| # |
| # This file is part of pyasn1-modules software. |
| # |
| # Created by Russ Housley with assistance from asn1ate v.0.6.0. |
| # |
| # Copyright (c) 2019, Vigil Security, LLC |
| # License: http://snmplabs.com/pyasn1/license.html |
| # |
| # CMS Symmetric Key Package Content Type |
| # |
| # ASN.1 source from: |
| # https://www.rfc-editor.org/rfc/rfc6031.txt |
| # |
| |
| from pyasn1.type import char |
| from pyasn1.type import constraint |
| from pyasn1.type import namedtype |
| from pyasn1.type import namedval |
| from pyasn1.type import opentype |
| from pyasn1.type import tag |
| from pyasn1.type import univ |
| from pyasn1.type import useful |
| |
| from pyasn1_modules import rfc5652 |
| from pyasn1_modules import rfc6019 |
| |
| |
| def _OID(*components): |
| output = [] |
| for x in tuple(components): |
| if isinstance(x, univ.ObjectIdentifier): |
| output.extend(list(x)) |
| else: |
| output.append(int(x)) |
| return univ.ObjectIdentifier(output) |
| |
| |
| MAX = float('inf') |
| |
| id_pskc = univ.ObjectIdentifier('1.2.840.113549.1.9.16.12') |
| |
| |
| # Symmetric Key Package Attributes |
| |
| id_pskc_manufacturer = _OID(id_pskc, 1) |
| |
| class at_pskc_manufacturer(char.UTF8String): |
| pass |
| |
| |
| id_pskc_serialNo = _OID(id_pskc, 2) |
| |
| class at_pskc_serialNo(char.UTF8String): |
| pass |
| |
| |
| id_pskc_model = _OID(id_pskc, 3) |
| |
| class at_pskc_model(char.UTF8String): |
| pass |
| |
| |
| id_pskc_issueNo = _OID(id_pskc, 4) |
| |
| class at_pskc_issueNo(char.UTF8String): |
| pass |
| |
| |
| id_pskc_deviceBinding = _OID(id_pskc, 5) |
| |
| class at_pskc_deviceBinding(char.UTF8String): |
| pass |
| |
| |
| id_pskc_deviceStartDate = _OID(id_pskc, 6) |
| |
| class at_pskc_deviceStartDate(useful.GeneralizedTime): |
| pass |
| |
| |
| id_pskc_deviceExpiryDate = _OID(id_pskc, 7) |
| |
| class at_pskc_deviceExpiryDate(useful.GeneralizedTime): |
| pass |
| |
| |
| id_pskc_moduleId = _OID(id_pskc, 8) |
| |
| class at_pskc_moduleId(char.UTF8String): |
| pass |
| |
| |
| id_pskc_deviceUserId = _OID(id_pskc, 26) |
| |
| class at_pskc_deviceUserId(char.UTF8String): |
| pass |
| |
| |
| # Symmetric Key Attributes |
| |
| id_pskc_keyId = _OID(id_pskc, 9) |
| |
| class at_pskc_keyUserId(char.UTF8String): |
| pass |
| |
| |
| id_pskc_algorithm = _OID(id_pskc, 10) |
| |
| class at_pskc_algorithm(char.UTF8String): |
| pass |
| |
| |
| id_pskc_issuer = _OID(id_pskc, 11) |
| |
| class at_pskc_issuer(char.UTF8String): |
| pass |
| |
| |
| id_pskc_keyProfileId = _OID(id_pskc, 12) |
| |
| class at_pskc_keyProfileId(char.UTF8String): |
| pass |
| |
| |
| id_pskc_keyReference = _OID(id_pskc, 13) |
| |
| class at_pskc_keyReference(char.UTF8String): |
| pass |
| |
| |
| id_pskc_friendlyName = _OID(id_pskc, 14) |
| |
| class FriendlyName(univ.Sequence): |
| pass |
| |
| FriendlyName.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('friendlyName', char.UTF8String()), |
| namedtype.OptionalNamedType('friendlyNameLangTag', char.UTF8String()) |
| ) |
| |
| class at_pskc_friendlyName(FriendlyName): |
| pass |
| |
| |
| id_pskc_algorithmParameters = _OID(id_pskc, 15) |
| |
| class Encoding(char.UTF8String): |
| pass |
| |
| Encoding.namedValues = namedval.NamedValues( |
| ('dec', "DECIMAL"), |
| ('hex', "HEXADECIMAL"), |
| ('alpha', "ALPHANUMERIC"), |
| ('b64', "BASE64"), |
| ('bin', "BINARY") |
| ) |
| |
| Encoding.subtypeSpec = constraint.SingleValueConstraint( |
| "DECIMAL", "HEXADECIMAL", "ALPHANUMERIC", "BASE64", "BINARY" ) |
| |
| class ChallengeFormat(univ.Sequence): |
| pass |
| |
| ChallengeFormat.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('encoding', Encoding()), |
| namedtype.DefaultedNamedType('checkDigit', |
| univ.Boolean().subtype(value=0)), |
| namedtype.NamedType('min', univ.Integer().subtype( |
| subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), |
| namedtype.NamedType('max', univ.Integer().subtype( |
| subtypeSpec=constraint.ValueRangeConstraint(0, MAX))) |
| ) |
| |
| class ResponseFormat(univ.Sequence): |
| pass |
| |
| ResponseFormat.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('encoding', Encoding()), |
| namedtype.NamedType('length', univ.Integer().subtype( |
| subtypeSpec=constraint.ValueRangeConstraint(0, MAX))), |
| namedtype.DefaultedNamedType('checkDigit', |
| univ.Boolean().subtype(value=0)) |
| ) |
| |
| class PSKCAlgorithmParameters(univ.Choice): |
| pass |
| |
| PSKCAlgorithmParameters.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('suite', char.UTF8String()), |
| namedtype.NamedType('challengeFormat', ChallengeFormat().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))), |
| namedtype.NamedType('responseFormat', ResponseFormat().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))) |
| ) |
| |
| class at_pskc_algorithmParameters(PSKCAlgorithmParameters): |
| pass |
| |
| |
| id_pskc_counter = _OID(id_pskc, 16) |
| |
| class at_pskc_counter(univ.Integer): |
| pass |
| |
| at_pskc_counter.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) |
| |
| |
| id_pskc_time = _OID(id_pskc, 17) |
| |
| class at_pskc_time(rfc6019.BinaryTime): |
| pass |
| |
| |
| id_pskc_timeInterval = _OID(id_pskc, 18) |
| |
| class at_pskc_timeInterval(univ.Integer): |
| pass |
| |
| at_pskc_timeInterval.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) |
| |
| |
| id_pskc_timeDrift = _OID(id_pskc, 19) |
| |
| class at_pskc_timeDrift(univ.Integer): |
| pass |
| |
| at_pskc_timeDrift.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) |
| |
| |
| id_pskc_valueMAC = _OID(id_pskc, 20) |
| |
| class ValueMac(univ.Sequence): |
| pass |
| |
| ValueMac.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('macAlgorithm', char.UTF8String()), |
| namedtype.NamedType('mac', char.UTF8String()) |
| ) |
| |
| class at_pskc_valueMAC(ValueMac): |
| pass |
| |
| |
| id_pskc_keyUserId = _OID(id_pskc, 27) |
| |
| class at_pskc_keyId(char.UTF8String): |
| pass |
| |
| |
| id_pskc_keyStartDate = _OID(id_pskc, 21) |
| |
| class at_pskc_keyStartDate(useful.GeneralizedTime): |
| pass |
| |
| |
| id_pskc_keyExpiryDate = _OID(id_pskc, 22) |
| |
| class at_pskc_keyExpiryDate(useful.GeneralizedTime): |
| pass |
| |
| |
| id_pskc_numberOfTransactions = _OID(id_pskc, 23) |
| |
| class at_pskc_numberOfTransactions(univ.Integer): |
| pass |
| |
| at_pskc_numberOfTransactions.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) |
| |
| |
| id_pskc_keyUsages = _OID(id_pskc, 24) |
| |
| class PSKCKeyUsage(char.UTF8String): |
| pass |
| |
| PSKCKeyUsage.namedValues = namedval.NamedValues( |
| ('otp', "OTP"), |
| ('cr', "CR"), |
| ('encrypt', "Encrypt"), |
| ('integrity', "Integrity"), |
| ('verify', "Verify"), |
| ('unlock', "Unlock"), |
| ('decrypt', "Decrypt"), |
| ('keywrap', "KeyWrap"), |
| ('unwrap', "Unwrap"), |
| ('derive', "Derive"), |
| ('generate', "Generate") |
| ) |
| |
| PSKCKeyUsage.subtypeSpec = constraint.SingleValueConstraint( |
| "OTP", "CR", "Encrypt", "Integrity", "Verify", "Unlock", |
| "Decrypt", "KeyWrap", "Unwrap", "Derive", "Generate" ) |
| |
| class PSKCKeyUsages(univ.SequenceOf): |
| pass |
| |
| PSKCKeyUsages.componentType = PSKCKeyUsage() |
| |
| class at_pskc_keyUsage(PSKCKeyUsages): |
| pass |
| |
| |
| id_pskc_pinPolicy = _OID(id_pskc, 25) |
| |
| class PINUsageMode(char.UTF8String): |
| pass |
| |
| PINUsageMode.namedValues = namedval.NamedValues( |
| ("local", "Local"), |
| ("prepend", "Prepend"), |
| ("append", "Append"), |
| ("algorithmic", "Algorithmic") |
| ) |
| |
| PINUsageMode.subtypeSpec = constraint.SingleValueConstraint( |
| "Local", "Prepend", "Append", "Algorithmic" ) |
| |
| class PINPolicy(univ.Sequence): |
| pass |
| |
| PINPolicy.componentType = namedtype.NamedTypes( |
| namedtype.OptionalNamedType('pinKeyId', char.UTF8String().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), |
| namedtype.NamedType('pinUsageMode', PINUsageMode().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), |
| namedtype.OptionalNamedType('maxFailedAttempts', univ.Integer().subtype( |
| subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), |
| namedtype.OptionalNamedType('minLength', univ.Integer().subtype( |
| subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), |
| namedtype.OptionalNamedType('maxLength', univ.Integer().subtype( |
| subtypeSpec=constraint.ValueRangeConstraint(0, MAX)).subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 4))), |
| namedtype.OptionalNamedType('pinEncoding', Encoding().subtype( |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))) |
| ) |
| |
| class at_pskc_pinPolicy(PINPolicy): |
| pass |
| |
| |
| # Map of Symmetric Key Package Attribute OIDs to Attributes |
| |
| sKeyPkgAttributesMap = { |
| id_pskc_manufacturer: at_pskc_manufacturer(), |
| id_pskc_serialNo: at_pskc_serialNo(), |
| id_pskc_model: at_pskc_model(), |
| id_pskc_issueNo: at_pskc_issueNo(), |
| id_pskc_deviceBinding: at_pskc_deviceBinding(), |
| id_pskc_deviceStartDate: at_pskc_deviceStartDate(), |
| id_pskc_deviceExpiryDate: at_pskc_deviceExpiryDate(), |
| id_pskc_moduleId: at_pskc_moduleId(), |
| id_pskc_deviceUserId: at_pskc_deviceUserId(), |
| } |
| |
| |
| # Map of Symmetric Key Attribute OIDs to Attributes |
| |
| sKeyAttributesMap = { |
| id_pskc_keyId: at_pskc_keyId(), |
| id_pskc_algorithm: at_pskc_algorithm(), |
| id_pskc_issuer: at_pskc_issuer(), |
| id_pskc_keyProfileId: at_pskc_keyProfileId(), |
| id_pskc_keyReference: at_pskc_keyReference(), |
| id_pskc_friendlyName: at_pskc_friendlyName(), |
| id_pskc_algorithmParameters: at_pskc_algorithmParameters(), |
| id_pskc_counter: at_pskc_counter(), |
| id_pskc_time: at_pskc_time(), |
| id_pskc_timeInterval: at_pskc_timeInterval(), |
| id_pskc_timeDrift: at_pskc_timeDrift(), |
| id_pskc_valueMAC: at_pskc_valueMAC(), |
| id_pskc_keyUserId: at_pskc_keyUserId(), |
| id_pskc_keyStartDate: at_pskc_keyStartDate(), |
| id_pskc_keyExpiryDate: at_pskc_keyExpiryDate(), |
| id_pskc_numberOfTransactions: at_pskc_numberOfTransactions(), |
| id_pskc_keyUsages: at_pskc_keyUsage(), |
| id_pskc_pinPolicy: at_pskc_pinPolicy(), |
| } |
| |
| |
| # This definition replaces Attribute() from rfc5652.py; it is the same except |
| # that opentype is added with sKeyPkgAttributesMap and sKeyAttributesMap |
| |
| class AttributeType(univ.ObjectIdentifier): |
| pass |
| |
| |
| class AttributeValue(univ.Any): |
| pass |
| |
| |
| class SKeyAttribute(univ.Sequence): |
| pass |
| |
| SKeyAttribute.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('attrType', AttributeType()), |
| namedtype.NamedType('attrValues', |
| univ.SetOf(componentType=AttributeValue()), |
| openType=opentype.OpenType('attrType', sKeyAttributesMap) |
| ) |
| ) |
| |
| |
| class SKeyPkgAttribute(univ.Sequence): |
| pass |
| |
| SKeyPkgAttribute.componentType = namedtype.NamedTypes( |
| namedtype.NamedType('attrType', AttributeType()), |
| namedtype.NamedType('attrValues', |
| univ.SetOf(componentType=AttributeValue()), |
| openType=opentype.OpenType('attrType', sKeyPkgAttributesMap) |
| ) |
| ) |
| |
| |
| # Symmetric Key Package Content Type |
| |
| id_ct_KP_sKeyPackage = univ.ObjectIdentifier('1.2.840.113549.1.9.16.1.25') |
| |
| |
| class KeyPkgVersion(univ.Integer): |
| pass |
| |
| KeyPkgVersion.namedValues = namedval.NamedValues( |
| ('v1', 1) |
| ) |
| |
| |
| class OneSymmetricKey(univ.Sequence): |
| pass |
| |
| OneSymmetricKey.componentType = namedtype.NamedTypes( |
| namedtype.OptionalNamedType('sKeyAttrs', |
| univ.SequenceOf(componentType=SKeyAttribute()).subtype( |
| subtypeSpec=constraint.ValueSizeConstraint(1, MAX))), |
| namedtype.OptionalNamedType('sKey', univ.OctetString()) |
| ) |
| |
| OneSymmetricKey.sizeSpec = univ.Sequence.sizeSpec + constraint.ValueSizeConstraint(1, 2) |
| |
| |
| class SymmetricKeys(univ.SequenceOf): |
| pass |
| |
| SymmetricKeys.componentType = OneSymmetricKey() |
| SymmetricKeys.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) |
| |
| |
| class SymmetricKeyPackage(univ.Sequence): |
| pass |
| |
| SymmetricKeyPackage.componentType = namedtype.NamedTypes( |
| namedtype.DefaultedNamedType('version', KeyPkgVersion().subtype(value='v1')), |
| namedtype.OptionalNamedType('sKeyPkgAttrs', |
| univ.SequenceOf(componentType=SKeyPkgAttribute()).subtype( |
| subtypeSpec=constraint.ValueSizeConstraint(1, MAX), |
| implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), |
| namedtype.NamedType('sKeys', SymmetricKeys()) |
| ) |
| |
| |
| # Map of Content Type OIDs to Content Types are |
| # added to the ones that are in rfc5652.py |
| |
| _cmsContentTypesMapUpdate = { |
| id_ct_KP_sKeyPackage: SymmetricKeyPackage(), |
| } |
| |
| rfc5652.cmsContentTypesMap.update(_cmsContentTypesMapUpdate) |