| # This file is being contributed to of pyasn1-modules software. |
| # |
| # Created by Russ Housley without assistance from the asn1ate tool. |
| # Modified by Russ Housley to add support for opentypes. |
| # |
| # Copyright (c) 2019, Vigil Security, LLC |
| # License: http://snmplabs.com/pyasn1/license.html |
| # |
| # CMS Key Package Receipt and Error Content Types |
| # |
| # ASN.1 source from: |
| # https://www.rfc-editor.org/rfc/rfc7191.txt |
| |
| from pyasn1.type import constraint |
| from pyasn1.type import namedtype |
| from pyasn1.type import namedval |
| from pyasn1.type import opentype |
| from pyasn1.type import tag |
| from pyasn1.type import univ |
| |
| from pyasn1_modules import rfc5280 |
| from pyasn1_modules import rfc5652 |
| |
| MAX = float('inf') |
| |
| DistinguishedName = rfc5280.DistinguishedName |
| |
| |
| # SingleAttribute is the same as Attribute in RFC 5652, except that the |
| # attrValues SET must have one and only one member |
| |
| class AttributeValue(univ.Any): |
| pass |
| |
| |
| class AttributeValues(univ.SetOf): |
| pass |
| |
| AttributeValues.componentType = AttributeValue() |
| AttributeValues.sizeSpec = univ.Set.sizeSpec + constraint.ValueSizeConstraint(1, 1) |
| |
| |
| class SingleAttribute(univ.Sequence): |
| pass |
| |
| SingleAttribute.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('attrType', univ.ObjectIdentifier()), |
| namedtype.NamedType('attrValues', AttributeValues(), |
| openType=opentype.OpenType('attrType', rfc5652.cmsAttributesMap) |
| ) |
| ) |
| |
| |
| # SIR Entity Name |
| |
| class SIREntityNameType(univ.ObjectIdentifier): |
| pass |
| |
| |
| class SIREntityNameValue(univ.Any): |
| pass |
| |
| |
| class SIREntityName(univ.Sequence): |
| pass |
| |
| SIREntityName.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('sirenType', SIREntityNameType()), |
| namedtype.NamedType('sirenValue', univ.OctetString()) |
| # CONTAINING the DER-encoded SIREntityNameValue |
| ) |
| |
| |
| class SIREntityNames(univ.SequenceOf): |
| pass |
| |
| SIREntityNames.componentType = SIREntityName() |
| SIREntityNames.sizeSpec=constraint.ValueSizeConstraint(1, MAX) |
| |
| |
| id_dn = univ.ObjectIdentifier('2.16.840.1.101.2.1.16.0') |
| |
| |
| class siren_dn(SIREntityName): |
| def __init__(self): |
| SIREntityName.__init__(self) |
| self['sirenType'] = id_dn |
| |
| |
| # Key Package Error CMS Content Type |
| |
| class EnumeratedErrorCode(univ.Enumerated): |
| pass |
| |
| # Error codes with values <= 33 are aligned with RFC 5934 |
| EnumeratedErrorCode.namedValues = namedval.NamedValues( |
| ('decodeFailure', 1), |
| ('badContentInfo', 2), |
| ('badSignedData', 3), |
| ('badEncapContent', 4), |
| ('badCertificate', 5), |
| ('badSignerInfo', 6), |
| ('badSignedAttrs', 7), |
| ('badUnsignedAttrs', 8), |
| ('missingContent', 9), |
| ('noTrustAnchor', 10), |
| ('notAuthorized', 11), |
| ('badDigestAlgorithm', 12), |
| ('badSignatureAlgorithm', 13), |
| ('unsupportedKeySize', 14), |
| ('unsupportedParameters', 15), |
| ('signatureFailure', 16), |
| ('insufficientMemory', 17), |
| ('incorrectTarget', 23), |
| ('missingSignature', 29), |
| ('resourcesBusy', 30), |
| ('versionNumberMismatch', 31), |
| ('revokedCertificate', 33), |
| ('ambiguousDecrypt', 60), |
| ('noDecryptKey', 61), |
| ('badEncryptedData', 62), |
| ('badEnvelopedData', 63), |
| ('badAuthenticatedData', 64), |
| ('badAuthEnvelopedData', 65), |
| ('badKeyAgreeRecipientInfo', 66), |
| ('badKEKRecipientInfo', 67), |
| ('badEncryptContent', 68), |
| ('badEncryptAlgorithm', 69), |
| ('missingCiphertext', 70), |
| ('decryptFailure', 71), |
| ('badMACAlgorithm', 72), |
| ('badAuthAttrs', 73), |
| ('badUnauthAttrs', 74), |
| ('invalidMAC', 75), |
| ('mismatchedDigestAlg', 76), |
| ('missingCertificate', 77), |
| ('tooManySigners', 78), |
| ('missingSignedAttributes', 79), |
| ('derEncodingNotUsed', 80), |
| ('missingContentHints', 81), |
| ('invalidAttributeLocation', 82), |
| ('badMessageDigest', 83), |
| ('badKeyPackage', 84), |
| ('badAttributes', 85), |
| ('attributeComparisonFailure', 86), |
| ('unsupportedSymmetricKeyPackage', 87), |
| ('unsupportedAsymmetricKeyPackage', 88), |
| ('constraintViolation', 89), |
| ('ambiguousDefaultValue', 90), |
| ('noMatchingRecipientInfo', 91), |
| ('unsupportedKeyWrapAlgorithm', 92), |
| ('badKeyTransRecipientInfo', 93), |
| ('other', 127) |
| ) |
| |
| |
| class ErrorCodeChoice(univ.Choice): |
| pass |
| |
| ErrorCodeChoice.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('enum', EnumeratedErrorCode()), |
| namedtype.NamedType('oid', univ.ObjectIdentifier()) |
| ) |
| |
| |
| class KeyPkgID(univ.OctetString): |
| pass |
| |
| |
| class KeyPkgIdentifier(univ.Choice): |
| pass |
| |
| KeyPkgIdentifier.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('pkgID', KeyPkgID()), |
| namedtype.NamedType('attribute', SingleAttribute()) |
| ) |
| |
| |
| class KeyPkgVersion(univ.Integer): |
| pass |
| |
| |
| KeyPkgVersion.namedValues = namedval.NamedValues( |
| ('v1', 1), |
| ('v2', 2) |
| ) |
| |
| KeyPkgVersion.subtypeSpec = constraint.ValueRangeConstraint(1, 65535) |
| |
| |
| id_ct_KP_keyPackageError = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.6') |
| |
| class KeyPackageError(univ.Sequence): |
| pass |
| |
| KeyPackageError.componentType = namedtype.NamedTypes( |
| namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v2')), |
| namedtype.OptionalNamedType('errorOf', KeyPkgIdentifier().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), |
| namedtype.NamedType('errorBy', SIREntityName()), |
| namedtype.NamedType('errorCode', ErrorCodeChoice()) |
| ) |
| |
| |
| # Key Package Receipt CMS Content Type |
| |
| id_ct_KP_keyPackageReceipt = univ.ObjectIdentifier('2.16.840.1.101.2.1.2.78.3') |
| |
| class KeyPackageReceipt(univ.Sequence): |
| pass |
| |
| KeyPackageReceipt.componentType = namedtype.NamedTypes( |
| namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v2')), |
| namedtype.NamedType('receiptOf', KeyPkgIdentifier()), |
| namedtype.NamedType('receivedBy', SIREntityName()) |
| ) |
| |
| |
| # Key Package Receipt Request Attribute |
| |
| class KeyPkgReceiptReq(univ.Sequence): |
| pass |
| |
| KeyPkgReceiptReq.componentType = namedtype.NamedTypes( |
| namedtype.DefaultedNamedType('encryptReceipt', univ.Boolean().subtype(value=0)), |
| namedtype.OptionalNamedType('receiptsFrom', SIREntityNames().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), |
| namedtype.NamedType('receiptsTo', SIREntityNames()) |
| ) |
| |
| |
| id_aa_KP_keyPkgIdAndReceiptReq = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.65') |
| |
| class KeyPkgIdentifierAndReceiptReq(univ.Sequence): |
| pass |
| |
| KeyPkgIdentifierAndReceiptReq.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('pkgID', KeyPkgID()), |
| namedtype.OptionalNamedType('receiptReq', KeyPkgReceiptReq()) |
| ) |
| |
| |
| # Map of Attribute Type OIDs to Attributes are added to |
| # the ones that are in rfc5652.py |
| |
| _cmsAttributesMapUpdate = { |
| id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), |
| } |
| |
| rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) |
| |
| |
| # Map of CMC Content Type OIDs to CMC Content Types are added to |
| # the ones that are in rfc5652.py |
| |
| _cmsContentTypesMapUpdate = { |
| id_ct_KP_keyPackageError: KeyPackageError(), |
| id_ct_KP_keyPackageReceipt: KeyPackageReceipt(), |
| } |
| |
| rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) |