Merge branch 'master' into open-types-support
diff --git a/CHANGES.txt b/CHANGES.txt
index a7215c6..408cd12 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,9 @@
+Revision 0.2.1, released XX-09-2017
+-----------------------------------
+
+- Allow ANY DEFINED BY objects expanding automatically if requested
+
Revision 0.1.5, released XX-09-2017
-----------------------------------
diff --git a/pyasn1_modules/__init__.py b/pyasn1_modules/__init__.py
index ba164a2..d0c5e53 100644
--- a/pyasn1_modules/__init__.py
+++ b/pyasn1_modules/__init__.py
@@ -1,2 +1,2 @@
# http://www.python.org/dev/peps/pep-0396/
-__version__ = '0.1.5'
+__version__ = '0.2.1'
diff --git a/pyasn1_modules/rfc2315.py b/pyasn1_modules/rfc2315.py
index cf732b0..158aee7 100644
--- a/pyasn1_modules/rfc2315.py
+++ b/pyasn1_modules/rfc2315.py
@@ -25,7 +25,8 @@
class AttributeValueAssertion(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('attributeType', AttributeType()),
- namedtype.NamedType('attributeValue', AttributeValue())
+ namedtype.NamedType('attributeValue', AttributeValue(),
+ openType=opentype.OpenType('type', certificateAttributesMap))
)
@@ -50,12 +51,19 @@
pass
+contentTypeMap = {}
+
+
class EncryptedContentInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
- namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+ namedtype.OptionalNamedType(
+ 'encryptedContent', EncryptedContent().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)
+ ),
+ openType=opentype.OpenType('contentType', contentTypeMap)
+ )
)
@@ -85,8 +93,11 @@
class ContentInfo(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.NamedType('contentType', ContentType()),
- namedtype.OptionalNamedType('content', univ.Any().subtype(
- explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+ namedtype.OptionalNamedType(
+ 'content',
+ univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)),
+ openType=opentype.OpenType('contentType', contentTypeMap)
+ )
)
@@ -270,3 +281,14 @@
class Data(univ.OctetString):
pass
+
+_contentTypeMapUpdate = {
+ data: Data(),
+ signedData: SignedData(),
+ envelopedData: EnvelopedData(),
+ signedAndEnvelopedData: SignedAndEnvelopedData(),
+ digestedData: DigestedData(),
+ encryptedData: EncryptedData()
+}
+
+contentTypeMap.update(_contentTypeMapUpdate)
\ No newline at end of file
diff --git a/pyasn1_modules/rfc2459.py b/pyasn1_modules/rfc2459.py
index c988c4f..6855482 100644
--- a/pyasn1_modules/rfc2459.py
+++ b/pyasn1_modules/rfc2459.py
@@ -13,7 +13,7 @@
# Sample captures from:
# http://wiki.wireshark.org/SampleCaptures/
#
-from pyasn1.type import tag, namedtype, namedval, univ, constraint, char, useful
+from pyasn1.type import tag, namedtype, namedval, opentype, univ, constraint, char, useful
MAX = float('inf')
@@ -84,26 +84,6 @@
id_ad_caIssuers = univ.ObjectIdentifier('1.3.6.1.5.5.7.48.2')
-class AttributeValue(univ.Any):
- pass
-
-
-class AttributeType(univ.ObjectIdentifier):
- pass
-
-
-class AttributeTypeAndValue(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('type', AttributeType()),
- namedtype.NamedType('value', AttributeValue())
- )
-
-
-class Attribute(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('type', AttributeType()),
- namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
- )
id_at = univ.ObjectIdentifier('2.5.4')
@@ -277,19 +257,6 @@
# ----
-class RelativeDistinguishedName(univ.SetOf):
- componentType = AttributeTypeAndValue()
-
-
-class RDNSequence(univ.SequenceOf):
- componentType = RelativeDistinguishedName()
-
-
-class Name(univ.Choice):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('', RDNSequence())
- )
-
class DirectoryString(univ.Choice):
componentType = namedtype.NamedTypes(
@@ -316,111 +283,6 @@
)
-class Extension(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('extnID', univ.ObjectIdentifier()),
- namedtype.DefaultedNamedType('critical', univ.Boolean('False')),
- namedtype.NamedType('extnValue', univ.Any())
- )
-
-
-class Extensions(univ.SequenceOf):
- componentType = Extension()
- sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
-class SubjectPublicKeyInfo(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('algorithm', AlgorithmIdentifier()),
- namedtype.NamedType('subjectPublicKey', univ.BitString())
- )
-
-
-class UniqueIdentifier(univ.BitString):
- pass
-
-
-class Time(univ.Choice):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('utcTime', useful.UTCTime()),
- namedtype.NamedType('generalTime', useful.GeneralizedTime())
- )
-
-
-class Validity(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('notBefore', Time()),
- namedtype.NamedType('notAfter', Time())
- )
-
-
-class CertificateSerialNumber(univ.Integer):
- pass
-
-
-class Version(univ.Integer):
- namedValues = namedval.NamedValues(
- ('v1', 0), ('v2', 1), ('v3', 2)
- )
-
-
-class TBSCertificate(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.DefaultedNamedType('version', Version('v1').subtype(
- explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
- namedtype.NamedType('serialNumber', CertificateSerialNumber()),
- namedtype.NamedType('signature', AlgorithmIdentifier()),
- namedtype.NamedType('issuer', Name()),
- namedtype.NamedType('validity', Validity()),
- namedtype.NamedType('subject', Name()),
- namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
- namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
- namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
- namedtype.OptionalNamedType('extensions', Extensions().subtype(
- explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
- )
-
-
-class Certificate(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('tbsCertificate', TBSCertificate()),
- namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
- namedtype.NamedType('signatureValue', univ.BitString())
- )
-
-
-# CRL structures
-
-class RevokedCertificate(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('userCertificate', CertificateSerialNumber()),
- namedtype.NamedType('revocationDate', Time()),
- namedtype.OptionalNamedType('crlEntryExtensions', Extensions())
- )
-
-
-class TBSCertList(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.OptionalNamedType('version', Version()),
- namedtype.NamedType('signature', AlgorithmIdentifier()),
- namedtype.NamedType('issuer', Name()),
- namedtype.NamedType('thisUpdate', Time()),
- namedtype.OptionalNamedType('nextUpdate', Time()),
- namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())),
- namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(
- explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
- )
-
-
-class CertificateList(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('tbsCertList', TBSCertList()),
- namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
- namedtype.NamedType('signature', univ.BitString())
- )
-
# Algorithm OIDs and parameter structures
@@ -972,11 +834,6 @@
id_ce_subjectDirectoryAttributes = univ.ObjectIdentifier('2.5.29.9')
-class SubjectDirectoryAttributes(univ.SequenceOf):
- componentType = Attribute()
- subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
class EDIPartyName(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('nameAssigner', DirectoryString().subtype(
@@ -986,76 +843,10 @@
)
-class AnotherName(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('type-id', univ.ObjectIdentifier()),
- namedtype.NamedType('value',
- univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
- )
-
-
-class GeneralName(univ.Choice):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('otherName',
- AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
- namedtype.NamedType('rfc822Name',
- char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
- namedtype.NamedType('dNSName',
- char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
- namedtype.NamedType('x400Address',
- ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
- namedtype.NamedType('directoryName',
- Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
- namedtype.NamedType('ediPartyName',
- EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
- namedtype.NamedType('uniformResourceIdentifier',
- char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
- namedtype.NamedType('iPAddress', univ.OctetString().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
- namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)))
- )
-
-
-class GeneralNames(univ.SequenceOf):
- componentType = GeneralName()
- subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
-class AccessDescription(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('accessMethod', univ.ObjectIdentifier()),
- namedtype.NamedType('accessLocation', GeneralName())
- )
-
-
-class AuthorityInfoAccessSyntax(univ.SequenceOf):
- componentType = AccessDescription()
- subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
id_ce_deltaCRLIndicator = univ.ObjectIdentifier('2.5.29.27')
-class DistributionPointName(univ.Choice):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('fullName', GeneralNames().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
- namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
- )
-
-
-class DistributionPoint(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
- namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
- namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
- )
-
class BaseDistance(univ.Integer):
subtypeSpec = univ.Integer.subtypeSpec + constraint.ValueRangeConstraint(0, MAX)
@@ -1064,56 +855,14 @@
id_ce_cRLDistributionPoints = univ.ObjectIdentifier('2.5.29.31')
-class CRLDistPointsSyntax(univ.SequenceOf):
- componentType = DistributionPoint()
- subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
-
-
id_ce_issuingDistributionPoint = univ.ObjectIdentifier('2.5.29.28')
-class IssuingDistributionPoint(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
- namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
- namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
- namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
- namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
- )
-
-
-class GeneralSubtree(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.NamedType('base', GeneralName()),
- namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
- namedtype.OptionalNamedType('maximum', BaseDistance().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
- )
-
-
-class GeneralSubtrees(univ.SequenceOf):
- componentType = GeneralSubtree()
- subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
id_ce_nameConstraints = univ.ObjectIdentifier('2.5.29.30')
-class NameConstraints(univ.Sequence):
- componentType = namedtype.NamedTypes(
- namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
- namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
- )
-
-
class DisplayText(univ.Choice):
componentType = namedtype.NamedTypes(
namedtype.NamedType('visibleString',
@@ -1232,6 +981,110 @@
pass
+id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29')
+
+
+id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17')
+
+
+id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18')
+
+
+class AttributeValue(univ.Any):
+ pass
+
+
+class AttributeType(univ.ObjectIdentifier):
+ pass
+
+certificateAttributesMap = {}
+
+
+class AttributeTypeAndValue(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type', AttributeType()),
+ namedtype.NamedType('value', AttributeValue(),
+ openType=opentype.OpenType('type', certificateAttributesMap))
+ )
+
+
+class Attribute(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type', AttributeType()),
+ namedtype.NamedType('vals', univ.SetOf(componentType=AttributeValue()))
+ )
+
+
+class SubjectDirectoryAttributes(univ.SequenceOf):
+ componentType = Attribute()
+ subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class RelativeDistinguishedName(univ.SetOf):
+ componentType = AttributeTypeAndValue()
+
+
+class RDNSequence(univ.SequenceOf):
+ componentType = RelativeDistinguishedName()
+
+
+class Name(univ.Choice):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('', RDNSequence())
+ )
+
+class CertificateSerialNumber(univ.Integer):
+ pass
+
+
+class AnotherName(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type-id', univ.ObjectIdentifier()),
+ namedtype.NamedType('value',
+ univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
+ )
+
+
+class GeneralName(univ.Choice):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('otherName',
+ AnotherName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('rfc822Name',
+ char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.NamedType('dNSName',
+ char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.NamedType('x400Address',
+ ORAddress().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+ namedtype.NamedType('directoryName',
+ Name().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))),
+ namedtype.NamedType('ediPartyName',
+ EDIPartyName().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))),
+ namedtype.NamedType('uniformResourceIdentifier',
+ char.IA5String().subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 6))),
+ namedtype.NamedType('iPAddress', univ.OctetString().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))),
+ namedtype.NamedType('registeredID', univ.ObjectIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 8)))
+ )
+
+
+class GeneralNames(univ.SequenceOf):
+ componentType = GeneralName()
+ subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class AccessDescription(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('accessMethod', univ.ObjectIdentifier()),
+ namedtype.NamedType('accessLocation', GeneralName())
+ )
+
+
+class AuthorityInfoAccessSyntax(univ.SequenceOf):
+ componentType = AccessDescription()
+ subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
class AuthorityKeyIdentifier(univ.Sequence):
componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('keyIdentifier', KeyIdentifier().subtype(
@@ -1243,30 +1096,189 @@
)
-id_ce_certificateIssuer = univ.ObjectIdentifier('2.5.29.29')
+class DistributionPointName(univ.Choice):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('fullName', GeneralNames().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('nameRelativeToCRLIssuer', RelativeDistinguishedName().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+ )
+
+
+class DistributionPoint(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.OptionalNamedType('reasons', ReasonFlags().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.OptionalNamedType('cRLIssuer', GeneralNames().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2)))
+ )
+
+
+class CRLDistPointsSyntax(univ.SequenceOf):
+ componentType = DistributionPoint()
+ subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class IssuingDistributionPoint(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('distributionPoint', DistributionPointName().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.NamedType('onlyContainsUserCerts', univ.Boolean(False).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.NamedType('onlyContainsCACerts', univ.Boolean(False).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.OptionalNamedType('onlySomeReasons', ReasonFlags().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))),
+ namedtype.NamedType('indirectCRL', univ.Boolean(False).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4)))
+ )
+
+
+class GeneralSubtree(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('base', GeneralName()),
+ namedtype.DefaultedNamedType('minimum', BaseDistance(0).subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.OptionalNamedType('maximum', BaseDistance().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+ )
+
+
+class GeneralSubtrees(univ.SequenceOf):
+ componentType = GeneralSubtree()
+ subtypeSpec = univ.SequenceOf.subtypeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class NameConstraints(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('permittedSubtrees', GeneralSubtrees().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
+ namedtype.OptionalNamedType('excludedSubtrees', GeneralSubtrees().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
+ )
class CertificateIssuer(GeneralNames):
pass
-id_ce_subjectAltName = univ.ObjectIdentifier('2.5.29.17')
-
-
class SubjectAltName(GeneralNames):
pass
-id_ce_issuerAltName = univ.ObjectIdentifier('2.5.29.18')
-
-
class IssuerAltName(GeneralNames):
pass
+certificateExtensionsMap = {}
+
+
+class Extension(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('extnID', univ.ObjectIdentifier()),
+ namedtype.DefaultedNamedType('critical', univ.Boolean('False')),
+ namedtype.NamedType('extnValue', univ.OctetString(),
+ openType=opentype.OpenType('extnID', certificateExtensionsMap))
+ )
+
+
+class Extensions(univ.SequenceOf):
+ componentType = Extension()
+ sizeSpec = univ.SequenceOf.sizeSpec + constraint.ValueSizeConstraint(1, MAX)
+
+
+class SubjectPublicKeyInfo(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('algorithm', AlgorithmIdentifier()),
+ namedtype.NamedType('subjectPublicKey', univ.BitString())
+ )
+
+
+class UniqueIdentifier(univ.BitString):
+ pass
+
+
+class Time(univ.Choice):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('utcTime', useful.UTCTime()),
+ namedtype.NamedType('generalTime', useful.GeneralizedTime())
+ )
+
+
+class Validity(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('notBefore', Time()),
+ namedtype.NamedType('notAfter', Time())
+ )
+
+
+class Version(univ.Integer):
+ namedValues = namedval.NamedValues(
+ ('v1', 0), ('v2', 1), ('v3', 2)
+ )
+
+
+class TBSCertificate(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.DefaultedNamedType('version', Version('v1').subtype(
+ explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType('serialNumber', CertificateSerialNumber()),
+ namedtype.NamedType('signature', AlgorithmIdentifier()),
+ namedtype.NamedType('issuer', Name()),
+ namedtype.NamedType('validity', Validity()),
+ namedtype.NamedType('subject', Name()),
+ namedtype.NamedType('subjectPublicKeyInfo', SubjectPublicKeyInfo()),
+ namedtype.OptionalNamedType('issuerUniqueID', UniqueIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
+ namedtype.OptionalNamedType('subjectUniqueID', UniqueIdentifier().subtype(
+ implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
+ namedtype.OptionalNamedType('extensions', Extensions().subtype(
+ explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
+ )
+
+
+class Certificate(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('tbsCertificate', TBSCertificate()),
+ namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
+ namedtype.NamedType('signatureValue', univ.BitString())
+ )
+
+# CRL structures
+
+class RevokedCertificate(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('userCertificate', CertificateSerialNumber()),
+ namedtype.NamedType('revocationDate', Time()),
+ namedtype.OptionalNamedType('crlEntryExtensions', Extensions())
+ )
+
+
+class TBSCertList(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.OptionalNamedType('version', Version()),
+ namedtype.NamedType('signature', AlgorithmIdentifier()),
+ namedtype.NamedType('issuer', Name()),
+ namedtype.NamedType('thisUpdate', Time()),
+ namedtype.OptionalNamedType('nextUpdate', Time()),
+ namedtype.OptionalNamedType('revokedCertificates', univ.SequenceOf(componentType=RevokedCertificate())),
+ namedtype.OptionalNamedType('crlExtensions', Extensions().subtype(
+ explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
+ )
+
+
+class CertificateList(univ.Sequence):
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('tbsCertList', TBSCertList()),
+ namedtype.NamedType('signatureAlgorithm', AlgorithmIdentifier()),
+ namedtype.NamedType('signature', univ.BitString())
+ )
+
# map of AttributeType -> AttributeValue
-certificateAttributesMap = {
+_certificateAttributesMapUpdate = {
id_at_name: X520name(),
id_at_surname: X520name(),
id_at_givenName: X520name(),
@@ -1283,14 +1295,18 @@
emailAddress: Pkcs9email(),
}
+certificateAttributesMap.update(_certificateAttributesMapUpdate)
+
+
# map of Certificate Extension OIDs to Extensions
-certificateExtensionsMap = {
+_certificateExtensionsMapUpdate = {
id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(),
id_ce_keyUsage: KeyUsage(),
id_ce_privateKeyUsagePeriod: PrivateKeyUsagePeriod(),
- id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects?
+# TODO
+# id_ce_certificatePolicies: PolicyInformation(), # could be a sequence of concat'ed objects?
id_ce_policyMappings: PolicyMappings(),
id_ce_subjectAltName: SubjectAltName(),
id_ce_issuerAltName: IssuerAltName(),
@@ -1309,3 +1325,6 @@
id_ce_invalidityDate: useful.GeneralizedTime(),
id_ce_certificateIssuer: GeneralNames(),
}
+
+certificateExtensionsMap.update(_certificateExtensionsMapUpdate)
+
diff --git a/pyasn1_modules/rfc5280.py b/pyasn1_modules/rfc5280.py
index 7d3aa69..c750f28 100644
--- a/pyasn1_modules/rfc5280.py
+++ b/pyasn1_modules/rfc5280.py
@@ -16,6 +16,7 @@
from pyasn1.type import char
from pyasn1.type import namedtype
from pyasn1.type import namedval
+from pyasn1.type import opentype
from pyasn1.type import tag
from pyasn1.type import constraint
from pyasn1.type import useful
@@ -279,13 +280,10 @@
class AlgorithmIdentifier(univ.Sequence):
- pass
-
-
-AlgorithmIdentifier.componentType = namedtype.NamedTypes(
- namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
- namedtype.OptionalNamedType('parameters', univ.Any())
-)
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('algorithm', univ.ObjectIdentifier()),
+ namedtype.OptionalNamedType('parameters', univ.Any())
+ )
class Time(univ.Choice):
@@ -302,14 +300,17 @@
pass
+certificateAttributesMap = {}
+
+
class AttributeTypeAndValue(univ.Sequence):
- pass
-
-
-AttributeTypeAndValue.componentType = namedtype.NamedTypes(
- namedtype.NamedType('type', AttributeType()),
- namedtype.NamedType('value', AttributeValue())
-)
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type', AttributeType()),
+ namedtype.NamedType(
+ 'value', AttributeValue(),
+ openType=opentype.OpenType('type', certificateAttributesMap)
+ )
+ )
class RelativeDistinguishedName(univ.SetOf):
@@ -379,18 +380,21 @@
ub_extension_attributes = univ.Integer(256)
+certificateExtensionsMap = {
+
+}
+
class ExtensionAttribute(univ.Sequence):
- pass
-
-
-ExtensionAttribute.componentType = namedtype.NamedTypes(
- namedtype.NamedType('extension-attribute-type', univ.Integer().subtype(
- subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(
- implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
- namedtype.NamedType('extension-attribute-value',
- univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
-)
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType(
+ 'extension-attribute-type',
+ univ.Integer().subtype(subtypeSpec=constraint.ValueRangeConstraint(0, ub_extension_attributes)).subtype(implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
+ namedtype.NamedType(
+ 'extension-attribute-value',
+ univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)),
+ openType=opentype.OpenType('type', certificateExtensionsMap))
+ )
id_qt = _buildOid(id_pkix, 2)
@@ -737,13 +741,12 @@
class Attribute(univ.Sequence):
- pass
-
-
-Attribute.componentType = namedtype.NamedTypes(
- namedtype.NamedType('type', AttributeType()),
- namedtype.NamedType('values', univ.SetOf(componentType=AttributeValue()))
-)
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type', AttributeType()),
+ namedtype.NamedType('values',
+ univ.SetOf(componentType=AttributeValue()),
+ openType=opentype.OpenType('type', certificateAttributesMap))
+ )
ub_common_name = univ.Integer(64)
@@ -1066,14 +1069,20 @@
)
+anotherNameMap = {
+
+}
+
+
class AnotherName(univ.Sequence):
- pass
-
-
-AnotherName.componentType = namedtype.NamedTypes(
- namedtype.NamedType('type-id', univ.ObjectIdentifier()),
- namedtype.NamedType('value', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
-)
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('type-id', univ.ObjectIdentifier()),
+ namedtype.NamedType(
+ 'value',
+ univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)),
+ openType=opentype.OpenType('type-id', anotherNameMap)
+ )
+ )
class EDIPartyName(univ.Sequence):
@@ -1311,14 +1320,19 @@
pass
+policyQualifierInfoMap = {
+
+}
+
+
class PolicyQualifierInfo(univ.Sequence):
- pass
-
-
-PolicyQualifierInfo.componentType = namedtype.NamedTypes(
- namedtype.NamedType('policyQualifierId', PolicyQualifierId()),
- namedtype.NamedType('qualifier', univ.Any())
-)
+ componentType = namedtype.NamedTypes(
+ namedtype.NamedType('policyQualifierId', PolicyQualifierId()),
+ namedtype.NamedType(
+ 'qualifier', univ.Any(),
+ openType=opentype.OpenType('policyQualifierId', policyQualifierInfoMap)
+ )
+ )
class CertPolicyId(univ.ObjectIdentifier):
@@ -1549,7 +1563,7 @@
# map of AttributeType -> AttributeValue
-certificateAttributesMap = {
+_certificateAttributesMapUpdate = {
id_at_name: X520name(),
id_at_surname: X520name(),
id_at_givenName: X520name(),
@@ -1569,9 +1583,12 @@
id_emailAddress: EmailAddress(),
}
+certificateAttributesMap.update(_certificateAttributesMapUpdate)
+
+
# map of Certificate Extension OIDs to Extensions
-certificateExtensionsMap = {
+_certificateExtensionsMap = {
id_ce_authorityKeyIdentifier: AuthorityKeyIdentifier(),
id_ce_subjectKeyIdentifier: SubjectKeyIdentifier(),
id_ce_keyUsage: KeyUsage(),
@@ -1595,3 +1612,5 @@
id_ce_invalidityDate: useful.GeneralizedTime(),
id_ce_certificateIssuer: GeneralNames(),
}
+
+certificateExtensionsMap.update(_certificateExtensionsMap)
diff --git a/tests/test_rfc2315.py b/tests/test_rfc2315.py
index b451ed1..ba92801 100644
--- a/tests/test_rfc2315.py
+++ b/tests/test_rfc2315.py
@@ -148,29 +148,15 @@
assert asn1Object.prettyPrint()
assert der_encoder.encode(asn1Object) == substrate
- contentType = asn1Object['contentType']
- substrate = asn1Object['content']
+ def testDerCodecDecodeOpenTypes(self):
- contentInfoMap = {
- (1, 2, 840, 113549, 1, 7, 1): rfc2315.Data(),
- (1, 2, 840, 113549, 1, 7, 2): rfc2315.SignedData(),
- (1, 2, 840, 113549, 1, 7, 3): rfc2315.EnvelopedData(),
- (1, 2, 840, 113549, 1, 7, 4): rfc2315.SignedAndEnvelopedData(),
- (1, 2, 840, 113549, 1, 7, 5): rfc2315.DigestedData(),
- (1, 2, 840, 113549, 1, 7, 6): rfc2315.EncryptedData()
- }
+ substrate = pem.readBase64fromText(self.pem_text_unordered)
- innerAsn1Object, rest = der_decoder.decode(
- substrate, asn1Spec=contentInfoMap[contentType]
- )
-
- asn1Object['content'] = der_encoder.encode(innerAsn1Object)
-
- substrate = pem.readBase64fromText(self.pem_text_reordered)
+ asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
assert not rest
assert asn1Object.prettyPrint()
- assert der_encoder.encode(asn1Object) == substrate
+ assert der_encoder.encode(asn1Object, decodeOpenTypes=True) == substrate
suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
diff --git a/tests/test_rfc2459.py b/tests/test_rfc2459.py
index 1fa9d07..c3310d9 100644
--- a/tests/test_rfc2459.py
+++ b/tests/test_rfc2459.py
@@ -49,6 +49,16 @@
assert asn1Object.prettyPrint()
assert der_encoder.encode(asn1Object) == substrate
+ def testDerCodecDecodeOpenTypes(self):
+
+ substrate = pem.readBase64fromText(self.pem_text)
+
+ asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
+
+ assert not rest
+ assert asn1Object.prettyPrint()
+ assert der_encoder.encode(asn1Object) == substrate
+
class CertificateListTestCase(unittest.TestCase):
pem_text = """\
@@ -75,6 +85,16 @@
assert asn1Object.prettyPrint()
assert der_encoder.encode(asn1Object) == substrate
+ def testDerCodecDecodeOpenTypes(self):
+
+ substrate = pem.readBase64fromText(self.pem_text)
+
+ asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
+
+ assert not rest
+ assert asn1Object.prettyPrint()
+ assert der_encoder.encode(asn1Object) == substrate
+
class DSAPrivateKeyTestCase(unittest.TestCase):
pem_text = """\
@@ -103,6 +123,16 @@
assert asn1Object.prettyPrint()
assert der_encoder.encode(asn1Object) == substrate
+ def testDerCodecDecodeOpenTypes(self):
+
+ substrate = pem.readBase64fromText(self.pem_text)
+
+ asn1Object, rest = der_decoder.decode(substrate, asn1Spec=self.asn1Spec, decodeOpenTypes=True)
+
+ assert not rest
+ assert asn1Object.prettyPrint()
+ assert der_encoder.encode(asn1Object) == substrate
+
suite = unittest.TestLoader().loadTestsFromModule(sys.modules[__name__])
