval.NamedValues(
+        ('unspecified', 0),
+        ('keyCompromise', 1),
+        ('cACompromise', 2),
+        ('affiliationChanged', 3),
+        ('superseded', 4),
+        ('cessationOfOperation', 5),
+        ('certificateHold', 6),
+        ('removeFromCRL', 8),
+        ('privilegeWithdrawn', 9),
+        ('aACompromise', 10)
+    )
+# end of directory Authentication Framework (X.509) module
+# This should be in PKIX Certificate Extensions module
+class GeneralName(univ.OctetString):
+    pass
+# end of PKIX Certificate Extensions module
+id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9))
+id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1))
+id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1))
+id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2))
+id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3))
+id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4))
+id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5))
+id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6))
+id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 7))
+class AcceptableResponses(univ.SequenceOf):
+    componentType = univ.ObjectIdentifier()
+class ArchiveCutoff(useful.GeneralizedTime):
+    pass
+class UnknownInfo(univ.Null):
+    pass
+class RevokedInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('revocationTime', useful.GeneralizedTime()),
+        namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )
+class CertID(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()),
+        namedtype.NamedType('issuerNameHash', univ.OctetString()),
+        namedtype.NamedType('issuerKeyHash', univ.OctetString()),
+        namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber())
+    )
+class CertStatus(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('good',
+                            univ.Null().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('revoked',
+                            RevokedInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('unknown',
+                            UnknownInfo().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )
+class SingleResponse(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('certID', CertID()),
+        namedtype.NamedType('certStatus', CertStatus()),
+        namedtype.NamedType('thisUpdate', useful.GeneralizedTime()),
+        namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
+    )
+class KeyHash(univ.OctetString):
+    pass
+class ResponderID(univ.Choice):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('byName',
+                            rfc2459.Name().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('byKey',
+                            KeyHash().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )
+class Version(univ.Integer):
+    namedValues = namedval.NamedValues(('v1', 0))
+class ResponseData(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.DefaultedNamedType('version', Version('v1').subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('responderID', ResponderID()),
+        namedtype.NamedType('producedAt', useful.GeneralizedTime()),
+        namedtype.NamedType('responses', univ.SequenceOf(componentType=SingleResponse())),
+        namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
+    )
+class BasicOCSPResponse(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('tbsResponseData', ResponseData()),
+        namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()),
+        namedtype.NamedType('signature', univ.BitString()),
+        namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )
+class ResponseBytes(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('responseType', univ.ObjectIdentifier()),
+        namedtype.NamedType('response', univ.OctetString())
+    )
+class OCSPResponseStatus(univ.Enumerated):
+    namedValues = namedval.NamedValues(
+        ('successful', 0),
+        ('malformedRequest', 1),
+        ('internalError', 2),
+        ('tryLater', 3),
+        ('undefinedStatus', 4),  # should never occur
+        ('sigRequired', 5),
+        ('unauthorized', 6)
+    )
+class OCSPResponse(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('responseStatus', OCSPResponseStatus()),
+        namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )
+class Request(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('reqCert', CertID()),
+        namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extensions().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )
+class Signature(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()),
+        namedtype.NamedType('signature', univ.BitString()),
+        namedtype.OptionalNamedType('certs', univ.SequenceOf(componentType=rfc2459.Certificate()).subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )
+class TBSRequest(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.DefaultedNamedType('version', Version('v1').subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.OptionalNamedType('requestorName', GeneralName().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+        namedtype.NamedType('requestList', univ.SequenceOf(componentType=Request())),
+        namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )
+class OCSPRequest(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('tbsRequest', TBSRequest()),
+        namedtype.OptionalNamedType('optionalSignature', Signature().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+    )

pyasn1_alt_modules/rfc2631.py ADDED Viewed

@@ -0,0 +1,37 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Diffie-Hellman Key Agreement
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc2631.txt
+# https://www.rfc-editor.org/errata/eid5897
+#
+from pyasn1.type import constraint
+from pyasn1.type import namedtype
+from pyasn1.type import tag
+from pyasn1.type import univ
+class KeySpecificInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
+        namedtype.NamedType('counter', univ.OctetString().subtype(
+            subtypeSpec=constraint.ValueSizeConstraint(4, 4)))
+    )
+class OtherInfo(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('keyInfo', KeySpecificInfo()),
+        namedtype.OptionalNamedType('partyAInfo', univ.OctetString().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+        namedtype.NamedType('suppPubInfo', univ.OctetString().subtype(
+            explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+    )