You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

rfc5035.py 4.4KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199
  1. #
  2. # This file is part of pyasn1-modules software.
  3. #
  4. # Created by Russ Housley with assistance from asn1ate v.0.6.0.
  5. # Modified by Russ Housley to add a map for use with opentypes.
  6. #
  7. # Copyright (c) 2019, Vigil Security, LLC
  8. # License: http://snmplabs.com/pyasn1/license.html
  9. #
  10. # Update to Enhanced Security Services for S/MIME
  11. #
  12. # ASN.1 source from:
  13. # https://www.rfc-editor.org/rfc/rfc5035.txt
  14. #
  15. from pyasn1.codec.der.encoder import encode as der_encode
  16. from pyasn1.type import namedtype
  17. from pyasn1.type import univ
  18. from pyasn1_modules import rfc2634
  19. from pyasn1_modules import rfc4055
  20. from pyasn1_modules import rfc5652
  21. from pyasn1_modules import rfc5280
  22. ContentType = rfc5652.ContentType
  23. IssuerAndSerialNumber = rfc5652.IssuerAndSerialNumber
  24. SubjectKeyIdentifier = rfc5652.SubjectKeyIdentifier
  25. AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
  26. PolicyInformation = rfc5280.PolicyInformation
  27. GeneralNames = rfc5280.GeneralNames
  28. CertificateSerialNumber = rfc5280.CertificateSerialNumber
  29. # Signing Certificate Attribute V1 and V2
  30. id_aa_signingCertificate = rfc2634.id_aa_signingCertificate
  31. id_aa_signingCertificateV2 = univ.ObjectIdentifier('1.2.840.113549.1.9.16.2.47')
  32. Hash = rfc2634.Hash
  33. IssuerSerial = rfc2634.IssuerSerial
  34. ESSCertID = rfc2634.ESSCertID
  35. SigningCertificate = rfc2634.SigningCertificate
  36. sha256AlgId = AlgorithmIdentifier()
  37. sha256AlgId['algorithm'] = rfc4055.id_sha256
  38. # A non-schema object for sha256AlgId['parameters'] as absent
  39. sha256AlgId['parameters'] = der_encode(univ.OctetString(''))
  40. class ESSCertIDv2(univ.Sequence):
  41. pass
  42. ESSCertIDv2.componentType = namedtype.NamedTypes(
  43. namedtype.DefaultedNamedType('hashAlgorithm', sha256AlgId),
  44. namedtype.NamedType('certHash', Hash()),
  45. namedtype.OptionalNamedType('issuerSerial', IssuerSerial())
  46. )
  47. class SigningCertificateV2(univ.Sequence):
  48. pass
  49. SigningCertificateV2.componentType = namedtype.NamedTypes(
  50. namedtype.NamedType('certs', univ.SequenceOf(
  51. componentType=ESSCertIDv2())),
  52. namedtype.OptionalNamedType('policies', univ.SequenceOf(
  53. componentType=PolicyInformation()))
  54. )
  55. # Mail List Expansion History Attribute
  56. id_aa_mlExpandHistory = rfc2634.id_aa_mlExpandHistory
  57. ub_ml_expansion_history = rfc2634.ub_ml_expansion_history
  58. EntityIdentifier = rfc2634.EntityIdentifier
  59. MLReceiptPolicy = rfc2634.MLReceiptPolicy
  60. MLData = rfc2634.MLData
  61. MLExpansionHistory = rfc2634.MLExpansionHistory
  62. # ESS Security Label Attribute
  63. id_aa_securityLabel = rfc2634.id_aa_securityLabel
  64. ub_privacy_mark_length = rfc2634.ub_privacy_mark_length
  65. ub_security_categories = rfc2634.ub_security_categories
  66. ub_integer_options = rfc2634.ub_integer_options
  67. ESSPrivacyMark = rfc2634.ESSPrivacyMark
  68. SecurityClassification = rfc2634.SecurityClassification
  69. SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier
  70. SecurityCategory = rfc2634.SecurityCategory
  71. SecurityCategories = rfc2634.SecurityCategories
  72. ESSSecurityLabel = rfc2634.ESSSecurityLabel
  73. # Equivalent Labels Attribute
  74. id_aa_equivalentLabels = rfc2634.id_aa_equivalentLabels
  75. EquivalentLabels = rfc2634.EquivalentLabels
  76. # Content Identifier Attribute
  77. id_aa_contentIdentifier = rfc2634.id_aa_contentIdentifier
  78. ContentIdentifier = rfc2634.ContentIdentifier
  79. # Content Reference Attribute
  80. id_aa_contentReference = rfc2634.id_aa_contentReference
  81. ContentReference = rfc2634.ContentReference
  82. # Message Signature Digest Attribute
  83. id_aa_msgSigDigest = rfc2634.id_aa_msgSigDigest
  84. MsgSigDigest = rfc2634.MsgSigDigest
  85. # Content Hints Attribute
  86. id_aa_contentHint = rfc2634.id_aa_contentHint
  87. ContentHints = rfc2634.ContentHints
  88. # Receipt Request Attribute
  89. AllOrFirstTier = rfc2634.AllOrFirstTier
  90. ReceiptsFrom = rfc2634.ReceiptsFrom
  91. id_aa_receiptRequest = rfc2634.id_aa_receiptRequest
  92. ub_receiptsTo = rfc2634.ub_receiptsTo
  93. ReceiptRequest = rfc2634.ReceiptRequest
  94. # Receipt Content Type
  95. ESSVersion = rfc2634.ESSVersion
  96. id_ct_receipt = rfc2634.id_ct_receipt
  97. Receipt = rfc2634.Receipt
  98. ub_receiptsTo = rfc2634.ub_receiptsTo
  99. ReceiptRequest = rfc2634.ReceiptRequest
  100. # Map of Attribute Type to the Attribute structure is added to the
  101. # ones that are in rfc5652.py
  102. _cmsAttributesMapUpdate = {
  103. id_aa_signingCertificateV2: SigningCertificateV2(),
  104. }
  105. rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate)
  106. # Map of Content Type OIDs to Content Types is added to the
  107. # ones that are in rfc5652.py
  108. _cmsContentTypesMapUpdate = {
  109. id_ct_receipt: Receipt(),
  110. }
  111. rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)