123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469 |
- #
- # This file is part of pyasn1-modules software.
- #
- # Created by Russ Housley with assistance from asn1ate v.0.6.0.
- #
- # Copyright (c) 2019, Vigil Security, LLC
- # License: http://snmplabs.com/pyasn1/license.html
- #
- # CMS Symmetric Key Package Content Type
- #
- # ASN.1 source from:
- # https://www.rfc-editor.org/rfc/rfc6031.txt
- #
-
- from pyasn1.type import char
- from pyasn1.type import constraint
- from pyasn1.type import namedtype
- from pyasn1.type import namedval
- from pyasn1.type import opentype
- from pyasn1.type import tag
- from pyasn1.type import univ
- from pyasn1.type import useful
-
- from pyasn1_modules import rfc5652
- from pyasn1_modules import rfc6019
-
-
- def _OID(*components):
- output = []
- for x in tuple(components):
- if isinstance(x, univ.ObjectIdentifier):
- output.extend(list(x))
- else:
- output.append(int(x))
- return univ.ObjectIdentifier(output)
-
-
- MAX = float('inf')
-
- id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12')
-
-
- # Symmetric Key Package Attributes
-
- id_pskc_manufacturer = _OID(id_pskc, 1)
-
- class at_pskc_manufacturer(char.UTF8String):
- pass
-
-
- id_pskc_serialNo = _OID(id_pskc, 2)
-
- class at_pskc_serialNo(char.UTF8String):
- pass
-
-
- id_pskc_model = _OID(id_pskc, 3)
-
- class at_pskc_model(char.UTF8String):
- pass
-
-
- id_pskc_issueNo = _OID(id_pskc, 4)
-
- class at_pskc_issueNo(char.UTF8String):
- pass
-
-
- id_pskc_deviceBinding = _OID(id_pskc, 5)
-
- class at_pskc_deviceBinding(char.UTF8String):
- pass
-
-
- id_pskc_deviceStartDate = _OID(id_pskc, 6)
-
- class at_pskc_deviceStartDate(useful.GeneralizedTime):
- pass
-
-
- id_pskc_deviceExpiryDate = _OID(id_pskc, 7)
-
- class at_pskc_deviceExpiryDate(useful.GeneralizedTime):
- pass
-
-
- id_pskc_moduleId = _OID(id_pskc, 8)
-
- class at_pskc_moduleId(char.UTF8String):
- pass
-
-
- id_pskc_deviceUserId = _OID(id_pskc, 26)
-
- class at_pskc_deviceUserId(char.UTF8String):
- pass
-
-
- # Symmetric Key Attributes
-
- id_pskc_keyId = _OID(id_pskc, 9)
-
- class at_pskc_keyUserId(char.UTF8String):
- pass
-
-
- id_pskc_algorithm = _OID(id_pskc, 10)
-
- class at_pskc_algorithm(char.UTF8String):
- pass
-
-
- id_pskc_issuer = _OID(id_pskc, 11)
-
- class at_pskc_issuer(char.UTF8String):
- pass
-
-
- id_pskc_keyProfileId = _OID(id_pskc, 12)
-
- class at_pskc_keyProfileId(char.UTF8String):
- pass
-
-
- id_pskc_keyReference = _OID(id_pskc, 13)
-
- class at_pskc_keyReference(char.UTF8String):
- pass
-
-
- id_pskc_friendlyName = _OID(id_pskc, 14)
-
- class FriendlyName(univ.Sequence):
- pass
-
- FriendlyName.componentType = namedtype.NamedTypes(
- namedtype.NamedType('friendlyName', char.UTF8String()),
- namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String())
- )
-
- class at_pskc_friendlyName(FriendlyName):
- pass
-
-
- id_pskc_algorithmParameters = _OID(id_pskc, 15)
-
- class Encoding(char.UTF8String):
- pass
-
- Encoding.namedValues = namedval.NamedValues(
- ('dec', "DECIMAL"),
- ('hex', "HEXADECIMAL"),
- ('alpha', "ALPHANUMERIC"),
- ('b64', "BASE64"),
- ('bin', "BINARY")
- )
-
- Encoding.subtypeSpec = constraint.SingleValueConstraint(
- "DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" )
-
- class ChallengeFormat(univ.Sequence):
- pass
-
- ChallengeFormat.componentType = namedtype.NamedTypes(
- namedtype.NamedType('encoding', Encoding()),
- namedtype.DefaultedNamedType('checkDigit',
- univ.Boolean().subtype(value=0)),
- namedtype.NamedType('min', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
- namedtype.NamedType('max', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, MAX)))
- )
-
- class ResponseFormat(univ.Sequence):
- pass
-
- ResponseFormat.componentType = namedtype.NamedTypes(
- namedtype.NamedType('encoding', Encoding()),
- namedtype.NamedType('length', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, MAX))),
- namedtype.DefaultedNamedType('checkDigit',
- univ.Boolean().subtype(value=0))
- )
-
- class PSKCAlgorithmParameters(univ.Choice):
- pass
-
- PSKCAlgorithmParameters.componentType = namedtype.NamedTypes(
- namedtype.NamedType('suite', char.UTF8String()),
- namedtype.NamedType('challengeFormat', ChallengeFormat().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
- namedtype.NamedType('responseFormat', ResponseFormat().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
- )
-
- class at_pskc_algorithmParameters(PSKCAlgorithmParameters):
- pass
-
-
- id_pskc_counter = _OID(id_pskc, 16)
-
- class at_pskc_counter(univ.Integer):
- pass
-
- at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
-
-
- id_pskc_time = _OID(id_pskc, 17)
-
- class at_pskc_time(rfc6019.BinaryTime):
- pass
-
-
- id_pskc_timeInterval = _OID(id_pskc, 18)
-
- class at_pskc_timeInterval(univ.Integer):
- pass
-
- at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
-
-
- id_pskc_timeDrift = _OID(id_pskc, 19)
-
- class at_pskc_timeDrift(univ.Integer):
- pass
-
- at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
-
-
- id_pskc_valueMAC = _OID(id_pskc, 20)
-
- class ValueMac(univ.Sequence):
- pass
-
- ValueMac.componentType = namedtype.NamedTypes(
- namedtype.NamedType('macAlgorithm', char.UTF8String()),
- namedtype.NamedType('mac', char.UTF8String())
- )
-
- class at_pskc_valueMAC(ValueMac):
- pass
-
-
- id_pskc_keyUserId = _OID(id_pskc, 27)
-
- class at_pskc_keyId(char.UTF8String):
- pass
-
-
- id_pskc_keyStartDate = _OID(id_pskc, 21)
-
- class at_pskc_keyStartDate(useful.GeneralizedTime):
- pass
-
-
- id_pskc_keyExpiryDate = _OID(id_pskc, 22)
-
- class at_pskc_keyExpiryDate(useful.GeneralizedTime):
- pass
-
-
- id_pskc_numberOfTransactions = _OID(id_pskc, 23)
-
- class at_pskc_numberOfTransactions(univ.Integer):
- pass
-
- at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX)
-
-
- id_pskc_keyUsages = _OID(id_pskc, 24)
-
- class PSKCKeyUsage(char.UTF8String):
- pass
-
- PSKCKeyUsage.namedValues = namedval.NamedValues(
- ('otp', "OTP"),
- ('cr', "CR"),
- ('encrypt', "Encrypt"),
- ('integrity', "Integrity"),
- ('verify', "Verify"),
- ('unlock', "Unlock"),
- ('decrypt', "Decrypt"),
- ('keywrap', "KeyWrap"),
- ('unwrap', "Unwrap"),
- ('derive', "Derive"),
- ('generate', "Generate")
- )
-
- PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint(
- "OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock",
- "Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" )
-
- class PSKCKeyUsages(univ.SequenceOf):
- pass
-
- PSKCKeyUsages.componentType = PSKCKeyUsage()
-
- class at_pskc_keyUsage(PSKCKeyUsages):
- pass
-
-
- id_pskc_pinPolicy = _OID(id_pskc, 25)
-
- class PINUsageMode(char.UTF8String):
- pass
-
- PINUsageMode.namedValues = namedval.NamedValues(
- ("local", "Local"),
- ("prepend", "Prepend"),
- ("append", "Append"),
- ("algorithmic", "Algorithmic")
- )
-
- PINUsageMode.subtypeSpec = constraint.SingleValueConstraint(
- "Local", "Prepend", "Append", "Algorithmic" )
-
- class PINPolicy(univ.Sequence):
- pass
-
- PINPolicy.componentType = namedtype.NamedTypes(
- namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
- namedtype.NamedType('pinUsageMode', PINUsageMode().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
- namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
- namedtype.OptionalNamedType('minLength', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
- namedtype.OptionalNamedType('maxLength', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
- namedtype.OptionalNamedType('pinEncoding', Encoding().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5)))
- )
-
- class at_pskc_pinPolicy(PINPolicy):
- pass
-
-
- # Map of Symmetric Key Package Attribute OIDs to Attributes
-
- sKeyPkgAttributesMap = {
- id_pskc_manufacturer: at_pskc_manufacturer(),
- id_pskc_serialNo: at_pskc_serialNo(),
- id_pskc_model: at_pskc_model(),
- id_pskc_issueNo: at_pskc_issueNo(),
- id_pskc_deviceBinding: at_pskc_deviceBinding(),
- id_pskc_deviceStartDate: at_pskc_deviceStartDate(),
- id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(),
- id_pskc_moduleId: at_pskc_moduleId(),
- id_pskc_deviceUserId: at_pskc_deviceUserId(),
- }
-
-
- # Map of Symmetric Key Attribute OIDs to Attributes
-
- sKeyAttributesMap = {
- id_pskc_keyId: at_pskc_keyId(),
- id_pskc_algorithm: at_pskc_algorithm(),
- id_pskc_issuer: at_pskc_issuer(),
- id_pskc_keyProfileId: at_pskc_keyProfileId(),
- id_pskc_keyReference: at_pskc_keyReference(),
- id_pskc_friendlyName: at_pskc_friendlyName(),
- id_pskc_algorithmParameters: at_pskc_algorithmParameters(),
- id_pskc_counter: at_pskc_counter(),
- id_pskc_time: at_pskc_time(),
- id_pskc_timeInterval: at_pskc_timeInterval(),
- id_pskc_timeDrift: at_pskc_timeDrift(),
- id_pskc_valueMAC: at_pskc_valueMAC(),
- id_pskc_keyUserId: at_pskc_keyUserId(),
- id_pskc_keyStartDate: at_pskc_keyStartDate(),
- id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(),
- id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(),
- id_pskc_keyUsages: at_pskc_keyUsage(),
- id_pskc_pinPolicy: at_pskc_pinPolicy(),
- }
-
-
- # This definition replaces Attribute() from rfc5652.py; it is the same except
- # that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap
-
- class AttributeType(univ.ObjectIdentifier):
- pass
-
-
- class AttributeValue(univ.Any):
- pass
-
-
- class SKeyAttribute(univ.Sequence):
- pass
-
- SKeyAttribute.componentType = namedtype.NamedTypes(
- namedtype.NamedType('attrType', AttributeType()),
- namedtype.NamedType('attrValues',
- univ.SetOf(componentType=AttributeValue()),
- openType=opentype.OpenType('attrType', sKeyAttributesMap)
- )
- )
-
-
- class SKeyPkgAttribute(univ.Sequence):
- pass
-
- SKeyPkgAttribute.componentType = namedtype.NamedTypes(
- namedtype.NamedType('attrType', AttributeType()),
- namedtype.NamedType('attrValues',
- univ.SetOf(componentType=AttributeValue()),
- openType=opentype.OpenType('attrType', sKeyPkgAttributesMap)
- )
- )
-
-
- # Symmetric Key Package Content Type
-
- id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25')
-
-
- class KeyPkgVersion(univ.Integer):
- pass
-
- KeyPkgVersion.namedValues = namedval.NamedValues(
- ('v1', 1)
- )
-
-
- class OneSymmetricKey(univ.Sequence):
- pass
-
- OneSymmetricKey.componentType = namedtype.NamedTypes(
- namedtype.OptionalNamedType('sKeyAttrs',
- univ.SequenceOf(componentType=SKeyAttribute()).subtype(
- subtypeSpec=constraint.ValueSizeConstraint(1, MAX))),
- namedtype.OptionalNamedType('sKey', univ.OctetString())
- )
-
- OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2)
-
-
- class SymmetricKeys(univ.SequenceOf):
- pass
-
- SymmetricKeys.componentType = OneSymmetricKey()
- SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX)
-
-
- class SymmetricKeyPackage(univ.Sequence):
- pass
-
- SymmetricKeyPackage.componentType = namedtype.NamedTypes(
- namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')),
- namedtype.OptionalNamedType('sKeyPkgAttrs',
- univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype(
- subtypeSpec=constraint.ValueSizeConstraint(1, MAX),
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
- namedtype.NamedType('sKeys', SymmetricKeys())
- )
-
-
- # Map of Content Type OIDs to Content Types are
- # added to the ones that are in rfc5652.py
-
- _cmsContentTypesMapUpdate = {
- id_ct_KP_sKeyPackage: SymmetricKeyPackage(),
- }
-
- rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate)
|