U ڲg5o@sddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlm Z dd lm Z dd lm Z e d Z Gd d d ejZGddde jZGdddeZGdddeZGdddejZGdddejZGdddejZGdddejZGdddejZGdddejZGd d!d!ejZGd"d#d#ejZGd$d%d%ejZGd&d'd'ejZ Gd(d)d)ejZ!Gd*d+d+ej"Z#Gd,d-d-ejZ$Gd.d/d/ejZ%Gd0d1d1ejZ&Gd2d3d3ej'Z(Gd4d5d5ej)Z*Gd6d7d7ejZ+Gd8d9d9ejZ,Gd:d;d;ejZ-Gdd?d?ejZ/Gd@dAdAejZ0GdBdCdCejZ1GdDdEdEejZ2GdFdGdGejZ3GdHdIdIejZ4GdJdKdKejZ5GdLdMdMejZ6GdNdOdOejZ7e8dPZ9GdQdRdRejZ:e8dSZ;GdTdUdUej)Zej?ej@dVdWZAGdXdYdYej"ZBGdZd[d[ejZCGd\d]d]ejZDGd^d_d_ejZEGd`dadaejZFeFe6_GeFeA_GdbS)c)char) constraint) namedtype)namedval)tag)univ)useful)rfc2314)rfc2459)rfc2511infc@s eZdZdS) KeyIdentifierN__name__ __module__ __qualname__rr:/tmp/pip-unpacked-wheel-mj5o32qq/pyasn1_modules/rfc4210.pyr sr c@s eZdZdS)CMPCertificateNrrrrrrsrc@s eZdZdS)OOBCertNrrrrrr"src@s eZdZdS)CertAnnContentNrrrrrr&src@s,eZdZdZeZejj e de Z dS) PKIFreeTextz> PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String N) rrr__doc__rZ UTF8String componentTyper SequenceOfsizeSpecrValueSizeConstraintMAXrrrrr*src@s(eZdZdZGdddejZeZdS)PollRepContentz PollRepContent ::= SEQUENCE OF SEQUENCE { certReqId INTEGER, checkAfter INTEGER, -- time in seconds reason PKIFreeText OPTIONAL } c@s<eZdZeedeedeede Z dS)zPollRepContent.CertReq certReqIdZ checkAfterreasonN) rrrr NamedTypes NamedTyperIntegerOptionalNamedTyperrrrrrCertReq;s  r&NrrrrrSequencer&rrrrrr2src@s(eZdZdZGdddejZeZdS)PollReqContentzh PollReqContent ::= SEQUENCE OF SEQUENCE { certReqId INTEGER } c@s"eZdZeedeZdS)zPollReqContent.CertReqr N) rrrrr"r#rr$rrrrrr&Msr&Nr'rrrrr)Esr)c@s4eZdZdZeedee de Z dS)InfoTypeAndValuez InfoTypeAndValue ::= SEQUENCE { infoType OBJECT IDENTIFIER, infoValue ANY DEFINED BY infoType OPTIONAL }ZinfoType infoValueN) rrrrrr"r#rObjectIdentifierr%Anyrrrrrr*Us r*c@seZdZeZdS) GenRepContentNrrrr*rrrrrr.asr.c@seZdZeZdS) GenMsgContentNr/rrrrr0esr0c@s eZdZdS)PKIConfirmContentNrrrrrr1isr1c@seZdZeZdS) CRLAnnContentN)rrrr CertificateListrrrrrr2msr2c@s<eZdZdZeedeedeedeZdS)CAKeyUpdAnnContentz CAKeyUpdAnnContent ::= SEQUENCE { oldWithNew CMPCertificate, newWithOld CMPCertificate, newWithNew CMPCertificate } Z oldWithNewZ newWithOldZ newWithNewN) rrrrrr"r#rrrrrrr4qs    r4c@s4eZdZdZeedee de Z dS) RevDetailsz RevDetails ::= SEQUENCE { certDetails CertTemplate, crlEntryDetails Extensions OPTIONAL } Z certDetailsZcrlEntryDetailsN) rrrrrr"r#r Z CertTemplater%r Extensionsrrrrrr5s r5c@seZdZeZdS) RevReqContentN)rrrr5rrrrrr7sr7c @s^eZdZdZeedeje e j e j ddede je e j e j ddZdS) CertOrEncCertz CertOrEncCert ::= CHOICE { certificate [0] CMPCertificate, encryptedCert [1] EncryptedValue } Z certificater explicitTagZ encryptedCertrN)rrrrrr"r#rsubtyperTagtagClassContexttagFormatConstructedr EncryptedValuerrrrrr8s "$r8c @sleZdZdZeedeede j e e je jddede j e e je jddZdS) CertifiedKeyPairz CertifiedKeyPair ::= SEQUENCE { certOrEncCert CertOrEncCert, privateKey [0] EncryptedValue OPTIONAL, publicationInfo [1] PKIPublicationInfo OPTIONAL } Z certOrEncCertZ privateKeyrr9ZpublicationInforN)rrrrrr"r#r8r%r r?r;rr<r=r>ZPKIPublicationInforrrrrr@s  $$r@c@seZdZeZdS)POPODecKeyRespContentN)rrrrr$rrrrrrAsrAc @sBeZdZdZeedee de e de Z dS) Challengez Challenge ::= SEQUENCE { owf AlgorithmIdentifier OPTIONAL, witness OCTET STRING, challenge OCTET STRING } owfZwitness challengeN) rrrrrr"r%r AlgorithmIdentifierr#r OctetStringrrrrrrBs rBc @s&eZdZdZedddddddZd S) PKIStatusa+ PKIStatus ::= INTEGER { accepted (0), grantedWithMods (1), rejection (2), waiting (3), revocationWarning (4), revocationNotification (5), keyUpdateWarning (6) } )acceptedr)ZgrantedWithModsr)Z rejection)Zwaiting)ZrevocationWarning)ZrevocationNotification)ZkeyUpdateWarningNrrrrr NamedValues namedValuesrrrrrGs rGc@sNeZdZdZedddddddd d d d d dddddddddddddddZdS)PKIFailureInfoa PKIFailureInfo ::= BIT STRING { badAlg (0), badMessageCheck (1), badRequest (2), badTime (3), badCertId (4), badDataFormat (5), wrongAuthority (6), incorrectData (7), missingTimeStamp (8), badPOP (9), certRevoked (10), certConfirmed (11), wrongIntegrity (12), badRecipientNonce (13), timeNotAvailable (14), unacceptedPolicy (15), unacceptedExtension (16), addInfoNotAvailable (17), badSenderNonce (18), badCertTemplate (19), signerNotTrusted (20), transactionIdInUse (21), unsupportedVersion (22), notAuthorized (23), systemUnavail (24), systemFailure (25), duplicateCertReq (26) )ZbadAlgr)ZbadMessageCheckr)Z badRequestrI)ZbadTimerJ)Z badCertIdrK)Z badDataFormatrL)ZwrongAuthorityrM)Z incorrectData)ZmissingTimeStamp)ZbadPOP )Z certRevoked )Z certConfirmed )ZwrongIntegrity )ZbadRecipientNonce )ZtimeNotAvailable)ZunacceptedPolicy)ZunacceptedExtension)ZaddInfoNotAvailable)ZbadSenderNonce)ZbadCertTemplate)ZsignerNotTrusted)ZtransactionIdInUse)ZunsupportedVersion)Z notAuthorized)Z systemUnavail)Z systemFailure)ZduplicateCertReqNrNrrrrrQs<rQc@s<eZdZdZeedeede ede Z dS) PKIStatusInfoz PKIStatusInfo ::= SEQUENCE { status PKIStatus, statusString PKIFreeText OPTIONAL, failInfo PKIFailureInfo OPTIONAL } statusZ statusStringZfailInfoN) rrrrrr"r#rGr%rrQrrrrrrfs    rfc@s>eZdZdZeedeede ede Z dS)ErrorMsgContenta7 ErrorMsgContent ::= SEQUENCE { pKIStatusInfo PKIStatusInfo, errorCode INTEGER OPTIONAL, -- implementation-specific error codes errorDetails PKIFreeText OPTIONAL -- implementation-specific error details } Z pKIStatusInfoZ errorCodeZ errorDetailsN) rrrrrr"r#rfr%rr$rrrrrrrh$s    rhc@s@eZdZdZeedeede e de Z dS) CertStatusz CertStatus ::= SEQUENCE { certHash OCTET STRING, certReqId INTEGER, statusInfo PKIStatusInfo OPTIONAL } ZcertHashr Z statusInfoN) rrrrrr"r#rrFr$r%rfrrrrrri5s  ric@seZdZeZdS)CertConfirmContentN)rrrrirrrrrrjDsrjc @s\eZdZdZeedeede ede ede e de ZdS) RevAnnContenta RevAnnContent ::= SEQUENCE { status PKIStatus, certId CertId, willBeRevokedAt GeneralizedTime, badSinceDate GeneralizedTime, crlDetails Extensions OPTIONAL } rgcertIdZwillBeRevokedAtZ badSinceDateZ crlDetailsN)rrrrrr"r#rGr CertIdrGeneralizedTimer%r r6rrrrrrkHs  rkc@seZdZdZeedeje e de de dejedje de eejejdde d ejedje de eejejddZd S) RevRepContentaI RevRepContent ::= SEQUENCE { status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL, crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL rgr)rrZrevCertsrrrr:ZcrlsN)rrrrrr"r#rrrfrrrr%r rmr;rr<r=r>r r3rrrrrro[s0   roc@seZdZdZeedeede j e e j e jddedeje dj e e j e jdeded ed ejedj e e j e jd eded Zd S) KeyRecRepContenta KeyRecRepContent ::= SEQUENCE { status PKIStatusInfo, newSigCert [0] CMPCertificate OPTIONAL, caCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, keyPairHist [2] SEQUENCE SIZE (1..MAX) OF CertifiedKeyPair OPTIONAL } rgZ newSigCertrr9ZcaCertsrpr)r:rZ keyPairHistrIN)rrrrrr"r#rfr%rr;rr<r=r>rrrrrr@rrrrrrrzs*    rrc @sLeZdZdZeedeede e de e de Z dS) CertResponsez CertResponse ::= SEQUENCE { certReqId INTEGER, status PKIStatusInfo, certifiedKeyPair CertifiedKeyPair OPTIONAL, rspInfo OCTET STRING OPTIONAL } r rgZcertifiedKeyPairZrspInfoN)rrrrrr"r#rr$rfr%r@rFrrrrrrss  rsc @s`eZdZdZeedeje dj e de eejejddedejedZdS)CertRepMessagez CertRepMessage ::= SEQUENCE { caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, response SEQUENCE OF CertResponse } ZcaPubsrprrqresponseN)rrrrrr"r%rrrr;rrrrr<r=r>r#rsrrrrrrts rtc@seZdZeZdS)POPODecKeyChallContentN)rrrrBrrrrrrvsrvc @sneZdZdZeedej e e j e j ddedej e e j e j ddedeZdS) OOBCertHashz OOBCertHash ::= SEQUENCE { hashAlg [0] AlgorithmIdentifier OPTIONAL, certId [1] CertId OPTIONAL, hashVal BIT STRING } ZhashAlgrr9rlrZhashValN)rrrrrr"r%r rEr;rr<r=r>r rmr#r BitStringrrrrrrwsrwc@seZdZdZeZdS)NestedMessageContentz. NestedMessageContent ::= PKIMessages N)rrrrrr-rrrrrrysryc@s4eZdZdZeedeedeZ dS) DHBMParametera1 DHBMParameter ::= SEQUENCE { owf AlgorithmIdentifier, -- AlgId for a One-Way Function (SHA-1 recommended) mac AlgorithmIdentifier -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], } -- or HMAC [RFC2104, RFC2202]) rCmacN) rrrrrr"r#r rErrrrrrzs rzz1.2.840.113533.7.66.30c @s`eZdZdZeedej e dddede edeede Zd S) PBMParameterz PBMParameter ::= SEQUENCE { salt OCTET STRING, owf AlgorithmIdentifier, iterationCount INTEGER, mac AlgorithmIdentifier } Zsaltr)Z subtypeSpecrCZiterationCountr{N)rrrrrr"r#rrFr;rrr rEr$rrrrrr|sr|z1.2.840.113533.7.66.13c@s eZdZdS) PKIProtectionNrrrrrr~sr~r_r9c%@seZdZdZeedej e e j e j ddedej e e j e j ddedej e e j e j dded ej e e j e j d ded ej e e j e j d ded ej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j ddedej e e j e j d ded!ej e e j e j d"ded#ej e e j e j d$ded%ej e e j e j d&ded'ej e e j e j d(ded)ej e e j e j d*ded+eed,ej e e j e j d-ded.ej e e j e j d/ded0ej e e j e j d1ded2ej e e j e j d3ded4e j e e j e j d5ded6e!j e e j e j d7dZ"d8S)9PKIBodyag PKIBody ::= CHOICE { -- message-specific body elements ir [0] CertReqMessages, --Initialization Request ip [1] CertRepMessage, --Initialization Response cr [2] CertReqMessages, --Certification Request cp [3] CertRepMessage, --Certification Response p10cr [4] CertificationRequest, --imported from [PKCS10] popdecc [5] POPODecKeyChallContent, --pop Challenge popdecr [6] POPODecKeyRespContent, --pop Response kur [7] CertReqMessages, --Key Update Request kup [8] CertRepMessage, --Key Update Response krr [9] CertReqMessages, --Key Recovery Request krp [10] KeyRecRepContent, --Key Recovery Response rr [11] RevReqContent, --Revocation Request rp [12] RevRepContent, --Revocation Response ccr [13] CertReqMessages, --Cross-Cert. Request ccp [14] CertRepMessage, --Cross-Cert. Response ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. cann [16] CertAnnContent, --Certificate Ann. rann [17] RevAnnContent, --Revocation Ann. crlann [18] CRLAnnContent, --CRL Announcement pkiconf [19] PKIConfirmContent, --Confirmation nested [20] NestedMessageContent, --Nested Message genm [21] GenMsgContent, --General Message genp [22] GenRepContent, --General Response error [23] ErrorMsgContent, --Error Message certConf [24] CertConfirmContent, --Certificate confirm pollReq [25] PollReqContent, --Polling request pollRep [26] PollRepContent --Polling response Zirrr9iprZcrrIcprJZp10crrKZpopdeccrLZpopdecrrMZkurrRZkuprSZkrrrTZkrprUrrrVrprWZccrrXZccprYZckuannrZZcannr[Zrannr\Zcrlannr]Zpkiconfr^nestedZgenmr`genraerrorrbZcertConfrcZpollReqrdZpollRepreN)#rrrrrr"r#r ZCertReqMessagesr;rr<r=r>rtr ZCertificationRequestrvrArrr7ror4rrkr2r1nestedMessageContentr0r.rhrjr)rrrrrrrsHrc@seZdZdZeedeje dddede ede e dejeejejd d e d e jeejejd d e d e jeejejdd e de jeejejdd e dejeejejdd e dejeejejdd e dejeejejdd e dejeejejdd e dejejed eddjeejejdd  ZdS) PKIHeadera PKIHeader ::= SEQUENCE { pvno INTEGER { cmp1999(1), cmp2000(2) }, sender GeneralName, recipient GeneralName, messageTime [0] GeneralizedTime OPTIONAL, protectionAlg [1] AlgorithmIdentifier OPTIONAL, senderKID [2] KeyIdentifier OPTIONAL, recipKID [3] KeyIdentifier OPTIONAL, transactionID [4] OCTET STRING OPTIONAL, senderNonce [5] OCTET STRING OPTIONAL, recipNonce [6] OCTET STRING OPTIONAL, freeText [7] PKIFreeText OPTIONAL, generalInfo [8] SEQUENCE SIZE (1..MAX) OF InfoTypeAndValue OPTIONAL } Zpvno)Zcmp1999r)Zcmp2000rI)rPZsenderZ recipientZ messageTimerr9Z protectionAlgrZ senderKIDrIZrecipKIDrJZ transactionIDrKZ senderNoncerLZ recipNoncerMZfreeTextrRZ generalInfo)rrprSN) rrrrrr"r#rr$rrOr Z GeneralNamer%rrnr;rr<r=tagFormatSimplerEr>r rFrrr*rrrrrrrrrsX   rc@s0eZdZdZeedeedeZ dS) ProtectedPartzg ProtectedPart ::= SEQUENCE { header PKIHeader, body PKIBody } headerr+N) rrrrrr"r#rrrrrrrrs   rc@seZdZdZeedeedee de j e e je jdde dejedj ed ee e je jd d Zd S) PKIMessagez PKIMessage ::= SEQUENCE { header PKIHeader, body PKIBody, protection [0] PKIProtection OPTIONAL, extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL }rbodyZ protectionrr9Z extraCertsrprrqN)rrrrrr"r#rrr%r~r;rr<r=rrrrrrrr>rrrrrrs     rc@s*eZdZdZeZejje de ZdS) PKIMessagesz> PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage rN) rrrrrrrrrrrrrrrrrsrN)HZ pyasn1.typerrrrrrrZpyasn1_modulesr r r floatrrFr Z Certificaterrrrrrr)r(r*r.r0ZNullr1r2r4r5r7ZChoicer8r@rArBr$rGrxrQrfrhrirjrkrorrrsrtrvrwryrzr,Z id_DHBasedMacr|Zid_PasswordBasedMacr~r;r<r=r>rrrrrrZ_componentTyperrrr sv             >  .6