B #aj @spdZddlmZmZmZmZy ddlZWnek r@dZYnXddlm Z m Z m Z m Z m Z mZmZddlmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZddl m!Z!ddl"m#Z#dd l$m%Z%dd l&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,Gd d d eZ-Gd ddeZ.GdddeZ/GdddeZ0GdddeZ1GdddeZ2GdddeZ3GdddeZ4GdddeZ5GdddeZ6Gdd d eZ7Gd!d"d"eZ8Gd#d$d$eZ9Gd%d&d&eZ:Gd'd(d(eZ;Gd)d*d*eZGd/d0d0eZ?Gd1d2d2eZ@Gd3d4d4eZAGd5d6d6eZBGd7d8d8eZCGd9d:d:eZDGd;d<dd>eZFGd?d@d@eZGGdAdBdBeZHGdCdDdDeZIGdEdFdFeZJGdGdHdHeZKGdIdJdJeZLGdKdLdLeZMGdMdNdNeZNGdOdPdPeZOGdQdRdReZPGdSdTdTeZQGdUdVdVeZRGdWdXdXeZSGdYdZdZeZTGd[d\d\eZUGd]d^d^eZVGd_d`d`eZWGdadbdbeZXGdcddddeZYGdedfdfeZZGdgdhdheZ[GdidjdjeZ\GdkdldleZ]GdmdndneZ^GdodpdpeZ_GdqdrdreZ`GdsdtdteZaGdudvdveZbGdwdxdxeZcGdydzdzeZdGd{d|d|eZeGd}d~d~eZfGdddeZgGdddeZhGdddeZiGdddeZjGdddeZkGdddeZlGdddeZmGdddeZnGdddeZoGdddeZpGdddeZqGdddeZrGdddeZsGddde eZtGdddeZuGdddeZvGdddeZwGdddeZxGdddeZyGdddeZzGdddeZ{GdddeZ|GdddeZ}GdddeZ~GdddeZGdddeZGdddeZGdddeZGdddeZGdddeZGdddeZGdddeZGdddeZGdd„deZGddĄdeZGddƄdeZGddȄdeZGddʄdeZGdddeZxGdd̈́deZGddτdeZeepeeeeeeedМ eb_epeeeeeeedќed_e4e5e6eoece8ececedҜ e9_dS)a ASN.1 type classes for cryptographic message syntax (CMS). Structures are also compatible with PKCS#7. Exports the following items: - AuthenticatedData() - AuthEnvelopedData() - CompressedData() - ContentInfo() - DigestedData() - EncryptedData() - EnvelopedData() - SignedAndEnvelopedData() - SignedData() Other type classes are defined that help compose the types listed above. Most CMS structures in the wild are formatted as ContentInfo encapsulating one of the other types. )unicode_literalsdivisionabsolute_importprint_functionN)_ForceNullParametersDigestAlgorithmEncryptionAlgorithm HmacAlgorithm KdfAlgorithmRSAESOAEPParamsSignedDigestAlgorithm)Any BitStringChoice EnumeratedGeneralizedTimeIntegerObjectIdentifierOctetBitString OctetStringParsableOctetStringSequence SequenceOfSetOfUTCTime UTF8String)CertificateList) PublicKeyInfo) OCSPResponse) Attributes Certificate Extensions GeneralName GeneralNamesNamec@s"eZdZdefdefdefgZdS)ExtendedCertificateInfoversion certificate attributesN)__name__ __module__ __qualname__rr!r _fieldsr.r.5/tmp/pip-target-jgxl_w8r/lib/python/asn1crypto/cms.pyr&@sr&c@s"eZdZdefdefdefgZdS)ExtendedCertificateZextended_certificate_infosignature_algorithm signatureN)r*r+r,r&r rr-r.r.r.r/r0Hsr0c@seZdZdddddddZdS) CMSVersionZv0v1v2Zv3Zv4Zv5)rrN)r*r+r,_mapr.r.r.r/r3Vs r3c @s$eZdZddddddddd d Zd S) CMSAttributeType content_typemessage_digest signing_timecounter_signatureencrypt_key_prefsignature_time_stamp_tokencms_algorithm_protectionmicrosoft_nested_signaturemicrosoft_time_stamp_token) z1.2.840.113549.1.9.3z1.2.840.113549.1.9.4z1.2.840.113549.1.9.5z1.2.840.113549.1.9.6z1.2.840.113549.1.9.16.2.11z1.2.840.113549.1.9.16.2.14z1.2.840.113549.1.9.52z1.3.6.1.4.1.311.2.4.1z1.3.6.1.4.1.311.3.3.1N)r*r+r,r:r.r.r.r/r;asr;c@seZdZdefdefgZdS)TimeZutc_timeZgeneralized_timeN)r*r+r,rr _alternativesr.r.r.r/rExsrEc @s$eZdZddddddddd d Zd S) ContentTypedata signed_dataenveloped_datasigned_and_enveloped_data digested_dataencrypted_dataauthenticated_datacompressed_dataauthenticated_enveloped_data) z1.2.840.113549.1.7.1z1.2.840.113549.1.7.2z1.2.840.113549.1.7.3z1.2.840.113549.1.7.4z1.2.840.113549.1.7.5z1.2.840.113549.1.7.6z1.2.840.113549.1.9.16.1.2z1.2.840.113549.1.9.16.1.9z1.2.840.113549.1.9.16.1.23N)r*r+r,r:r.r.r.r/rGsrGc@s2eZdZdefdedddfdedddfgZdS) CMSAlgorithmProtectiondigest_algorithmr1rT)implicitoptional mac_algorithmr6N)r*r+r,rr r r-r.r.r.r/rQsrQc@seZdZeZdS)SetOfContentTypeN)r*r+r,rG _child_specr.r.r.r/rVsrVc@seZdZeZdS)SetOfOctetStringN)r*r+r,rrWr.r.r.r/rXsrXc@seZdZeZdS) SetOfTimeN)r*r+r,rErWr.r.r.r/rYsrYc@seZdZeZdS)SetOfAnyN)r*r+r,rrWr.r.r.r/rZsrZc@seZdZeZdS)SetOfCMSAlgorithmProtectionN)r*r+r,rQrWr.r.r.r/r[sr[c@s,eZdZdefdgZiZddZdeiZdS) CMSAttributetype)valuesNcCs|j|djtS)Nr]) _oid_specsgetnativerZ)selfr.r.r/ _values_specszCMSAttribute._values_specr^N)r*r+r,r;r-r_rc_spec_callbacksr.r.r.r/r\s r\c@seZdZeZdS) CMSAttributesN)r*r+r,r\rWr.r.r.r/resrec@s(eZdZdefdefdeddifgZdS) IssuerSerialissuerserialZ issuer_uidrTTN)r*r+r,r$rrr-r.r.r.r/rfsrfc@seZdZdddZdS)AttCertVersionr4r5)rrN)r*r+r,r:r.r.r.r/risric@s(eZdZdeddifdeddifgZdS)AttCertSubjectbase_certificate_idexplicitrZ subject_namerN)r*r+r,rfr$rFr.r.r.r/rjs rjc@seZdZdefdefgZdS)AttCertValidityPeriodZnot_before_timeZnot_after_timeN)r*r+r,rr-r.r.r.r/rmsrmc @sXeZdZdeddifdefdefdefdefdefd e fd e d d ifd e d d ifg Z dS)AttributeCertificateInfoV1r'defaultr4subjectrgr2 serial_numberatt_cert_validity_periodr)issuer_unique_idrTT extensionsN) r*r+r,rirjr$r rrmr rr"r-r.r.r.r/rns  rnc@s"eZdZdefdefdefgZdS)AttributeCertificateV1ac_infor1r2N)r*r+r,rnr rr-r.r.r.r/rusruc@seZdZddddZdS)DigestedObjectTypeZ public_keyZpublic_key_certZother_objy_types)rrr6N)r*r+r,r:r.r.r.r/rwsrwc@s.eZdZdefdeddifdefdefgZdS)ObjectDigestInfoZdigested_object_typeZother_object_type_idrTTrRZ object_digestN)r*r+r,rwrrrr-r.r.r.r/rxs rxc@s:eZdZdedddfdedddfdedddfgZd S) HolderrkrT)rSrT entity_namerobject_digest_infor6N)r*r+r,rfr$rxr-r.r.r.r/rysryc@s8eZdZdeddifdedddfdedddfgZd S) V2FormZ issuer_namerTTrkr)rlrTr{rN)r*r+r,r$rfrxr-r.r.r.r/r| s r|c@s"eZdZdefdeddifgZdS) AttCertIssuerZv1_formZv2_formrlrN)r*r+r,r$r|rFr.r.r.r/r}sr}c@s"eZdZdefdefdefgZdS) IetfAttrValueoctetsoidstringN)r*r+r,rrrrFr.r.r.r/r~sr~c@seZdZeZdS)IetfAttrValuesN)r*r+r,r~rWr.r.r.r/r src@s$eZdZdedddfdefgZdS)IetfAttrSyntaxZpolicy_authorityrT)rSrTr^N)r*r+r,r$rr-r.r.r.r/r$src@seZdZeZdS)SetOfIetfAttrSyntaxN)r*r+r,rrWr.r.r.r/r+src@s(eZdZdefdefdeddifgZdS) SvceAuthInfoZserviceidentZ auth_inforTTN)r*r+r,r#rr-r.r.r.r/r/src@seZdZeZdS)SetOfSvceAuthInfoN)r*r+r,rrWr.r.r.r/r7src@s*eZdZdedddfdeddifgZdS) RoleSyntaxZrole_authorityrT)rSrTZ role_namerSrN)r*r+r,r$r#r-r.r.r.r/r;src@seZdZeZdS)SetOfRoleSyntaxN)r*r+r,rrWr.r.r.r/rBsrc@seZdZdddddddZdS) ClassListZunmarked unclassifiedZ restrictedZ confidentialsecretZ top_secret)rrr6r7r8r9N)r*r+r,r:r.r.r.r/rFs rc@s(eZdZdeddifdeddifgZdS)SecurityCategoryr]rSrvaluerN)r*r+r,rrr-r.r.r.r/rQs rc@seZdZeZdS)SetOfSecurityCategoryN)r*r+r,rrWr.r.r.r/rXsrc@s8eZdZdeddifdedddfded d d fgZd S) Clearance policy_idrSrZ class_listrr)rSroZsecurity_categoriesr6T)rSrTN)r*r+r,rrrr-r.r.r.r/r\s rc@seZdZeZdS)SetOfClearanceN)r*r+r,rrWr.r.r.r/rdsrc@s(eZdZdefdefdeddifgZdS)BigTimemajorZfractional_secondssignrTTN)r*r+r,rr-r.r.r.r/rhsrc@seZdZdefdefgZdS)LeapDataZ leap_timeactionN)r*r+r,rrr-r.r.r.r/rpsrc@seZdZeZdS) SetOfLeapDataN)r*r+r,rrWr.r.r.r/rwsrc@s4eZdZdefdefdefdefdeddifgZdS) TimingMetricsZntp_timeoffsetdelayZ expirationZ leap_eventrTTN)r*r+r,rrr-r.r.r.r/r{s rc@seZdZeZdS)SetOfTimingMetricsN)r*r+r,rrWr.r.r.r/rsrc@s8eZdZdedeifdedddfdedddfgZd S) TimingPolicyrspecZ max_offsetrT)rlrTZ max_delayrN)r*r+r,rrrr-r.r.r.r/rs rc@seZdZeZdS)SetOfTimingPolicyN)r*r+r,rrWr.r.r.r/rsrc @s"eZdZddddddddd Zd S) AttCertAttributeTypeauthentication_infoaccess_identitycharging_identitygrouprole clearancetiming_metrics timing_policy)z1.3.6.1.5.5.7.10.1z1.3.6.1.5.5.7.10.2z1.3.6.1.5.5.7.10.3z1.3.6.1.5.5.7.10.4z2.5.4.72z2.5.4.55z1.3.6.1.4.1.601.10.4.1z1.3.6.1.4.1.601.10.4.2N)r*r+r,r:r.r.r.r/rsrc @s>eZdZdefdgZeeeeeee e dZ ddZ de iZ dS)AttCertAttributer])r^N)rrrrrrrrcCs|j|djtS)Nr])r_r`rarZ)rbr.r.r/rcszAttCertAttribute._values_specr^N)r*r+r,rr-rrrrrrr_rcrdr.r.r.r/rsrc@seZdZeZdS)AttCertAttributesN)r*r+r,rrWr.r.r.r/rsrc @sReZdZdefdefdefdefdefdefde fde d d ifd e d d ifg Z d S) AttributeCertificateInfoV2r'Zholderrgr2rqrrr)rsrTTrtN) r*r+r,riryr}r rrmrrr"r-r.r.r.r/rs rc@s&eZdZdZdefdefdefgZdS)AttributeCertificateV2rrvr1r2N)r*r+r,Z_bad_tagrr rr-r.r.r.r/rsrc@seZdZdefdefgZdS)OtherCertificateFormatZother_cert_formatZ other_certN)r*r+r,rrr-r.r.r.r/rsrcsVeZdZdefdeddifdeddifdeddifd edd ifgZfd d Z Z S) CertificateChoicesr(Zextended_certificaterSrZ v1_attr_certrZ v2_attr_certr6otherr7csFtt|||||jdkrBtt|djdkrBd|_dS)aJ Ensures that the class and tag specified exist as an alternative. This custom version fixes parsing broken encodings there a V2 attribute # certificate is encoded as a V1 :param class_: The integer class_ from the encoded value header :param tag: The integer tag from the encoded value header :param contents: A byte string of the contents of the value - used when the object is explicitly tagged :raises: ValueError - when value is not a valid alternative r6rr5r7N) superrvalidateZ_choiceriloadrdumpra)rbclass_tagcontents) __class__r.r/rs zCertificateChoices.validate) r*r+r,r!r0rurrrFr __classcell__r.r.)rr/rs    rc@seZdZeZdS)CertificateSetN)r*r+r,rrWr.r.r.r/rsrc@s,eZdZdefdedddfgZdZiZdS) ContentInfor<contentrT)rlrT)r<rN)r*r+r,rGrr- _oid_pairr_r.r.r.r/rsrc@seZdZeZdS)SetOfContentInfoN)r*r+r,rrWr.r.r.r/rsrc@s,eZdZdefdedddfgZdZiZdS)EncapsulatedContentInfor<rrT)rlrT)r<rN)r*r+r,rGrr-rr_r.r.r.r/rsrc@seZdZdefdefgZdS)IssuerAndSerialNumberrgrqN)r*r+r,r%rr-r.r.r.r/rsrc@s"eZdZdefdeddifgZdS)SignerIdentifierissuer_and_serial_numbersubject_key_identifierrSrN)r*r+r,rrrFr.r.r.r/r%src@seZdZeZdS)DigestAlgorithmsN)r*r+r,rrWr.r.r.r/r,src@seZdZeZdS)CertificateRevocationListsN)r*r+r,rrWr.r.r.r/r0src@s$eZdZdedddfdefgZdS) SCVPReqResrequestrT)rlrTresponseN)r*r+r,rr-r.r.r.r/r4src@seZdZdddZdS)OtherRevInfoFormatId ocsp_responsescvp)z1.3.6.1.5.5.7.16.2z1.3.6.1.5.5.7.16.4N)r*r+r,r:r.r.r.r/r;src@s*eZdZdefdefgZdZeedZ dS)OtherRevocationInfoFormatother_rev_info_formatother_rev_info)rr)rrN) r*r+r,rrr-rrrr_r.r.r.r/rBs  rc@s"eZdZdefdeddifgZdS)RevocationInfoChoicecrlrrSrN)r*r+r,rrrFr.r.r.r/rOsrc@seZdZeZdS)RevocationInfoChoicesN)r*r+r,rrWr.r.r.r/rVsrc @sJeZdZdefdefdefdedddfdefd efd ed ddfgZ d S) SignerInfor'ZsidrRZ signed_attrsrT)rSrTr1r2Zunsigned_attrsrN) r*r+r,r3rrrer rr-r.r.r.r/rZsrc@seZdZeZdS) SignerInfosN)r*r+r,rrWr.r.r.r/rfsrc @sPeZdZdefdefddedddfded ddfd efgZd d Z d e iZ dS) SignedDatar'digest_algorithms)encap_content_infoN certificatesrT)rSrTcrlsr signer_infoscCs|djdkrtStS)Nr'r4)rarr)rbr.r.r/_encap_content_info_spectsz#SignedData._encap_content_info_specrN) r*r+r,r3rrrrr-rrdr.r.r.r/rjs rc@s,eZdZdedddfdedddfgZdS)OriginatorInfocertsrT)rSrTrrN)r*r+r,rrr-r.r.r.r/rsrc@s"eZdZdefdeddifgZdS)RecipientIdentifierrrrSrN)r*r+r,rrrFr.r.r.r/rsrc @s:eZdZddddddddd Zd d d d d ddddd ZdS)KeyEncryptionAlgorithmIdrsaes_pkcs1v15 rsaes_oaep aes128_wrapaes128_wrap_pad aes192_wrapaes192_wrap_pad aes256_wrapaes256_wrap_pad)z1.2.840.113549.1.1.1z1.2.840.113549.1.1.7z2.16.840.1.101.3.4.1.5z2.16.840.1.101.3.4.1.8z2.16.840.1.101.3.4.1.25z2.16.840.1.101.3.4.1.28z2.16.840.1.101.3.4.1.45z2.16.840.1.101.3.4.1.48z1.2.840.113549.1.1.1z1.2.840.113549.1.1.7z2.16.840.1.101.3.4.1.5z2.16.840.1.101.3.4.1.8z2.16.840.1.101.3.4.1.25z2.16.840.1.101.3.4.1.28z2.16.840.1.101.3.4.1.45z2.16.840.1.101.3.4.1.48) ZrsarrrrrrrrN)r*r+r,r:Z _reverse_mapr.r.r.r/rs"rc@s.eZdZdefdeddifgZdZdeiZdS)KeyEncryptionAlgorithm algorithm parametersrTT)rrrN) r*r+r,rrr-rr r_r.r.r.r/rsrc@s(eZdZdefdefdefdefgZdS)KeyTransRecipientInfor'ridkey_encryption_algorithm encrypted_keyN)r*r+r,r3rrrr-r.r.r.r/rsrc@s.eZdZdefdeddifdeddifgZdS)OriginatorIdentifierOrKeyrrrSrZoriginator_keyrN)r*r+r,rrrrFr.r.r.r/rs rc@seZdZdefdefgZdS)OtherKeyAttributeZ key_attr_idZkey_attrN)r*r+r,rrr-r.r.r.r/rsrc@s.eZdZdefdeddifdeddifgZdS)RecipientKeyIdentifierrdaterTTrN)r*r+r,rrrr-r.r.r.r/rs rc@s"eZdZdefdeddifgZdS)KeyAgreementRecipientIdentifierrZr_key_idrSrN)r*r+r,rrrFr.r.r.r/rsrc@seZdZdefdefgZdS)RecipientEncryptedKeyrrN)r*r+r,rrr-r.r.r.r/rsrc@seZdZeZdS)RecipientEncryptedKeysN)r*r+r,rrWr.r.r.r/rsrc@s<eZdZdefdeddifdedddfd efd efgZd S) KeyAgreeRecipientInfor'Z originatorrlrZukmrT)rlrTrZrecipient_encrypted_keysN) r*r+r,r3rrrrr-r.r.r.r/rs  rc@s.eZdZdefdeddifdeddifgZdS) KEKIdentifierZkey_identifierrrTTrN)r*r+r,rrrr-r.r.r.r/rs rc@s(eZdZdefdefdefdefgZdS)KEKRecipientInfor'ZkekidrrN)r*r+r,r3rrrr-r.r.r.r/rsrc@s0eZdZdefdedddfdefdefgZdS) PasswordRecipientInfor'Zkey_derivation_algorithmrT)rSrTrrN)r*r+r,r3r rrr-r.r.r.r/rsrc@seZdZdefdefgZdS)OtherRecipientInfoZori_typeZ ori_valueN)r*r+r,rrr-r.r.r.r/rsrc@sFeZdZdefdeddifdeddifdeddifd edd ifgZd S) RecipientInfoZktriZkarirSrZkekrir6Zpwrir7Zorir8N) r*r+r,rrrrrrFr.r.r.r/rs    rc@seZdZeZdS)RecipientInfosN)r*r+r,rrWr.r.r.r/r!src@s*eZdZdefdefdedddfgZdS)EncryptedContentInfor<Zcontent_encryption_algorithmZencrypted_contentrT)rSrTN)r*r+r,rGr rr-r.r.r.r/r%src @s>eZdZdefdedddfdefdefded ddfgZd S) EnvelopedDatar'originator_inforT)rSrTrecipient_infosencrypted_content_infounprotected_attrsrN) r*r+r,r3rrrrer-r.r.r.r/r-s rc @sJeZdZdefdefdefdefdedddfd ed ddfd e fgZ d S) SignedAndEnvelopedDatar'rrrrrT)rSrTrrrN) r*r+r,r3rrrrrrr-r.r.r.r/r7src@s4eZdZdefdefddefgZddZdeiZdS) DigestedDatar'rR)rNdigestcCs|djdkrtStS)Nr'r4)rarr)rbr.r.r/rKsz%DigestedData._encap_content_info_specrN) r*r+r,r3rrr-rrdr.r.r.r/rCs  rc@s*eZdZdefdefdedddfgZdS) EncryptedDatar'rrrT)rSrTN)r*r+r,r3rrer-r.r.r.r/r^src @sfeZdZdefdedddfdefdefded ddfd efd e d ddfd e fde dddfg Z dS)AuthenticatedDatar'rrT)rSrTrrUrRrr auth_attrsr6mac unauth_attrsr7N) r*r+r,r3rrr rrrerr-r.r.r.r/rfsrc @sReZdZdefdedddfdefdefded ddfd efd ed ddfgZ d S)AuthEnvelopedDatar'rrT)rSrTrZauth_encrypted_content_inforrrrr6N) r*r+r,r3rrrrerr-r.r.r.r/r vsr c@seZdZddiZdS)CompressionAlgorithmIdz1.2.840.113549.1.9.16.3.8zlibN)r*r+r,r:r.r.r.r/r sr c@s"eZdZdefdeddifgZdS)CompressionAlgorithmrrrTTN)r*r+r,r rr-r.r.r.r/r sr c@s2eZdZdefdefdefgZdZeddZ dS)CompressedDatar'Zcompression_algorithmrNcCs6|jdkr0tdkrtdt|ddj|_|jS)Nz The zlib module is not availablerr) _decompressedr  SystemError decompressra)rbr.r.r/ decompresseds  zCompressedData.decompressed) r*r+r,r3r rr-rpropertyrr.r.r.r/r s  r c@s.eZdZdefdeddifdeddifgZdS)rZsubjectKeyIdentifierrrTTrN)r*r+r,rrrr-r.r.r.r/rs c@s4eZdZdeddifdeddifdeddifgZdS) SMIMEEncryptionKeyPreferencerrSrZrecipientKeyIdrZsubjectAltKeyIdentifierr6N)r*r+r,rrrrFr.r.r.r/rs  rc@seZdZeZdS)SMIMEEncryptionKeyPreferencesN)r*r+r,rrWr.r.r.r/rsr) rHrIrJrKrLrMrNrOrP)rIrJrKrLrMrNrOrP) r<r=r>r?rArBrCrDr@)__doc__ __future__rrrrr  ImportErrorZalgosrrr r r r r corerrrrrrrrrrrrrrrrrkeysrZocsprx509r r!r"r#r$r%r&r0r3r;rErGrQrVrXrYrZr[r\rerfrirjrmrnrurwrxryr|r}r~rrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr r r r rrr_r.r.r.r/s  $ D          #