pyasn1-alt-modules 0.4.5__py3-none-any.whl

pyasn1_alt_modules/rfc2634.py

@@ -0,0 +1,342 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+# Modified by Russ Housley to add a map for use with opentypes.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# Enhanced Security Services for S/MIME
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc2634.txt
+#
+
+from pyasn1.type import char
+from pyasn1.type import constraint
+from pyasn1.type import namedval
+from pyasn1.type import namedtype
+from pyasn1.type import tag
+from pyasn1.type import univ
+from pyasn1.type import useful
+
+from pyasn1_alt_modules import rfc5652
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+cmsAttributesMap = opentypemap.get('cmsAttributesMap')
+
+cmsContentTypesMap = opentypemap.get('cmsContentTypesMap')
+
+MAX = float('inf')
+
+ContentType = rfc5652.ContentType
+
+IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
+
+SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier
+
+PolicyInformation = rfc5280.PolicyInformation
+
+GeneralNames = rfc5280.GeneralNames
+
+CertificateSerialNumber = rfc5280.CertificateSerialNumber
+
+
+# Signing Certificate Attribute
+# Warning: It is better to use SigningCertificateV2 from RFC 5035
+
+id_aa_signingCertificate = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.12')
+
+class Hash(univ.OctetString):
+    pass  # SHA-1 hash of entire certificate; RFC 5035 supports other hash algorithms
+
+
+class IssuerSerial(univ.Sequence):
+    pass
+
+IssuerSerial.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('issuer', GeneralNames()),
+    namedtype.NamedType('serialNumber', CertificateSerialNumber())
+)
+
+
+class ESSCertID(univ.Sequence):
+    pass
+
+ESSCertID.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('certHash', Hash()),
+    namedtype.OptionalNamedType('issuerSerial', IssuerSerial())
+)
+
+
+class SigningCertificate(univ.Sequence):
+    pass
+
+SigningCertificate.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('certs', univ.SequenceOf(
+        componentType=ESSCertID())),
+    namedtype.OptionalNamedType('policies', univ.SequenceOf(
+        componentType=PolicyInformation()))
+)
+
+
+# Mail List Expansion History Attribute
+
+id_aa_mlExpandHistory = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.3')
+
+ub_ml_expansion_history = univ.Integer(64)
+
+
+class EntityIdentifier(univ.Choice):
+    pass
+
+EntityIdentifier.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
+    namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier())
+)
+
+
+class MLReceiptPolicy(univ.Choice):
+    pass
+
+MLReceiptPolicy.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('none', univ.Null().subtype(implicitTag=tag.Tag(
+        tag.tagClassContext, tag.tagFormatSimple, 0))),
+    namedtype.NamedType('insteadOf', univ.SequenceOf(
+        componentType=GeneralNames()).subtype(
+        sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
+        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+    namedtype.NamedType('inAdditionTo', univ.SequenceOf(
+        componentType=GeneralNames()).subtype(
+        sizeSpec=constraint.ValueSizeConstraint(1, MAX)).subtype(
+        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
+)
+
+
+class MLData(univ.Sequence):
+    pass
+
+MLData.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('mailListIdentifier', EntityIdentifier()),
+    namedtype.NamedType('expansionTime', useful.GeneralizedTime()),
+    namedtype.OptionalNamedType('mlReceiptPolicy', MLReceiptPolicy())
+)
+
+class MLExpansionHistory(univ.SequenceOf):
+    pass
+
+MLExpansionHistory.componentType = MLData()
+MLExpansionHistory.sizeSpec = constraint.ValueSizeConstraint(1, ub_ml_expansion_history)
+
+
+# ESS Security Label Attribute
+
+id_aa_securityLabel = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.2')
+
+ub_privacy_mark_length = univ.Integer(128)
+
+ub_security_categories = univ.Integer(64)
+
+ub_integer_options = univ.Integer(256)
+
+
+class ESSPrivacyMark(univ.Choice):
+    pass
+
+ESSPrivacyMark.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('pString', char.PrintableString().subtype(
+        subtypeSpec=constraint.ValueSizeConstraint(1, ub_privacy_mark_length))),
+    namedtype.NamedType('utf8String', char.UTF8String().subtype(
+        subtypeSpec=constraint.ValueSizeConstraint(1, MAX)))
+)
+
+
+class SecurityClassification(univ.Integer):
+    pass
+
+SecurityClassification.subtypeSpec=constraint.ValueRangeConstraint(0, ub_integer_options)
+
+SecurityClassification.namedValues = namedval.NamedValues(
+    ('unmarked', 0),
+    ('unclassified', 1),
+    ('restricted', 2),
+    ('confidential', 3),
+    ('secret', 4),
+    ('top-secret', 5)
+)
+
+
+class SecurityPolicyIdentifier(univ.ObjectIdentifier):
+    pass
+
+
+class SecurityCategory(univ.Sequence):
+    pass
+
+SecurityCategory.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('type', univ.ObjectIdentifier().subtype(
+        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+    namedtype.NamedType('value', univ.Any().subtype(implicitTag=tag.Tag(
+        tag.tagClassContext, tag.tagFormatSimple, 1)))
+)
+
+
+class SecurityCategories(univ.SetOf):
+    pass
+
+SecurityCategories.componentType = SecurityCategory()
+SecurityCategories.sizeSpec = constraint.ValueSizeConstraint(1, ub_security_categories)
+
+
+class ESSSecurityLabel(univ.Set):
+    pass
+
+ESSSecurityLabel.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('security-policy-identifier', SecurityPolicyIdentifier()),
+    namedtype.OptionalNamedType('security-classification', SecurityClassification()),
+    namedtype.OptionalNamedType('privacy-mark', ESSPrivacyMark()),
+    namedtype.OptionalNamedType('security-categories', SecurityCategories())
+)
+
+
+# Equivalent Labels Attribute
+
+id_aa_equivalentLabels = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.9')
+
+class EquivalentLabels(univ.SequenceOf):
+    pass
+
+EquivalentLabels.componentType = ESSSecurityLabel()
+
+
+# Content Identifier Attribute
+
+id_aa_contentIdentifier = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.7')
+
+class ContentIdentifier(univ.OctetString):
+    pass
+
+
+# Content Reference Attribute
+
+id_aa_contentReference = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.10')
+
+class ContentReference(univ.Sequence):
+    pass
+
+ContentReference.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('contentType', ContentType()),
+    namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
+    namedtype.NamedType('originatorSignatureValue', univ.OctetString())
+)
+
+
+# Message Signature Digest Attribute
+
+id_aa_msgSigDigest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.5')
+
+class MsgSigDigest(univ.OctetString):
+    pass
+
+
+# Content Hints Attribute
+
+id_aa_contentHint = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.4')
+
+class ContentHints(univ.Sequence):
+    pass
+
+ContentHints.componentType = namedtype.NamedTypes(
+    namedtype.OptionalNamedType('contentDescription', char.UTF8String().subtype(subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
+    namedtype.NamedType('contentType', ContentType())
+)
+
+
+# Receipt Request Attribute
+
+class AllOrFirstTier(univ.Integer):
+    pass
+
+AllOrFirstTier.namedValues = namedval.NamedValues(
+    ('allReceipts', 0),
+    ('firstTierRecipients', 1)
+)
+
+
+class ReceiptsFrom(univ.Choice):
+    pass
+
+ReceiptsFrom.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('allOrFirstTier', AllOrFirstTier().subtype(
+        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+    namedtype.NamedType('receiptList', univ.SequenceOf(
+        componentType=GeneralNames()).subtype(implicitTag=tag.Tag(
+        tag.tagClassContext, tag.tagFormatSimple, 1)))
+)
+
+
+id_aa_receiptRequest = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.1')
+
+ub_receiptsTo = univ.Integer(16)
+
+class ReceiptRequest(univ.Sequence):
+    pass
+
+ReceiptRequest.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
+    namedtype.NamedType('receiptsFrom', ReceiptsFrom()),
+    namedtype.NamedType('receiptsTo', univ.SequenceOf(componentType=GeneralNames()).subtype(sizeSpec=constraint.ValueSizeConstraint(1, ub_receiptsTo)))
+)
+
+# Receipt Content Type
+
+class ESSVersion(univ.Integer):
+    pass
+
+ESSVersion.namedValues = namedval.NamedValues(
+    ('v1', 1)
+)
+
+
+id_ct_receipt = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.1')
+
+class Receipt(univ.Sequence):
+    pass
+
+Receipt.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('version', ESSVersion()),
+    namedtype.NamedType('contentType', ContentType()),
+    namedtype.NamedType('signedContentIdentifier', ContentIdentifier()),
+    namedtype.NamedType('originatorSignatureValue', univ.OctetString())
+)
+
+
+# Map of Attribute Type to the Attribute structure is added to the
+# ones that are in rfc5652.py
+
+_cmsAttributesMapUpdate = {
+    id_aa_signingCertificate: SigningCertificate(),
+    id_aa_mlExpandHistory: MLExpansionHistory(),
+    id_aa_securityLabel: ESSSecurityLabel(),
+    id_aa_equivalentLabels: EquivalentLabels(),
+    id_aa_contentIdentifier: ContentIdentifier(),
+    id_aa_contentReference: ContentReference(),
+    id_aa_msgSigDigest: MsgSigDigest(),
+    id_aa_contentHint: ContentHints(),
+    id_aa_receiptRequest: ReceiptRequest(),
+}
+
+cmsAttributesMap.update(_cmsAttributesMapUpdate)
+
+
+# Map of Content Type OIDs to Content Types is added to the
+# ones that are in rfc5652.py
+
+_cmsContentTypesMapUpdate = {
+    id_ct_receipt: Receipt(),
+}
+
+cmsContentTypesMap.update(_cmsContentTypesMapUpdate)

pyasn1_alt_modules/rfc2743.py

@@ -0,0 +1,60 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+#
+# Copyright (c) 2021-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# GSS-API Tokens
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc2743.txt
+#
+
+from pyasn1.type import namedtype
+from pyasn1.type import namedval
+from pyasn1.type import opentype
+from pyasn1.type import tag
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import opentypemap
+
+gssapiMechTypeMap = opentypemap.get('gssapiMechTypeMap')
+
+
+class PerMsgToken(univ.Any):
+    pass
+
+
+class SealedMessage(univ.Any):
+    pass
+
+
+class SubsequentContextToken(univ.Any):
+    pass
+
+
+class MechType(univ.ObjectIdentifier):
+    pass
+
+
+class InitialContextToken(univ.Sequence):
+    pass
+
+InitialContextToken.tagSet = univ.Sequence.tagSet.tagImplicitly(
+    tag.Tag(tag.tagClassApplication, tag.tagFormatConstructed, 0)
+)
+
+InitialContextToken.componentType = namedtype.NamedTypes(
+    namedtype.NamedType('thisMech', MechType()),
+    namedtype.NamedType('innerContextToken', univ.Any(),
+        openType=opentype.OpenType('thisMech', gssapiMechTypeMap)
+    )
+)
+
+
+# For DASS (RFC 1507), the MechType is 1.3.12.2.1011.7.5.
+# For Kerberos V5 (RFC 1964), the MechType is 1.2.840.113554.1.2.2.
+# If modules are ever written for these RFCs, the module should add 
+# entries for these object identifiers to gssapiMechTypeMap.

pyasn1_alt_modules/rfc2876.py

@@ -0,0 +1,61 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley with assistance from asn1ate v.0.6.0.
+# Modified by Russ Housley to include the opentypemap manager.
+#
+# Copyright (c) 2019-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# KEA and SKIPJACK Algorithms in CMS
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc2876.txt
+#
+
+from pyasn1.type import namedtype
+from pyasn1.type import univ
+
+from pyasn1_alt_modules import rfc5280
+from pyasn1_alt_modules import opentypemap
+
+algorithmIdentifierMap = opentypemap.get('algorithmIdentifierMap')
+
+smimeCapabilityMap = opentypemap.get('smimeCapabilityMap')
+
+
+id_fortezzaConfidentialityAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.4')
+
+
+id_fortezzaWrap80 = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.23')
+
+
+id_kEAKeyEncryptionAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.24')
+
+
+id_keyExchangeAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.1.22')
+
+
+class Skipjack_Parm(univ.Sequence):
+    componentType = namedtype.NamedTypes(
+        namedtype.NamedType('initialization-vector', univ.OctetString())
+    )
+
+
+# Update the Algorithm Identifier map
+
+_algorithmIdentifierMapUpdate = {
+    id_fortezzaConfidentialityAlgorithm: Skipjack_Parm(),
+    id_kEAKeyEncryptionAlgorithm: rfc5280.AlgorithmIdentifier(),
+}
+
+algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
+
+
+# Update the S/MIME Capability map
+
+_smimeCapabilityMapUpdate = {
+    id_kEAKeyEncryptionAlgorithm: rfc5280.AlgorithmIdentifier(),
+}
+
+smimeCapabilityMap.update(_smimeCapabilityMapUpdate)

pyasn1_alt_modules/rfc2898.py

@@ -0,0 +1,72 @@
+#
+# This file is part of pyasn1-alt-modules software.
+#
+# Created by Russ Housley.
+#
+# Copyright (c) 2022-2024, Vigil Security, LLC
+# License: http://vigilsec.com/pyasn1-alt-modules-license.txt
+#
+# PKCS #5: Password-Based Cryptography Specification, Version 2.0
+#
+# ASN.1 source from:
+# https://www.rfc-editor.org/rfc/rfc2898.txt
+# https://www.rfc-editor.org/rfc/rfc8018.txt
+#
+
+from pyasn1_alt_modules import rfc8018
+
+
+# PKCS#5 Version 2.1 is backward compatible with PKCS#5 Version 2.0,
+# so all of the definitions can be imported from the newer document.
+
+rsadsi = rfc8018.rsadsi
+
+pkcs = rfc8018.pkcs
+
+digestAlgorithm = rfc8018.digestAlgorithm
+
+encryptionAlgorithm = rfc8018.encryptionAlgorithm
+
+pkcs_5 = rfc8018.pkcs_5
+
+id_PBKDF2 = rfc8018.id_PBKDF2
+
+PBKDF2_params = rfc8018.PBKDF2_params
+
+id_hmacWithSHA1 = rfc8018.id_hmacWithSHA1
+
+algid_hmacWithSHA1 = rfc8018.algid_hmacWithSHA1
+
+pbeWithMD2AndDES_CBC = rfc8018.pbeWithMD2AndDES_CBC
+
+pbeWithMD2AndRC2_CBC = rfc8018.pbeWithMD2AndRC2_CBC
+
+pbeWithMD5AndDES_CBC = rfc8018.pbeWithMD5AndDES_CBC
+
+pbeWithMD5AndRC2_CBC = rfc8018.pbeWithMD5AndRC2_CBC
+
+pbeWithSHA1AndDES_CBC = rfc8018.pbeWithSHA1AndDES_CBC
+
+pbeWithSHA1AndRC2_CBC = rfc8018.pbeWithSHA1AndRC2_CBC
+
+PBEParameter = rfc8018.PBEParameter
+
+id_PBES2 = rfc8018.id_PBES2
+
+PBES2_params = rfc8018.PBES2_params
+
+id_PBMAC1 = rfc8018.id_PBMAC1
+
+PBMAC1_params = rfc8018.PBMAC1_params
+
+desCBC = rfc8018.desCBC
+
+des_EDE3_CBC = rfc8018.des_EDE3_CBC
+
+rc2CBC = rfc8018.rc2CBC
+
+RC2_CBC_Parameter = rfc8018.RC2_CBC_Parameter
+
+rc5_CBC_PAD = rfc8018.rc5_CBC_PAD
+
+RC5_CBC_Parameters = rfc8018.RC5_CBC_Parameters