| ## This file is part of Scapy |
| ## See http://www.secdev.org/projects/scapy for more informations |
| ## Copyright (C) Philippe Biondi <phil@secdev.org> |
| ## Modified by Maxence Tury <maxence.tury@ssi.gouv.fr> |
| ## This program is published under a GPLv2 license |
| |
| """ |
| Management Information Base (MIB) parsing |
| """ |
| |
| from __future__ import absolute_import |
| import re |
| from glob import glob |
| from scapy.dadict import DADict,fixname |
| from scapy.config import conf |
| from scapy.utils import do_graph |
| import scapy.modules.six as six |
| from scapy.compat import * |
| |
| ################# |
| ## MIB parsing ## |
| ################# |
| |
| _mib_re_integer = re.compile("^[0-9]+$") |
| _mib_re_both = re.compile("^([a-zA-Z_][a-zA-Z0-9_-]*)\(([0-9]+)\)$") |
| _mib_re_oiddecl = re.compile("$\s*([a-zA-Z0-9_-]+)\s+OBJECT([^:\{\}]|\{[^:]+\})+::=\s*\{([^\}]+)\}",re.M) |
| _mib_re_strings = re.compile('"[^"]*"') |
| _mib_re_comments = re.compile('--.*(\r|\n)') |
| |
| class MIBDict(DADict): |
| def _findroot(self, x): |
| if x.startswith("."): |
| x = x[1:] |
| if not x.endswith("."): |
| x += "." |
| max=0 |
| root="." |
| for k in six.iterkeys(self): |
| if x.startswith(self[k]+"."): |
| if max < len(self[k]): |
| max = len(self[k]) |
| root = k |
| return root, x[max:-1] |
| def _oidname(self, x): |
| root,remainder = self._findroot(x) |
| return root+remainder |
| def _oid(self, x): |
| xl = x.strip(".").split(".") |
| p = len(xl)-1 |
| while p >= 0 and _mib_re_integer.match(xl[p]): |
| p -= 1 |
| if p != 0 or xl[p] not in self: |
| return x |
| xl[p] = self[xl[p]] |
| return ".".join(xl[p:]) |
| def _make_graph(self, other_keys=None, **kargs): |
| if other_keys is None: |
| other_keys = [] |
| nodes = [(k, self[k]) for k in six.iterkeys(self)] |
| oids = [self[k] for k in six.iterkeys(self)] |
| for k in other_keys: |
| if k not in oids: |
| nodes.append(self.oidname(k),k) |
| s = 'digraph "mib" {\n\trankdir=LR;\n\n' |
| for k,o in nodes: |
| s += '\t"%s" [ label="%s" ];\n' % (o,k) |
| s += "\n" |
| for k,o in nodes: |
| parent,remainder = self._findroot(o[:-1]) |
| remainder = remainder[1:]+o[-1] |
| if parent != ".": |
| parent = self[parent] |
| s += '\t"%s" -> "%s" [label="%s"];\n' % (parent, o,remainder) |
| s += "}\n" |
| do_graph(s, **kargs) |
| |
| |
| def mib_register(ident, value, the_mib, unresolved): |
| if ident in the_mib or ident in unresolved: |
| return ident in the_mib |
| resval = [] |
| not_resolved = 0 |
| for v in value: |
| if _mib_re_integer.match(v): |
| resval.append(v) |
| else: |
| v = fixname(plain_str(v)) |
| if v not in the_mib: |
| not_resolved = 1 |
| if v in the_mib: |
| v = the_mib[v] |
| elif v in unresolved: |
| v = unresolved[v] |
| if isinstance(v, list): |
| resval += v |
| else: |
| resval.append(v) |
| if not_resolved: |
| unresolved[ident] = resval |
| return False |
| else: |
| the_mib[ident] = resval |
| keys = list(unresolved) |
| i = 0 |
| while i < len(keys): |
| k = keys[i] |
| if mib_register(k,unresolved[k], the_mib, {}): |
| del(unresolved[k]) |
| del(keys[i]) |
| i = 0 |
| else: |
| i += 1 |
| |
| return True |
| |
| |
| def load_mib(filenames): |
| the_mib = {'iso': ['1']} |
| unresolved = {} |
| for k in six.iterkeys(conf.mib): |
| mib_register(k, conf.mib[k].split("."), the_mib, unresolved) |
| |
| if isinstance(filenames, (str, bytes)): |
| filenames = [filenames] |
| for fnames in filenames: |
| for fname in glob(fnames): |
| f = open(fname) |
| text = f.read() |
| cleantext = " ".join(_mib_re_strings.split(" ".join(_mib_re_comments.split(text)))) |
| for m in _mib_re_oiddecl.finditer(cleantext): |
| gr = m.groups() |
| ident,oid = gr[0],gr[-1] |
| ident=fixname(ident) |
| oid = oid.split() |
| for i, elt in enumerate(oid): |
| m = _mib_re_both.match(elt) |
| if m: |
| oid[i] = m.groups()[1] |
| mib_register(ident, oid, the_mib, unresolved) |
| |
| newmib = MIBDict(_name="MIB") |
| for k,o in six.iteritems(the_mib): |
| newmib[k]=".".join(o) |
| for k,o in six.iteritems(unresolved): |
| newmib[k]=".".join(o) |
| |
| conf.mib=newmib |
| |
| |
| #################### |
| ## OID references ## |
| #################### |
| |
| ####### pkcs1 ####### |
| |
| pkcs1_oids = { |
| "rsaEncryption" : "1.2.840.113549.1.1.1", |
| "md2WithRSAEncryption" : "1.2.840.113549.1.1.2", |
| "md4WithRSAEncryption" : "1.2.840.113549.1.1.3", |
| "md5WithRSAEncryption" : "1.2.840.113549.1.1.4", |
| "sha1-with-rsa-signature" : "1.2.840.113549.1.1.5", |
| "rsaOAEPEncryptionSET" : "1.2.840.113549.1.1.6", |
| "id-RSAES-OAEP" : "1.2.840.113549.1.1.7", |
| "id-mgf1" : "1.2.840.113549.1.1.8", |
| "id-pSpecified" : "1.2.840.113549.1.1.9", |
| "rsassa-pss" : "1.2.840.113549.1.1.10", |
| "sha256WithRSAEncryption" : "1.2.840.113549.1.1.11", |
| "sha384WithRSAEncryption" : "1.2.840.113549.1.1.12", |
| "sha512WithRSAEncryption" : "1.2.840.113549.1.1.13", |
| "sha224WithRSAEncryption" : "1.2.840.113549.1.1.14" |
| } |
| |
| ####### secsig oiw ####### |
| |
| secsig_oids = { |
| "sha1" : "1.3.14.3.2.26" |
| } |
| |
| ####### pkcs9 ####### |
| |
| pkcs9_oids = { |
| "modules" : "1.2.840.113549.1.9.0", |
| "emailAddress" : "1.2.840.113549.1.9.1", |
| "unstructuredName" : "1.2.840.113549.1.9.2", |
| "contentType" : "1.2.840.113549.1.9.3", |
| "messageDigest" : "1.2.840.113549.1.9.4", |
| "signing-time" : "1.2.840.113549.1.9.5", |
| "countersignature" : "1.2.840.113549.1.9.6", |
| "challengePassword" : "1.2.840.113549.1.9.7", |
| "unstructuredAddress" : "1.2.840.113549.1.9.8", |
| "extendedCertificateAttributes" : "1.2.840.113549.1.9.9", |
| "signingDescription" : "1.2.840.113549.1.9.13", |
| "extensionRequest" : "1.2.840.113549.1.9.14", |
| "smimeCapabilities" : "1.2.840.113549.1.9.15", |
| "smime" : "1.2.840.113549.1.9.16", |
| "pgpKeyID" : "1.2.840.113549.1.9.17", |
| "friendlyName" : "1.2.840.113549.1.9.20", |
| "localKeyID" : "1.2.840.113549.1.9.21", |
| "certTypes" : "1.2.840.113549.1.9.22", |
| "crlTypes" : "1.2.840.113549.1.9.23", |
| "pkcs-9-oc" : "1.2.840.113549.1.9.24", |
| "pkcs-9-at" : "1.2.840.113549.1.9.25", |
| "pkcs-9-sx" : "1.2.840.113549.1.9.26", |
| "pkcs-9-mr" : "1.2.840.113549.1.9.27", |
| "id-aa-CMSAlgorithmProtection" : "1.2.840.113549.1.9.52" |
| } |
| |
| ####### x509 ####### |
| |
| attributeType_oids = { |
| "objectClass" : "2.5.4.0", |
| "aliasedEntryName" : "2.5.4.1", |
| "knowledgeInformation" : "2.5.4.2", |
| "commonName" : "2.5.4.3", |
| "surname" : "2.5.4.4", |
| "serialNumber" : "2.5.4.5", |
| "countryName" : "2.5.4.6", |
| "localityName" : "2.5.4.7", |
| "stateOrProvinceName" : "2.5.4.8", |
| "streetAddress" : "2.5.4.9", |
| "organizationName" : "2.5.4.10", |
| "organizationUnitName" : "2.5.4.11", |
| "title" : "2.5.4.12", |
| "description" : "2.5.4.13", |
| "searchGuide" : "2.5.4.14", |
| "businessCategory" : "2.5.4.15", |
| "postalAddress" : "2.5.4.16", |
| "postalCode" : "2.5.4.17", |
| "postOfficeBox" : "2.5.4.18", |
| "physicalDeliveryOfficeName" : "2.5.4.19", |
| "telephoneNumber" : "2.5.4.20", |
| "telexNumber" : "2.5.4.21", |
| "teletexTerminalIdentifier" : "2.5.4.22", |
| "facsimileTelephoneNumber" : "2.5.4.23", |
| "x121Address" : "2.5.4.24", |
| "internationalISDNNumber" : "2.5.4.25", |
| "registeredAddress" : "2.5.4.26", |
| "destinationIndicator" : "2.5.4.27", |
| "preferredDeliveryMethod" : "2.5.4.28", |
| "presentationAddress" : "2.5.4.29", |
| "supportedApplicationContext" : "2.5.4.30", |
| "member" : "2.5.4.31", |
| "owner" : "2.5.4.32", |
| "roleOccupant" : "2.5.4.33", |
| "seeAlso" : "2.5.4.34", |
| "userPassword" : "2.5.4.35", |
| "userCertificate" : "2.5.4.36", |
| "cACertificate" : "2.5.4.37", |
| "authorityRevocationList" : "2.5.4.38", |
| "certificateRevocationList" : "2.5.4.39", |
| "crossCertificatePair" : "2.5.4.40", |
| "name" : "2.5.4.41", |
| "givenName" : "2.5.4.42", |
| "initials" : "2.5.4.43", |
| "generationQualifier" : "2.5.4.44", |
| "uniqueIdentifier" : "2.5.4.45", |
| "dnQualifier" : "2.5.4.46", |
| "enhancedSearchGuide" : "2.5.4.47", |
| "protocolInformation" : "2.5.4.48", |
| "distinguishedName" : "2.5.4.49", |
| "uniqueMember" : "2.5.4.50", |
| "houseIdentifier" : "2.5.4.51", |
| "supportedAlgorithms" : "2.5.4.52", |
| "deltaRevocationList" : "2.5.4.53", |
| "dmdName" : "2.5.4.54", |
| "clearance" : "2.5.4.55", |
| "defaultDirQop" : "2.5.4.56", |
| "attributeIntegrityInfo" : "2.5.4.57", |
| "attributeCertificate" : "2.5.4.58", |
| "attributeCertificateRevocationList": "2.5.4.59", |
| "confKeyInfo" : "2.5.4.60", |
| "aACertificate" : "2.5.4.61", |
| "attributeDescriptorCertificate" : "2.5.4.62", |
| "attributeAuthorityRevocationList" : "2.5.4.63", |
| "family-information" : "2.5.4.64", |
| "pseudonym" : "2.5.4.65", |
| "communicationsService" : "2.5.4.66", |
| "communicationsNetwork" : "2.5.4.67", |
| "certificationPracticeStmt" : "2.5.4.68", |
| "certificatePolicy" : "2.5.4.69", |
| "pkiPath" : "2.5.4.70", |
| "privPolicy" : "2.5.4.71", |
| "role" : "2.5.4.72", |
| "delegationPath" : "2.5.4.73", |
| "protPrivPolicy" : "2.5.4.74", |
| "xMLPrivilegeInfo" : "2.5.4.75", |
| "xmlPrivPolicy" : "2.5.4.76", |
| "uuidpair" : "2.5.4.77", |
| "tagOid" : "2.5.4.78", |
| "uiiFormat" : "2.5.4.79", |
| "uiiInUrh" : "2.5.4.80", |
| "contentUrl" : "2.5.4.81", |
| "permission" : "2.5.4.82", |
| "uri" : "2.5.4.83", |
| "pwdAttribute" : "2.5.4.84", |
| "userPwd" : "2.5.4.85", |
| "urn" : "2.5.4.86", |
| "url" : "2.5.4.87", |
| "utmCoordinates" : "2.5.4.88", |
| "urnC" : "2.5.4.89", |
| "uii" : "2.5.4.90", |
| "epc" : "2.5.4.91", |
| "tagAfi" : "2.5.4.92", |
| "epcFormat" : "2.5.4.93", |
| "epcInUrn" : "2.5.4.94", |
| "ldapUrl" : "2.5.4.95", |
| "ldapUrl" : "2.5.4.96", |
| "organizationIdentifier" : "2.5.4.97" |
| } |
| |
| certificateExtension_oids = { |
| "authorityKeyIdentifier" : "2.5.29.1", |
| "keyAttributes" : "2.5.29.2", |
| "certificatePolicies" : "2.5.29.3", |
| "keyUsageRestriction" : "2.5.29.4", |
| "policyMapping" : "2.5.29.5", |
| "subtreesConstraint" : "2.5.29.6", |
| "subjectAltName" : "2.5.29.7", |
| "issuerAltName" : "2.5.29.8", |
| "subjectDirectoryAttributes" : "2.5.29.9", |
| "basicConstraints" : "2.5.29.10", |
| "subjectKeyIdentifier" : "2.5.29.14", |
| "keyUsage" : "2.5.29.15", |
| "privateKeyUsagePeriod" : "2.5.29.16", |
| "subjectAltName" : "2.5.29.17", |
| "issuerAltName" : "2.5.29.18", |
| "basicConstraints" : "2.5.29.19", |
| "cRLNumber" : "2.5.29.20", |
| "reasonCode" : "2.5.29.21", |
| "expirationDate" : "2.5.29.22", |
| "instructionCode" : "2.5.29.23", |
| "invalidityDate" : "2.5.29.24", |
| "cRLDistributionPoints" : "2.5.29.25", |
| "issuingDistributionPoint" : "2.5.29.26", |
| "deltaCRLIndicator" : "2.5.29.27", |
| "issuingDistributionPoint" : "2.5.29.28", |
| "certificateIssuer" : "2.5.29.29", |
| "nameConstraints" : "2.5.29.30", |
| "cRLDistributionPoints" : "2.5.29.31", |
| "certificatePolicies" : "2.5.29.32", |
| "policyMappings" : "2.5.29.33", |
| "policyConstraints" : "2.5.29.34", |
| "authorityKeyIdentifier" : "2.5.29.35", |
| "policyConstraints" : "2.5.29.36", |
| "extKeyUsage" : "2.5.29.37", |
| "authorityAttributeIdentifier" : "2.5.29.38", |
| "roleSpecCertIdentifier" : "2.5.29.39", |
| "cRLStreamIdentifier" : "2.5.29.40", |
| "basicAttConstraints" : "2.5.29.41", |
| "delegatedNameConstraints" : "2.5.29.42", |
| "timeSpecification" : "2.5.29.43", |
| "cRLScope" : "2.5.29.44", |
| "statusReferrals" : "2.5.29.45", |
| "freshestCRL" : "2.5.29.46", |
| "orderedList" : "2.5.29.47", |
| "attributeDescriptor" : "2.5.29.48", |
| "userNotice" : "2.5.29.49", |
| "sOAIdentifier" : "2.5.29.50", |
| "baseUpdateTime" : "2.5.29.51", |
| "acceptableCertPolicies" : "2.5.29.52", |
| "deltaInfo" : "2.5.29.53", |
| "inhibitAnyPolicy" : "2.5.29.54", |
| "targetInformation" : "2.5.29.55", |
| "noRevAvail" : "2.5.29.56", |
| "acceptablePrivilegePolicies" : "2.5.29.57", |
| "id-ce-toBeRevoked" : "2.5.29.58", |
| "id-ce-RevokedGroups" : "2.5.29.59", |
| "id-ce-expiredCertsOnCRL" : "2.5.29.60", |
| "indirectIssuer" : "2.5.29.61", |
| "id-ce-noAssertion" : "2.5.29.62", |
| "id-ce-aAissuingDistributionPoint" : "2.5.29.63", |
| "id-ce-issuedOnBehaIFOF" : "2.5.29.64", |
| "id-ce-singleUse" : "2.5.29.65", |
| "id-ce-groupAC" : "2.5.29.66", |
| "id-ce-allowedAttAss" : "2.5.29.67", |
| "id-ce-attributeMappings" : "2.5.29.68", |
| "id-ce-holderNameConstraints" : "2.5.29.69" |
| } |
| |
| certExt_oids = { |
| "cert-type" : "2.16.840.1.113730.1.1", |
| "base-url" : "2.16.840.1.113730.1.2", |
| "revocation-url" : "2.16.840.1.113730.1.3", |
| "ca-revocation-url" : "2.16.840.1.113730.1.4", |
| "ca-crl-url" : "2.16.840.1.113730.1.5", |
| "ca-cert-url" : "2.16.840.1.113730.1.6", |
| "renewal-url" : "2.16.840.1.113730.1.7", |
| "ca-policy-url" : "2.16.840.1.113730.1.8", |
| "homepage-url" : "2.16.840.1.113730.1.9", |
| "entity-logo" : "2.16.840.1.113730.1.10", |
| "user-picture" : "2.16.840.1.113730.1.11", |
| "ssl-server-name" : "2.16.840.1.113730.1.12", |
| "comment" : "2.16.840.1.113730.1.13", |
| "lost-password-url" : "2.16.840.1.113730.1.14", |
| "cert-renewal-time" : "2.16.840.1.113730.1.15", |
| "aia" : "2.16.840.1.113730.1.16", |
| "cert-scope-of-use" : "2.16.840.1.113730.1.17", |
| } |
| |
| certPkixPe_oids = { |
| "authorityInfoAccess" : "1.3.6.1.5.5.7.1.1", |
| "biometricInfo" : "1.3.6.1.5.5.7.1.2", |
| "qcStatements" : "1.3.6.1.5.5.7.1.3", |
| "auditIdentity" : "1.3.6.1.5.5.7.1.4", |
| "aaControls" : "1.3.6.1.5.5.7.1.6", |
| "proxying" : "1.3.6.1.5.5.7.1.10", |
| "subjectInfoAccess" : "1.3.6.1.5.5.7.1.11" |
| } |
| |
| certPkixQt_oids = { |
| "cps" : "1.3.6.1.5.5.7.2.1", |
| "unotice" : "1.3.6.1.5.5.7.2.2" |
| } |
| |
| certPkixKp_oids = { |
| "serverAuth" : "1.3.6.1.5.5.7.3.1", |
| "clientAuth" : "1.3.6.1.5.5.7.3.2", |
| "codeSigning" : "1.3.6.1.5.5.7.3.3", |
| "emailProtection" : "1.3.6.1.5.5.7.3.4", |
| "ipsecEndSystem" : "1.3.6.1.5.5.7.3.5", |
| "ipsecTunnel" : "1.3.6.1.5.5.7.3.6", |
| "ipsecUser" : "1.3.6.1.5.5.7.3.7", |
| "timeStamping" : "1.3.6.1.5.5.7.3.8", |
| "ocspSigning" : "1.3.6.1.5.5.7.3.9", |
| "dvcs" : "1.3.6.1.5.5.7.3.10", |
| "secureShellClient" : "1.3.6.1.5.5.7.3.21", |
| "secureShellServer" : "1.3.6.1.5.5.7.3.22" |
| } |
| |
| certPkixAd_oids = { |
| "ocsp" : "1.3.6.1.5.5.7.48.1", |
| "caIssuers" : "1.3.6.1.5.5.7.48.2", |
| "timestamping" : "1.3.6.1.5.5.7.48.3", |
| "id-ad-dvcs" : "1.3.6.1.5.5.7.48.4", |
| "id-ad-caRepository" : "1.3.6.1.5.5.7.48.5", |
| "id-pkix-ocsp-archive-cutoff" : "1.3.6.1.5.5.7.48.6", |
| "id-pkix-ocsp-service-locator" : "1.3.6.1.5.5.7.48.7", |
| "id-ad-cmc" : "1.3.6.1.5.5.7.48.12", |
| "basic-response" : "1.3.6.1.5.5.7.48.1.1" |
| } |
| |
| ####### ansi-x962 ####### |
| |
| x962KeyType_oids = { |
| "prime-field" : "1.2.840.10045.1.1", |
| "characteristic-two-field" : "1.2.840.10045.1.2", |
| "ecPublicKey" : "1.2.840.10045.2.1", |
| } |
| |
| x962Signature_oids = { |
| "ecdsa-with-SHA1" : "1.2.840.10045.4.1", |
| "ecdsa-with-Recommended" : "1.2.840.10045.4.2", |
| "ecdsa-with-SHA224" : "1.2.840.10045.4.3.1", |
| "ecdsa-with-SHA256" : "1.2.840.10045.4.3.2", |
| "ecdsa-with-SHA384" : "1.2.840.10045.4.3.3", |
| "ecdsa-with-SHA512" : "1.2.840.10045.4.3.4" |
| } |
| |
| ####### elliptic curves ####### |
| |
| ansiX962Curve_oids = { |
| "prime192v1" : "1.2.840.10045.3.1.1", |
| "prime192v2" : "1.2.840.10045.3.1.2", |
| "prime192v3" : "1.2.840.10045.3.1.3", |
| "prime239v1" : "1.2.840.10045.3.1.4", |
| "prime239v2" : "1.2.840.10045.3.1.5", |
| "prime239v3" : "1.2.840.10045.3.1.6", |
| "prime256v1" : "1.2.840.10045.3.1.7" |
| } |
| |
| certicomCurve_oids = { |
| "ansit163k1" : "1.3.132.0.1", |
| "ansit163r1" : "1.3.132.0.2", |
| "ansit239k1" : "1.3.132.0.3", |
| "sect113r1" : "1.3.132.0.4", |
| "sect113r2" : "1.3.132.0.5", |
| "secp112r1" : "1.3.132.0.6", |
| "secp112r2" : "1.3.132.0.7", |
| "ansip160r1" : "1.3.132.0.8", |
| "ansip160k1" : "1.3.132.0.9", |
| "ansip256k1" : "1.3.132.0.10", |
| "ansit163r2" : "1.3.132.0.15", |
| "ansit283k1" : "1.3.132.0.16", |
| "ansit283r1" : "1.3.132.0.17", |
| "sect131r1" : "1.3.132.0.22", |
| "ansit193r1" : "1.3.132.0.24", |
| "ansit193r2" : "1.3.132.0.25", |
| "ansit233k1" : "1.3.132.0.26", |
| "ansit233r1" : "1.3.132.0.27", |
| "secp128r1" : "1.3.132.0.28", |
| "secp128r2" : "1.3.132.0.29", |
| "ansip160r2" : "1.3.132.0.30", |
| "ansip192k1" : "1.3.132.0.31", |
| "ansip224k1" : "1.3.132.0.32", |
| "ansip224r1" : "1.3.132.0.33", |
| "ansip384r1" : "1.3.132.0.34", |
| "ansip521r1" : "1.3.132.0.35", |
| "ansit409k1" : "1.3.132.0.36", |
| "ansit409r1" : "1.3.132.0.37", |
| "ansit571k1" : "1.3.132.0.38", |
| "ansit571r1" : "1.3.132.0.39" |
| } |
| |
| ####### policies ####### |
| |
| certPolicy_oids = { |
| "anyPolicy" : "2.5.29.32.0" |
| } |
| |
| # from Chromium source code (ev_root_ca_metadata.cc) |
| evPolicy_oids = { |
| "EV AC Camerfirma S.A. Chambers of Commerce Root - 2008" : "1.3.6.1.4.1.17326.10.14.2.1.2", |
| "EV AC Camerfirma S.A. Chambers of Commerce Root - 2008" : "1.3.6.1.4.1.17326.10.14.2.2.2", |
| "EV AC Camerfirma S.A. Global Chambersign Root - 2008" : "1.3.6.1.4.1.17326.10.8.12.1.2", |
| "EV AC Camerfirma S.A. Global Chambersign Root - 2008" : "1.3.6.1.4.1.17326.10.8.12.2.2", |
| "EV AddTrust/Comodo/USERTrust" : "1.3.6.1.4.1.6449.1.2.1.5.1", |
| "EV AddTrust External CA Root" : "1.3.6.1.4.1.782.1.2.1.8.1", |
| "EV Actualis Authentication Root CA" : "1.3.159.1.17.1", |
| "EV AffirmTrust Commercial" : "1.3.6.1.4.1.34697.2.1", |
| "EV AffirmTrust Networking" : "1.3.6.1.4.1.34697.2.2", |
| "EV AffirmTrust Premium" : "1.3.6.1.4.1.34697.2.3", |
| "EV AffirmTrust Premium ECC" : "1.3.6.1.4.1.34697.2.4", |
| "EV Autoridad de Certificacion Firmaprofesional CIF A62634068" : "1.3.6.1.4.1.13177.10.1.3.10", |
| "EV Baltimore CyberTrust Root" : "1.3.6.1.4.1.6334.1.100.1", |
| "EV Buypass Class 3" : "2.16.578.1.26.1.3.3", |
| "EV Certificate Authority of WoSign" : "1.3.6.1.4.1.36305.2", |
| "EV CertPlus Class 2 Primary CA (KEYNECTIS)" : "1.3.6.1.4.1.22234.2.5.2.3.1", |
| "EV Certum Trusted Network CA" : "1.2.616.1.113527.2.5.1.1", |
| "EV China Internet Network Information Center EV Certificates Root" : "1.3.6.1.4.1.29836.1.10", |
| "EV Cybertrust Global Root" : "1.3.6.1.4.1.6334.1.100.1", |
| "EV DigiCert High Assurance EV Root CA" : "2.16.840.1.114412.2.1", |
| "EV D-TRUST Root Class 3 CA 2 EV 2009" : "1.3.6.1.4.1.4788.2.202.1", |
| "EV Entrust Certification Authority" : "2.16.840.1.114028.10.1.2", |
| "EV Equifax Secure Certificate Authority (GeoTrust)" : "1.3.6.1.4.1.14370.1.6", |
| "EV E-Tugra Certification Authority" : "2.16.792.3.0.4.1.1.4", |
| "EV GeoTrust Primary Certification Authority" : "1.3.6.1.4.1.14370.1.6", |
| "EV GlobalSign Root CAs" : "1.3.6.1.4.1.4146.1.1", |
| "EV Go Daddy Certification Authority" : "2.16.840.1.114413.1.7.23.3", |
| "EV Izenpe.com roots Business" : "1.3.6.1.4.1.14777.6.1.1", |
| "EV Izenpe.com roots Government" : "1.3.6.1.4.1.14777.6.1.2", |
| "EV Network Solutions Certificate Authority" : "1.3.6.1.4.1.781.1.2.1.8.1", |
| "EV QuoVadis Roots" : "1.3.6.1.4.1.8024.0.2.100.1.2", |
| "EV SecureTrust Corporation Roots" : "2.16.840.1.114404.1.1.2.4.1", |
| "EV Security Communication RootCA1" : "1.2.392.200091.100.721.1", |
| "EV Staat der Nederlanden EV Root CA" : "2.16.528.1.1003.1.2.7", |
| "EV StartCom Certification Authority" : "1.3.6.1.4.1.23223.1.1.1", |
| "EV Starfield Certificate Authority" : "2.16.840.1.114414.1.7.23.3", |
| "EV Starfield Service Certificate Authority" : "2.16.840.1.114414.1.7.24.3", |
| "EV SwissSign Gold CA - G2" : "2.16.756.1.89.1.2.1.1", |
| "EV Swisscom Root EV CA 2" : "2.16.756.1.83.21.0", |
| "EV thawte CAs" : "2.16.840.1.113733.1.7.48.1", |
| "EV TWCA Roots" : "1.3.6.1.4.1.40869.1.1.22.3", |
| "EV T-Telessec GlobalRoot Class 3" : "1.3.6.1.4.1.7879.13.24.1", |
| "EV USERTrust Certification Authorities" : "1.3.6.1.4.1.6449.1.2.1.5.1", |
| "EV ValiCert Class 2 Policy Validation Authority" : "2.16.840.1.114413.1.7.23.3", |
| "EV VeriSign Certification Authorities" : "2.16.840.1.113733.1.7.23.6", |
| "EV Wells Fargo WellsSecure Public Root Certification Authority" : "2.16.840.1.114171.500.9", |
| "EV XRamp Global Certification Authority" : "2.16.840.1.114404.1.1.2.4.1", |
| "jurisdictionOfIncorporationLocalityName" : "1.3.6.1.4.1.311.60.2.1.1", |
| "jurisdictionOfIncorporationStateOrProvinceName" : "1.3.6.1.4.1.311.60.2.1.2", |
| "jurisdictionOfIncorporationCountryName" : "1.3.6.1.4.1.311.60.2.1.3" |
| } |
| |
| |
| x509_oids_sets = [ |
| pkcs1_oids, |
| secsig_oids, |
| pkcs9_oids, |
| attributeType_oids, |
| certificateExtension_oids, |
| certExt_oids, |
| certPkixPe_oids, |
| certPkixQt_oids, |
| certPkixKp_oids, |
| certPkixAd_oids, |
| certPolicy_oids, |
| evPolicy_oids, |
| x962KeyType_oids, |
| x962Signature_oids, |
| ansiX962Curve_oids, |
| certicomCurve_oids |
| ] |
| |
| x509_oids = {} |
| |
| for oids_set in x509_oids_sets: |
| x509_oids.update(oids_set) |
| |
| conf.mib = MIBDict(_name="MIB", **x509_oids) |
| |
| |
| ######################### |
| ## Hash mapping helper ## |
| ######################### |
| |
| # This dict enables static access to string references to the hash functions |
| # of some algorithms from pkcs1_oids and x962Signature_oids. |
| |
| hash_by_oid = { |
| "1.2.840.113549.1.1.2" : "md2", |
| "1.2.840.113549.1.1.3" : "md4", |
| "1.2.840.113549.1.1.4" : "md5", |
| "1.2.840.113549.1.1.5" : "sha1", |
| "1.2.840.113549.1.1.11" : "sha256", |
| "1.2.840.113549.1.1.12" : "sha384", |
| "1.2.840.113549.1.1.13" : "sha512", |
| "1.2.840.113549.1.1.14" : "sha224", |
| "1.2.840.10045.4.1" : "sha1", |
| "1.2.840.10045.4.3.1" : "sha224", |
| "1.2.840.10045.4.3.2" : "sha256", |
| "1.2.840.10045.4.3.3" : "sha384", |
| "1.2.840.10045.4.3.4" : "sha512" |
| } |
| |