Funktionierender Prototyp des Serious Games zur Vermittlung von Wissen zu Software-Engineering-Arbeitsmodellen.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

_oid.py 14KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299
  1. # This file is dual licensed under the terms of the Apache License, Version
  2. # 2.0, and the BSD License. See the LICENSE file in the root of this repository
  3. # for complete details.
  4. from __future__ import annotations
  5. import typing
  6. from cryptography.hazmat.bindings._rust import (
  7. ObjectIdentifier as ObjectIdentifier,
  8. )
  9. from cryptography.hazmat.primitives import hashes
  10. class ExtensionOID:
  11. SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
  12. SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
  13. KEY_USAGE = ObjectIdentifier("2.5.29.15")
  14. SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
  15. ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
  16. BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
  17. NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
  18. CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
  19. CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
  20. POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
  21. AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
  22. POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
  23. EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
  24. FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
  25. INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
  26. ISSUING_DISTRIBUTION_POINT = ObjectIdentifier("2.5.29.28")
  27. AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
  28. SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
  29. OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
  30. TLS_FEATURE = ObjectIdentifier("1.3.6.1.5.5.7.1.24")
  31. CRL_NUMBER = ObjectIdentifier("2.5.29.20")
  32. DELTA_CRL_INDICATOR = ObjectIdentifier("2.5.29.27")
  33. PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS = ObjectIdentifier(
  34. "1.3.6.1.4.1.11129.2.4.2"
  35. )
  36. PRECERT_POISON = ObjectIdentifier("1.3.6.1.4.1.11129.2.4.3")
  37. SIGNED_CERTIFICATE_TIMESTAMPS = ObjectIdentifier("1.3.6.1.4.1.11129.2.4.5")
  38. MS_CERTIFICATE_TEMPLATE = ObjectIdentifier("1.3.6.1.4.1.311.21.7")
  39. class OCSPExtensionOID:
  40. NONCE = ObjectIdentifier("1.3.6.1.5.5.7.48.1.2")
  41. ACCEPTABLE_RESPONSES = ObjectIdentifier("1.3.6.1.5.5.7.48.1.4")
  42. class CRLEntryExtensionOID:
  43. CERTIFICATE_ISSUER = ObjectIdentifier("2.5.29.29")
  44. CRL_REASON = ObjectIdentifier("2.5.29.21")
  45. INVALIDITY_DATE = ObjectIdentifier("2.5.29.24")
  46. class NameOID:
  47. COMMON_NAME = ObjectIdentifier("2.5.4.3")
  48. COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
  49. LOCALITY_NAME = ObjectIdentifier("2.5.4.7")
  50. STATE_OR_PROVINCE_NAME = ObjectIdentifier("2.5.4.8")
  51. STREET_ADDRESS = ObjectIdentifier("2.5.4.9")
  52. ORGANIZATION_NAME = ObjectIdentifier("2.5.4.10")
  53. ORGANIZATIONAL_UNIT_NAME = ObjectIdentifier("2.5.4.11")
  54. SERIAL_NUMBER = ObjectIdentifier("2.5.4.5")
  55. SURNAME = ObjectIdentifier("2.5.4.4")
  56. GIVEN_NAME = ObjectIdentifier("2.5.4.42")
  57. TITLE = ObjectIdentifier("2.5.4.12")
  58. INITIALS = ObjectIdentifier("2.5.4.43")
  59. GENERATION_QUALIFIER = ObjectIdentifier("2.5.4.44")
  60. X500_UNIQUE_IDENTIFIER = ObjectIdentifier("2.5.4.45")
  61. DN_QUALIFIER = ObjectIdentifier("2.5.4.46")
  62. PSEUDONYM = ObjectIdentifier("2.5.4.65")
  63. USER_ID = ObjectIdentifier("0.9.2342.19200300.100.1.1")
  64. DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
  65. EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
  66. JURISDICTION_COUNTRY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.3")
  67. JURISDICTION_LOCALITY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.1")
  68. JURISDICTION_STATE_OR_PROVINCE_NAME = ObjectIdentifier(
  69. "1.3.6.1.4.1.311.60.2.1.2"
  70. )
  71. BUSINESS_CATEGORY = ObjectIdentifier("2.5.4.15")
  72. POSTAL_ADDRESS = ObjectIdentifier("2.5.4.16")
  73. POSTAL_CODE = ObjectIdentifier("2.5.4.17")
  74. INN = ObjectIdentifier("1.2.643.3.131.1.1")
  75. OGRN = ObjectIdentifier("1.2.643.100.1")
  76. SNILS = ObjectIdentifier("1.2.643.100.3")
  77. UNSTRUCTURED_NAME = ObjectIdentifier("1.2.840.113549.1.9.2")
  78. class SignatureAlgorithmOID:
  79. RSA_WITH_MD5 = ObjectIdentifier("1.2.840.113549.1.1.4")
  80. RSA_WITH_SHA1 = ObjectIdentifier("1.2.840.113549.1.1.5")
  81. # This is an alternate OID for RSA with SHA1 that is occasionally seen
  82. _RSA_WITH_SHA1 = ObjectIdentifier("1.3.14.3.2.29")
  83. RSA_WITH_SHA224 = ObjectIdentifier("1.2.840.113549.1.1.14")
  84. RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11")
  85. RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12")
  86. RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13")
  87. RSA_WITH_SHA3_224 = ObjectIdentifier("2.16.840.1.101.3.4.3.13")
  88. RSA_WITH_SHA3_256 = ObjectIdentifier("2.16.840.1.101.3.4.3.14")
  89. RSA_WITH_SHA3_384 = ObjectIdentifier("2.16.840.1.101.3.4.3.15")
  90. RSA_WITH_SHA3_512 = ObjectIdentifier("2.16.840.1.101.3.4.3.16")
  91. RSASSA_PSS = ObjectIdentifier("1.2.840.113549.1.1.10")
  92. ECDSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10045.4.1")
  93. ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
  94. ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
  95. ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
  96. ECDSA_WITH_SHA512 = ObjectIdentifier("1.2.840.10045.4.3.4")
  97. ECDSA_WITH_SHA3_224 = ObjectIdentifier("2.16.840.1.101.3.4.3.9")
  98. ECDSA_WITH_SHA3_256 = ObjectIdentifier("2.16.840.1.101.3.4.3.10")
  99. ECDSA_WITH_SHA3_384 = ObjectIdentifier("2.16.840.1.101.3.4.3.11")
  100. ECDSA_WITH_SHA3_512 = ObjectIdentifier("2.16.840.1.101.3.4.3.12")
  101. DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
  102. DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
  103. DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
  104. DSA_WITH_SHA384 = ObjectIdentifier("2.16.840.1.101.3.4.3.3")
  105. DSA_WITH_SHA512 = ObjectIdentifier("2.16.840.1.101.3.4.3.4")
  106. ED25519 = ObjectIdentifier("1.3.101.112")
  107. ED448 = ObjectIdentifier("1.3.101.113")
  108. GOSTR3411_94_WITH_3410_2001 = ObjectIdentifier("1.2.643.2.2.3")
  109. GOSTR3410_2012_WITH_3411_2012_256 = ObjectIdentifier("1.2.643.7.1.1.3.2")
  110. GOSTR3410_2012_WITH_3411_2012_512 = ObjectIdentifier("1.2.643.7.1.1.3.3")
  111. _SIG_OIDS_TO_HASH: typing.Dict[
  112. ObjectIdentifier, typing.Optional[hashes.HashAlgorithm]
  113. ] = {
  114. SignatureAlgorithmOID.RSA_WITH_MD5: hashes.MD5(),
  115. SignatureAlgorithmOID.RSA_WITH_SHA1: hashes.SHA1(),
  116. SignatureAlgorithmOID._RSA_WITH_SHA1: hashes.SHA1(),
  117. SignatureAlgorithmOID.RSA_WITH_SHA224: hashes.SHA224(),
  118. SignatureAlgorithmOID.RSA_WITH_SHA256: hashes.SHA256(),
  119. SignatureAlgorithmOID.RSA_WITH_SHA384: hashes.SHA384(),
  120. SignatureAlgorithmOID.RSA_WITH_SHA512: hashes.SHA512(),
  121. SignatureAlgorithmOID.RSA_WITH_SHA3_224: hashes.SHA3_224(),
  122. SignatureAlgorithmOID.RSA_WITH_SHA3_256: hashes.SHA3_256(),
  123. SignatureAlgorithmOID.RSA_WITH_SHA3_384: hashes.SHA3_384(),
  124. SignatureAlgorithmOID.RSA_WITH_SHA3_512: hashes.SHA3_512(),
  125. SignatureAlgorithmOID.ECDSA_WITH_SHA1: hashes.SHA1(),
  126. SignatureAlgorithmOID.ECDSA_WITH_SHA224: hashes.SHA224(),
  127. SignatureAlgorithmOID.ECDSA_WITH_SHA256: hashes.SHA256(),
  128. SignatureAlgorithmOID.ECDSA_WITH_SHA384: hashes.SHA384(),
  129. SignatureAlgorithmOID.ECDSA_WITH_SHA512: hashes.SHA512(),
  130. SignatureAlgorithmOID.ECDSA_WITH_SHA3_224: hashes.SHA3_224(),
  131. SignatureAlgorithmOID.ECDSA_WITH_SHA3_256: hashes.SHA3_256(),
  132. SignatureAlgorithmOID.ECDSA_WITH_SHA3_384: hashes.SHA3_384(),
  133. SignatureAlgorithmOID.ECDSA_WITH_SHA3_512: hashes.SHA3_512(),
  134. SignatureAlgorithmOID.DSA_WITH_SHA1: hashes.SHA1(),
  135. SignatureAlgorithmOID.DSA_WITH_SHA224: hashes.SHA224(),
  136. SignatureAlgorithmOID.DSA_WITH_SHA256: hashes.SHA256(),
  137. SignatureAlgorithmOID.ED25519: None,
  138. SignatureAlgorithmOID.ED448: None,
  139. SignatureAlgorithmOID.GOSTR3411_94_WITH_3410_2001: None,
  140. SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_256: None,
  141. SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_512: None,
  142. }
  143. class ExtendedKeyUsageOID:
  144. SERVER_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.1")
  145. CLIENT_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.2")
  146. CODE_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.3")
  147. EMAIL_PROTECTION = ObjectIdentifier("1.3.6.1.5.5.7.3.4")
  148. TIME_STAMPING = ObjectIdentifier("1.3.6.1.5.5.7.3.8")
  149. OCSP_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.9")
  150. ANY_EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37.0")
  151. SMARTCARD_LOGON = ObjectIdentifier("1.3.6.1.4.1.311.20.2.2")
  152. KERBEROS_PKINIT_KDC = ObjectIdentifier("1.3.6.1.5.2.3.5")
  153. IPSEC_IKE = ObjectIdentifier("1.3.6.1.5.5.7.3.17")
  154. CERTIFICATE_TRANSPARENCY = ObjectIdentifier("1.3.6.1.4.1.11129.2.4.4")
  155. class AuthorityInformationAccessOID:
  156. CA_ISSUERS = ObjectIdentifier("1.3.6.1.5.5.7.48.2")
  157. OCSP = ObjectIdentifier("1.3.6.1.5.5.7.48.1")
  158. class SubjectInformationAccessOID:
  159. CA_REPOSITORY = ObjectIdentifier("1.3.6.1.5.5.7.48.5")
  160. class CertificatePoliciesOID:
  161. CPS_QUALIFIER = ObjectIdentifier("1.3.6.1.5.5.7.2.1")
  162. CPS_USER_NOTICE = ObjectIdentifier("1.3.6.1.5.5.7.2.2")
  163. ANY_POLICY = ObjectIdentifier("2.5.29.32.0")
  164. class AttributeOID:
  165. CHALLENGE_PASSWORD = ObjectIdentifier("1.2.840.113549.1.9.7")
  166. UNSTRUCTURED_NAME = ObjectIdentifier("1.2.840.113549.1.9.2")
  167. _OID_NAMES = {
  168. NameOID.COMMON_NAME: "commonName",
  169. NameOID.COUNTRY_NAME: "countryName",
  170. NameOID.LOCALITY_NAME: "localityName",
  171. NameOID.STATE_OR_PROVINCE_NAME: "stateOrProvinceName",
  172. NameOID.STREET_ADDRESS: "streetAddress",
  173. NameOID.ORGANIZATION_NAME: "organizationName",
  174. NameOID.ORGANIZATIONAL_UNIT_NAME: "organizationalUnitName",
  175. NameOID.SERIAL_NUMBER: "serialNumber",
  176. NameOID.SURNAME: "surname",
  177. NameOID.GIVEN_NAME: "givenName",
  178. NameOID.TITLE: "title",
  179. NameOID.GENERATION_QUALIFIER: "generationQualifier",
  180. NameOID.X500_UNIQUE_IDENTIFIER: "x500UniqueIdentifier",
  181. NameOID.DN_QUALIFIER: "dnQualifier",
  182. NameOID.PSEUDONYM: "pseudonym",
  183. NameOID.USER_ID: "userID",
  184. NameOID.DOMAIN_COMPONENT: "domainComponent",
  185. NameOID.EMAIL_ADDRESS: "emailAddress",
  186. NameOID.JURISDICTION_COUNTRY_NAME: "jurisdictionCountryName",
  187. NameOID.JURISDICTION_LOCALITY_NAME: "jurisdictionLocalityName",
  188. NameOID.JURISDICTION_STATE_OR_PROVINCE_NAME: (
  189. "jurisdictionStateOrProvinceName"
  190. ),
  191. NameOID.BUSINESS_CATEGORY: "businessCategory",
  192. NameOID.POSTAL_ADDRESS: "postalAddress",
  193. NameOID.POSTAL_CODE: "postalCode",
  194. NameOID.INN: "INN",
  195. NameOID.OGRN: "OGRN",
  196. NameOID.SNILS: "SNILS",
  197. NameOID.UNSTRUCTURED_NAME: "unstructuredName",
  198. SignatureAlgorithmOID.RSA_WITH_MD5: "md5WithRSAEncryption",
  199. SignatureAlgorithmOID.RSA_WITH_SHA1: "sha1WithRSAEncryption",
  200. SignatureAlgorithmOID.RSA_WITH_SHA224: "sha224WithRSAEncryption",
  201. SignatureAlgorithmOID.RSA_WITH_SHA256: "sha256WithRSAEncryption",
  202. SignatureAlgorithmOID.RSA_WITH_SHA384: "sha384WithRSAEncryption",
  203. SignatureAlgorithmOID.RSA_WITH_SHA512: "sha512WithRSAEncryption",
  204. SignatureAlgorithmOID.RSASSA_PSS: "RSASSA-PSS",
  205. SignatureAlgorithmOID.ECDSA_WITH_SHA1: "ecdsa-with-SHA1",
  206. SignatureAlgorithmOID.ECDSA_WITH_SHA224: "ecdsa-with-SHA224",
  207. SignatureAlgorithmOID.ECDSA_WITH_SHA256: "ecdsa-with-SHA256",
  208. SignatureAlgorithmOID.ECDSA_WITH_SHA384: "ecdsa-with-SHA384",
  209. SignatureAlgorithmOID.ECDSA_WITH_SHA512: "ecdsa-with-SHA512",
  210. SignatureAlgorithmOID.DSA_WITH_SHA1: "dsa-with-sha1",
  211. SignatureAlgorithmOID.DSA_WITH_SHA224: "dsa-with-sha224",
  212. SignatureAlgorithmOID.DSA_WITH_SHA256: "dsa-with-sha256",
  213. SignatureAlgorithmOID.ED25519: "ed25519",
  214. SignatureAlgorithmOID.ED448: "ed448",
  215. SignatureAlgorithmOID.GOSTR3411_94_WITH_3410_2001: (
  216. "GOST R 34.11-94 with GOST R 34.10-2001"
  217. ),
  218. SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_256: (
  219. "GOST R 34.10-2012 with GOST R 34.11-2012 (256 bit)"
  220. ),
  221. SignatureAlgorithmOID.GOSTR3410_2012_WITH_3411_2012_512: (
  222. "GOST R 34.10-2012 with GOST R 34.11-2012 (512 bit)"
  223. ),
  224. ExtendedKeyUsageOID.SERVER_AUTH: "serverAuth",
  225. ExtendedKeyUsageOID.CLIENT_AUTH: "clientAuth",
  226. ExtendedKeyUsageOID.CODE_SIGNING: "codeSigning",
  227. ExtendedKeyUsageOID.EMAIL_PROTECTION: "emailProtection",
  228. ExtendedKeyUsageOID.TIME_STAMPING: "timeStamping",
  229. ExtendedKeyUsageOID.OCSP_SIGNING: "OCSPSigning",
  230. ExtendedKeyUsageOID.SMARTCARD_LOGON: "msSmartcardLogin",
  231. ExtendedKeyUsageOID.KERBEROS_PKINIT_KDC: "pkInitKDC",
  232. ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
  233. ExtensionOID.SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
  234. ExtensionOID.KEY_USAGE: "keyUsage",
  235. ExtensionOID.SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
  236. ExtensionOID.ISSUER_ALTERNATIVE_NAME: "issuerAltName",
  237. ExtensionOID.BASIC_CONSTRAINTS: "basicConstraints",
  238. ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS: (
  239. "signedCertificateTimestampList"
  240. ),
  241. ExtensionOID.SIGNED_CERTIFICATE_TIMESTAMPS: (
  242. "signedCertificateTimestampList"
  243. ),
  244. ExtensionOID.PRECERT_POISON: "ctPoison",
  245. ExtensionOID.MS_CERTIFICATE_TEMPLATE: "msCertificateTemplate",
  246. CRLEntryExtensionOID.CRL_REASON: "cRLReason",
  247. CRLEntryExtensionOID.INVALIDITY_DATE: "invalidityDate",
  248. CRLEntryExtensionOID.CERTIFICATE_ISSUER: "certificateIssuer",
  249. ExtensionOID.NAME_CONSTRAINTS: "nameConstraints",
  250. ExtensionOID.CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
  251. ExtensionOID.CERTIFICATE_POLICIES: "certificatePolicies",
  252. ExtensionOID.POLICY_MAPPINGS: "policyMappings",
  253. ExtensionOID.AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
  254. ExtensionOID.POLICY_CONSTRAINTS: "policyConstraints",
  255. ExtensionOID.EXTENDED_KEY_USAGE: "extendedKeyUsage",
  256. ExtensionOID.FRESHEST_CRL: "freshestCRL",
  257. ExtensionOID.INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
  258. ExtensionOID.ISSUING_DISTRIBUTION_POINT: ("issuingDistributionPoint"),
  259. ExtensionOID.AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
  260. ExtensionOID.SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
  261. ExtensionOID.OCSP_NO_CHECK: "OCSPNoCheck",
  262. ExtensionOID.CRL_NUMBER: "cRLNumber",
  263. ExtensionOID.DELTA_CRL_INDICATOR: "deltaCRLIndicator",
  264. ExtensionOID.TLS_FEATURE: "TLSFeature",
  265. AuthorityInformationAccessOID.OCSP: "OCSP",
  266. AuthorityInformationAccessOID.CA_ISSUERS: "caIssuers",
  267. SubjectInformationAccessOID.CA_REPOSITORY: "caRepository",
  268. CertificatePoliciesOID.CPS_QUALIFIER: "id-qt-cps",
  269. CertificatePoliciesOID.CPS_USER_NOTICE: "id-qt-unotice",
  270. OCSPExtensionOID.NONCE: "OCSPNonce",
  271. AttributeOID.CHALLENGE_PASSWORD: "challengePassword",
  272. }