[Python-modules-commits] [asn1crypto] 01/05: New upstream version 0.24.0
Tristan Seligmann
mithrandi at moszumanska.debian.org
Sat Dec 23 18:36:16 UTC 2017
This is an automated email from the git hooks/post-receive script.
mithrandi pushed a commit to annotated tag debian/0.24.0-1
in repository asn1crypto.
commit 6cc5f6e90409ffdbe77a6943aa29e391d14fb2a0
Author: Tristan Seligmann <mithrandi at mithrandi.net>
Date: Sat Dec 23 20:28:36 2017 +0200
New upstream version 0.24.0
---
LICENSE | 19 +
MANIFEST.in | 3 +
PKG-INFO | 3 +-
asn1crypto.egg-info/PKG-INFO | 3 +-
asn1crypto.egg-info/SOURCES.txt | 9 +-
asn1crypto/_elliptic_curve.py | 12 +-
asn1crypto/_inet.py | 340 +++++++++---------
asn1crypto/_perf/_big_num_ctypes.py | 6 +-
asn1crypto/algos.py | 49 ++-
asn1crypto/cms.py | 131 ++++---
asn1crypto/core.py | 575 ++++++++++++++++++------------
asn1crypto/crl.py | 16 +-
asn1crypto/csr.py | 2 +-
asn1crypto/keys.py | 16 +-
asn1crypto/ocsp.py | 45 +--
asn1crypto/pdf.py | 6 +-
asn1crypto/pem.py | 16 +-
asn1crypto/pkcs12.py | 8 +-
asn1crypto/tsp.py | 26 +-
asn1crypto/version.py | 4 +-
asn1crypto/x509.py | 483 +++++++++++++++++++++-----
changelog.md | 339 ++++++++++++++++++
docs/pem.md | 79 +++++
docs/readme.md | 23 ++
docs/universal_types.md | 675 ++++++++++++++++++++++++++++++++++++
readme.md | 232 +++++++++++++
setup.cfg | 1 -
27 files changed, 2506 insertions(+), 615 deletions(-)
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..cd7ac9e
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,19 @@
+Copyright (c) 2015-2017 Will Bond <will at wbond.net>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/MANIFEST.in b/MANIFEST.in
new file mode 100644
index 0000000..40e672e
--- /dev/null
+++ b/MANIFEST.in
@@ -0,0 +1,3 @@
+include LICENSE
+include readme.md changelog.md
+recursive-include docs *.md
diff --git a/PKG-INFO b/PKG-INFO
index b1aeb1a..9f3943d 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,11 +1,12 @@
Metadata-Version: 1.1
Name: asn1crypto
-Version: 0.22.0
+Version: 0.24.0
Summary: Fast ASN.1 parser and serializer with definitions for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8, PKCS#12, PKCS#5, X.509 and TSP
Home-page: https://github.com/wbond/asn1crypto
Author: wbond
Author-email: will at wbond.net
License: MIT
+Description-Content-Type: UNKNOWN
Description: Docs for this project are maintained at https://github.com/wbond/asn1crypto#readme.
Keywords: asn1 crypto pki x509 certificate rsa dsa ec dh
Platform: UNKNOWN
diff --git a/asn1crypto.egg-info/PKG-INFO b/asn1crypto.egg-info/PKG-INFO
index b1aeb1a..9f3943d 100644
--- a/asn1crypto.egg-info/PKG-INFO
+++ b/asn1crypto.egg-info/PKG-INFO
@@ -1,11 +1,12 @@
Metadata-Version: 1.1
Name: asn1crypto
-Version: 0.22.0
+Version: 0.24.0
Summary: Fast ASN.1 parser and serializer with definitions for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8, PKCS#12, PKCS#5, X.509 and TSP
Home-page: https://github.com/wbond/asn1crypto
Author: wbond
Author-email: will at wbond.net
License: MIT
+Description-Content-Type: UNKNOWN
Description: Docs for this project are maintained at https://github.com/wbond/asn1crypto#readme.
Keywords: asn1 crypto pki x509 certificate rsa dsa ec dh
Platform: UNKNOWN
diff --git a/asn1crypto.egg-info/SOURCES.txt b/asn1crypto.egg-info/SOURCES.txt
index bc551e1..b48a333 100644
--- a/asn1crypto.egg-info/SOURCES.txt
+++ b/asn1crypto.egg-info/SOURCES.txt
@@ -1,3 +1,7 @@
+LICENSE
+MANIFEST.in
+changelog.md
+readme.md
setup.py
asn1crypto/__init__.py
asn1crypto/_elliptic_curve.py
@@ -29,4 +33,7 @@ asn1crypto.egg-info/SOURCES.txt
asn1crypto.egg-info/dependency_links.txt
asn1crypto.egg-info/top_level.txt
asn1crypto/_perf/__init__.py
-asn1crypto/_perf/_big_num_ctypes.py
\ No newline at end of file
+asn1crypto/_perf/_big_num_ctypes.py
+docs/pem.md
+docs/readme.md
+docs/universal_types.md
\ No newline at end of file
diff --git a/asn1crypto/_elliptic_curve.py b/asn1crypto/_elliptic_curve.py
index 0ecab2d..8c0f12d 100644
--- a/asn1crypto/_elliptic_curve.py
+++ b/asn1crypto/_elliptic_curve.py
@@ -160,10 +160,10 @@ class PrimePoint():
p = self.curve.p
- l = ((other.y - self.y) * inverse_mod(other.x - self.x, p)) % p
+ l_ = ((other.y - self.y) * inverse_mod(other.x - self.x, p)) % p
- x3 = (l * l - self.x - other.x) % p
- y3 = (l * (self.x - x3) - self.y) % p
+ x3 = (l_ * l_ - self.x - other.x) % p
+ y3 = (l_ * (self.x - x3) - self.y) % p
return PrimePoint(self.curve, x3, y3)
@@ -232,10 +232,10 @@ class PrimePoint():
p = self.curve.p
a = self.curve.a
- l = ((3 * self.x * self.x + a) * inverse_mod(2 * self.y, p)) % p
+ l_ = ((3 * self.x * self.x + a) * inverse_mod(2 * self.y, p)) % p
- x3 = (l * l - 2 * self.x) % p
- y3 = (l * (self.x - x3) - self.y) % p
+ x3 = (l_ * l_ - 2 * self.x) % p
+ y3 = (l_ * (self.x - x3) - self.y) % p
return PrimePoint(self.curve, x3, y3)
diff --git a/asn1crypto/_inet.py b/asn1crypto/_inet.py
index 0d78aa4..045ba56 100644
--- a/asn1crypto/_inet.py
+++ b/asn1crypto/_inet.py
@@ -1,170 +1,170 @@
-# coding: utf-8
-from __future__ import unicode_literals, division, absolute_import, print_function
-
-import socket
-import struct
-
-from ._errors import unwrap
-from ._types import byte_cls, bytes_to_list, str_cls, type_name
-
-
-def inet_ntop(address_family, packed_ip):
- """
- Windows compatiblity shim for socket.inet_ntop().
-
- :param address_family:
- socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
-
- :param packed_ip:
- A byte string of the network form of an IP address
-
- :return:
- A unicode string of the IP address
- """
-
- if address_family not in set([socket.AF_INET, socket.AF_INET6]):
- raise ValueError(unwrap(
- '''
- address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
- not %s
- ''',
- repr(socket.AF_INET),
- repr(socket.AF_INET6),
- repr(address_family)
- ))
-
- if not isinstance(packed_ip, byte_cls):
- raise TypeError(unwrap(
- '''
- packed_ip must be a byte string, not %s
- ''',
- type_name(packed_ip)
- ))
-
- required_len = 4 if address_family == socket.AF_INET else 16
- if len(packed_ip) != required_len:
- raise ValueError(unwrap(
- '''
- packed_ip must be %d bytes long - is %d
- ''',
- required_len,
- len(packed_ip)
- ))
-
- if address_family == socket.AF_INET:
- return '%d.%d.%d.%d' % tuple(bytes_to_list(packed_ip))
-
- octets = struct.unpack(b'!HHHHHHHH', packed_ip)
-
- runs_of_zero = {}
- longest_run = 0
- zero_index = None
- for i, octet in enumerate(octets + (-1,)):
- if octet != 0:
- if zero_index is not None:
- length = i - zero_index
- if length not in runs_of_zero:
- runs_of_zero[length] = zero_index
- longest_run = max(longest_run, length)
- zero_index = None
- elif zero_index is None:
- zero_index = i
-
- hexed = [hex(o)[2:] for o in octets]
-
- if longest_run < 2:
- return ':'.join(hexed)
-
- zero_start = runs_of_zero[longest_run]
- zero_end = zero_start + longest_run
-
- return ':'.join(hexed[:zero_start]) + '::' + ':'.join(hexed[zero_end:])
-
-
-def inet_pton(address_family, ip_string):
- """
- Windows compatiblity shim for socket.inet_ntop().
-
- :param address_family:
- socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
-
- :param ip_string:
- A unicode string of an IP address
-
- :return:
- A byte string of the network form of the IP address
- """
-
- if address_family not in set([socket.AF_INET, socket.AF_INET6]):
- raise ValueError(unwrap(
- '''
- address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
- not %s
- ''',
- repr(socket.AF_INET),
- repr(socket.AF_INET6),
- repr(address_family)
- ))
-
- if not isinstance(ip_string, str_cls):
- raise TypeError(unwrap(
- '''
- ip_string must be a unicode string, not %s
- ''',
- type_name(ip_string)
- ))
-
- if address_family == socket.AF_INET:
- octets = ip_string.split('.')
- error = len(octets) != 4
- if not error:
- ints = []
- for o in octets:
- o = int(o)
- if o > 255 or o < 0:
- error = True
- break
- ints.append(o)
-
- if error:
- raise ValueError(unwrap(
- '''
- ip_string must be a dotted string with four integers in the
- range of 0 to 255, got %s
- ''',
- repr(ip_string)
- ))
-
- return struct.pack(b'!BBBB', *ints)
-
- error = False
- omitted = ip_string.count('::')
- if omitted > 1:
- error = True
- elif omitted == 0:
- octets = ip_string.split(':')
- error = len(octets) != 8
- else:
- begin, end = ip_string.split('::')
- begin_octets = begin.split(':')
- end_octets = end.split(':')
- missing = 8 - len(begin_octets) - len(end_octets)
- octets = begin_octets + (['0'] * missing) + end_octets
-
- if not error:
- ints = []
- for o in octets:
- o = int(o, 16)
- if o > 65535 or o < 0:
- error = True
- break
- ints.append(o)
-
- return struct.pack(b'!HHHHHHHH', *ints)
-
- raise ValueError(unwrap(
- '''
- ip_string must be a valid ipv6 string, got %s
- ''',
- repr(ip_string)
- ))
+# coding: utf-8
+from __future__ import unicode_literals, division, absolute_import, print_function
+
+import socket
+import struct
+
+from ._errors import unwrap
+from ._types import byte_cls, bytes_to_list, str_cls, type_name
+
+
+def inet_ntop(address_family, packed_ip):
+ """
+ Windows compatibility shim for socket.inet_ntop().
+
+ :param address_family:
+ socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
+
+ :param packed_ip:
+ A byte string of the network form of an IP address
+
+ :return:
+ A unicode string of the IP address
+ """
+
+ if address_family not in set([socket.AF_INET, socket.AF_INET6]):
+ raise ValueError(unwrap(
+ '''
+ address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
+ not %s
+ ''',
+ repr(socket.AF_INET),
+ repr(socket.AF_INET6),
+ repr(address_family)
+ ))
+
+ if not isinstance(packed_ip, byte_cls):
+ raise TypeError(unwrap(
+ '''
+ packed_ip must be a byte string, not %s
+ ''',
+ type_name(packed_ip)
+ ))
+
+ required_len = 4 if address_family == socket.AF_INET else 16
+ if len(packed_ip) != required_len:
+ raise ValueError(unwrap(
+ '''
+ packed_ip must be %d bytes long - is %d
+ ''',
+ required_len,
+ len(packed_ip)
+ ))
+
+ if address_family == socket.AF_INET:
+ return '%d.%d.%d.%d' % tuple(bytes_to_list(packed_ip))
+
+ octets = struct.unpack(b'!HHHHHHHH', packed_ip)
+
+ runs_of_zero = {}
+ longest_run = 0
+ zero_index = None
+ for i, octet in enumerate(octets + (-1,)):
+ if octet != 0:
+ if zero_index is not None:
+ length = i - zero_index
+ if length not in runs_of_zero:
+ runs_of_zero[length] = zero_index
+ longest_run = max(longest_run, length)
+ zero_index = None
+ elif zero_index is None:
+ zero_index = i
+
+ hexed = [hex(o)[2:] for o in octets]
+
+ if longest_run < 2:
+ return ':'.join(hexed)
+
+ zero_start = runs_of_zero[longest_run]
+ zero_end = zero_start + longest_run
+
+ return ':'.join(hexed[:zero_start]) + '::' + ':'.join(hexed[zero_end:])
+
+
+def inet_pton(address_family, ip_string):
+ """
+ Windows compatibility shim for socket.inet_ntop().
+
+ :param address_family:
+ socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
+
+ :param ip_string:
+ A unicode string of an IP address
+
+ :return:
+ A byte string of the network form of the IP address
+ """
+
+ if address_family not in set([socket.AF_INET, socket.AF_INET6]):
+ raise ValueError(unwrap(
+ '''
+ address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
+ not %s
+ ''',
+ repr(socket.AF_INET),
+ repr(socket.AF_INET6),
+ repr(address_family)
+ ))
+
+ if not isinstance(ip_string, str_cls):
+ raise TypeError(unwrap(
+ '''
+ ip_string must be a unicode string, not %s
+ ''',
+ type_name(ip_string)
+ ))
+
+ if address_family == socket.AF_INET:
+ octets = ip_string.split('.')
+ error = len(octets) != 4
+ if not error:
+ ints = []
+ for o in octets:
+ o = int(o)
+ if o > 255 or o < 0:
+ error = True
+ break
+ ints.append(o)
+
+ if error:
+ raise ValueError(unwrap(
+ '''
+ ip_string must be a dotted string with four integers in the
+ range of 0 to 255, got %s
+ ''',
+ repr(ip_string)
+ ))
+
+ return struct.pack(b'!BBBB', *ints)
+
+ error = False
+ omitted = ip_string.count('::')
+ if omitted > 1:
+ error = True
+ elif omitted == 0:
+ octets = ip_string.split(':')
+ error = len(octets) != 8
+ else:
+ begin, end = ip_string.split('::')
+ begin_octets = begin.split(':')
+ end_octets = end.split(':')
+ missing = 8 - len(begin_octets) - len(end_octets)
+ octets = begin_octets + (['0'] * missing) + end_octets
+
+ if not error:
+ ints = []
+ for o in octets:
+ o = int(o, 16)
+ if o > 65535 or o < 0:
+ error = True
+ break
+ ints.append(o)
+
+ return struct.pack(b'!HHHHHHHH', *ints)
+
+ raise ValueError(unwrap(
+ '''
+ ip_string must be a valid ipv6 string, got %s
+ ''',
+ repr(ip_string)
+ ))
diff --git a/asn1crypto/_perf/_big_num_ctypes.py b/asn1crypto/_perf/_big_num_ctypes.py
index dc4d853..8e37e9b 100644
--- a/asn1crypto/_perf/_big_num_ctypes.py
+++ b/asn1crypto/_perf/_big_num_ctypes.py
@@ -21,6 +21,8 @@ interfacing with libcrypto.
from __future__ import unicode_literals, division, absolute_import, print_function
+import sys
+
from ctypes import CDLL, c_int, c_char_p, c_void_p
from ctypes.util import find_library
@@ -28,7 +30,9 @@ from .._ffi import LibraryNotFoundError, FFIEngineError
try:
- libcrypto_path = find_library('crypto')
+ # On Python 2, the unicode string here may raise a UnicodeDecodeError as it
+ # tries to join a bytestring path to the unicode name "crypto"
+ libcrypto_path = find_library(b'crypto' if sys.version_info < (3,) else 'crypto')
if not libcrypto_path:
raise LibraryNotFoundError('The library libcrypto could not be found')
diff --git a/asn1crypto/algos.py b/asn1crypto/algos.py
index 979207a..c805433 100644
--- a/asn1crypto/algos.py
+++ b/asn1crypto/algos.py
@@ -5,6 +5,7 @@ ASN.1 type classes for various algorithms using in various aspects of public
key cryptography. Exports the following items:
- AlgorithmIdentifier()
+ - AnyAlgorithmIdentifier()
- DigestAlgorithm()
- DigestInfo()
- DSASignature()
@@ -182,8 +183,7 @@ class RSASSAPSSParams(Sequence):
'hash_algorithm',
DigestAlgorithm,
{
- 'tag_type': 'explicit',
- 'tag': 0,
+ 'explicit': 0,
'default': {'algorithm': 'sha1'},
}
),
@@ -191,8 +191,7 @@ class RSASSAPSSParams(Sequence):
'mask_gen_algorithm',
MaskGenAlgorithm,
{
- 'tag_type': 'explicit',
- 'tag': 1,
+ 'explicit': 1,
'default': {
'algorithm': 'mgf1',
'parameters': {'algorithm': 'sha1'},
@@ -203,8 +202,7 @@ class RSASSAPSSParams(Sequence):
'salt_length',
Integer,
{
- 'tag_type': 'explicit',
- 'tag': 2,
+ 'explicit': 2,
'default': 20,
}
),
@@ -212,8 +210,7 @@ class RSASSAPSSParams(Sequence):
'trailer_field',
TrailerField,
{
- 'tag_type': 'explicit',
- 'tag': 3,
+ 'explicit': 3,
'default': 'trailer_field_bc',
}
),
@@ -481,8 +478,7 @@ class RSAESOAEPParams(Sequence):
'hash_algorithm',
DigestAlgorithm,
{
- 'tag_type': 'explicit',
- 'tag': 0,
+ 'explicit': 0,
'default': {'algorithm': 'sha1'}
}
),
@@ -490,8 +486,7 @@ class RSAESOAEPParams(Sequence):
'mask_gen_algorithm',
MaskGenAlgorithm,
{
- 'tag_type': 'explicit',
- 'tag': 1,
+ 'explicit': 1,
'default': {
'algorithm': 'mgf1',
'parameters': {'algorithm': 'sha1'}
@@ -502,8 +497,7 @@ class RSAESOAEPParams(Sequence):
'p_source_algorithm',
PSourceAlgorithm,
{
- 'tag_type': 'explicit',
- 'tag': 2,
+ 'explicit': 2,
'default': {
'algorithm': 'p_specified',
'parameters': b''
@@ -1120,3 +1114,30 @@ class Pkcs5MacAlgorithm(Sequence):
EncryptionAlgorithm._oid_specs['pbes2'] = Pbes2Params
+
+
+class AnyAlgorithmId(ObjectIdentifier):
+ _map = {}
+
+ def _setup(self):
+ _map = self.__class__._map
+ for other_cls in (EncryptionAlgorithmId, SignedDigestAlgorithmId, DigestAlgorithmId):
+ for oid, name in other_cls._map.items():
+ _map[oid] = name
+
+
+class AnyAlgorithmIdentifier(_ForceNullParameters, Sequence):
+ _fields = [
+ ('algorithm', AnyAlgorithmId),
+ ('parameters', Any, {'optional': True}),
+ ]
+
+ _oid_pair = ('algorithm', 'parameters')
+ _oid_specs = {}
+
+ def _setup(self):
+ Sequence._setup(self)
+ specs = self.__class__._oid_specs
+ for other_cls in (EncryptionAlgorithm, SignedDigestAlgorithm):
+ for oid, spec in other_cls._oid_specs.items():
+ specs[oid] = spec
diff --git a/asn1crypto/cms.py b/asn1crypto/cms.py
index 8218797..9cad949 100644
--- a/asn1crypto/cms.py
+++ b/asn1crypto/cms.py
@@ -15,6 +15,8 @@ compatible with PKCS#7. Exports the following items:
- SignedData()
Other type classes are defined that help compose the types listed above.
+
+Most CMS structures in the wild are formatted as ContentInfo encapsulating one of the other types.
"""
from __future__ import unicode_literals, division, absolute_import, print_function
@@ -99,6 +101,8 @@ class CMSAttributeType(ObjectIdentifier):
'1.2.840.113549.1.9.6': 'counter_signature',
# https://tools.ietf.org/html/rfc3161#page-20
'1.2.840.113549.1.9.16.2.14': 'signature_time_stamp_token',
+ # https://tools.ietf.org/html/rfc6211#page-5
+ '1.2.840.113549.1.9.52': 'cms_algorithm_protection',
}
@@ -123,6 +127,14 @@ class ContentType(ObjectIdentifier):
}
+class CMSAlgorithmProtection(Sequence):
+ _fields = [
+ ('digest_algorithm', DigestAlgorithm),
+ ('signature_algorithm', SignedDigestAlgorithm, {'implicit': 1, 'optional': True}),
+ ('mac_algorithm', HmacAlgorithm, {'implicit': 2, 'optional': True}),
+ ]
+
+
class SetOfContentType(SetOf):
_child_spec = ContentType
@@ -139,6 +151,10 @@ class SetOfAny(SetOf):
_child_spec = Any
+class SetOfCMSAlgorithmProtection(SetOf):
+ _child_spec = CMSAlgorithmProtection
+
+
class CMSAttribute(Sequence):
_fields = [
('type', CMSAttributeType),
@@ -176,8 +192,8 @@ class AttCertVersion(Integer):
class AttCertSubject(Choice):
_alternatives = [
- ('base_certificate_id', IssuerSerial, {'tag_type': 'explicit', 'tag': 0}),
- ('subject_name', GeneralNames, {'tag_type': 'explicit', 'tag': 1}),
+ ('base_certificate_id', IssuerSerial, {'explicit': 0}),
+ ('subject_name', GeneralNames, {'explicit': 1}),
]
@@ -229,24 +245,24 @@ class ObjectDigestInfo(Sequence):
class Holder(Sequence):
_fields = [
- ('base_certificate_id', IssuerSerial, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
- ('entity_name', GeneralNames, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
- ('object_digest_info', ObjectDigestInfo, {'tag_type': 'implicit', 'tag': 2, 'optional': True}),
+ ('base_certificate_id', IssuerSerial, {'implicit': 0, 'optional': True}),
+ ('entity_name', GeneralNames, {'implicit': 1, 'optional': True}),
+ ('object_digest_info', ObjectDigestInfo, {'implicit': 2, 'optional': True}),
]
class V2Form(Sequence):
_fields = [
('issuer_name', GeneralNames, {'optional': True}),
- ('base_certificate_id', IssuerSerial, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
- ('object_digest_info', ObjectDigestInfo, {'tag_type': 'explicit', 'tag': 1, 'optional': True}),
+ ('base_certificate_id', IssuerSerial, {'explicit': 0, 'optional': True}),
+ ('object_digest_info', ObjectDigestInfo, {'explicit': 1, 'optional': True}),
]
class AttCertIssuer(Choice):
_alternatives = [
('v1_form', GeneralNames),
- ('v2_form', V2Form, {'tag_type': 'explicit', 'tag': 0}),
+ ('v2_form', V2Form, {'explicit': 0}),
]
@@ -264,7 +280,7 @@ class IetfAttrValues(SequenceOf):
class IetfAttrSyntax(Sequence):
_fields = [
- ('policy_authority', GeneralNames, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+ ('policy_authority', GeneralNames, {'implicit': 0, 'optional': True}),
('values', IetfAttrValues),
]
@@ -287,8 +303,8 @@ class SetOfSvceAuthInfo(SetOf):
class RoleSyntax(Sequence):
_fields = [
- ('role_authority', GeneralNames, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
- ('role_name', GeneralName, {'tag_type': 'implicit', 'tag': 1}),
+ ('role_authority', GeneralNames, {'implicit': 0, 'optional': True}),
+ ('role_name', GeneralName, {'implicit': 1}),
]
@@ -309,8 +325,8 @@ class ClassList(BitString):
class SecurityCategory(Sequence):
_fields = [
- ('type', ObjectIdentifier, {'tag_type': 'implicit', 'tag': 0}),
- ('value', Any, {'tag_type': 'implicit', 'tag': 1}),
+ ('type', ObjectIdentifier, {'implicit': 0}),
+ ('value', Any, {'implicit': 1}),
]
@@ -320,9 +336,9 @@ class SetOfSecurityCategory(SetOf):
class Clearance(Sequence):
_fields = [
- ('policy_id', ObjectIdentifier, {'tag_type': 'implicit', 'tag': 0}),
- ('class_list', ClassList, {'tag_type': 'implicit', 'tag': 1, 'default': 'unclassified'}),
- ('security_categories', SetOfSecurityCategory, {'tag_type': 'implicit', 'tag': 2, 'optional': True}),
+ ('policy_id', ObjectIdentifier, {'implicit': 0}),
+ ('class_list', ClassList, {'implicit': 1, 'default': 'unclassified'}),
+ ('security_categories', SetOfSecurityCategory, {'implicit': 2, 'optional': True}),
]
@@ -366,8 +382,8 @@ class SetOfTimingMetrics(SetOf):
class TimingPolicy(Sequence):
_fields = [
('policy_id', SequenceOf, {'spec': ObjectIdentifier}),
- ('max_offset', BigTime, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
- ('max_delay', BigTime, {'tag_type': 'explicit', 'tag': 1, 'optional': True}),
+ ('max_offset', BigTime, {'explicit': 0, 'optional': True}),
+ ('max_delay', BigTime, {'explicit': 1, 'optional': True}),
]
@@ -452,10 +468,10 @@ class OtherCertificateFormat(Sequence):
class CertificateChoices(Choice):
_alternatives = [
('certificate', Certificate),
- ('extended_certificate', ExtendedCertificate, {'tag_type': 'implicit', 'tag': 0}),
- ('v1_attr_cert', AttributeCertificateV1, {'tag_type': 'implicit', 'tag': 1}),
- ('v2_attr_cert', AttributeCertificateV2, {'tag_type': 'implicit', 'tag': 2}),
- ('other', OtherCertificateFormat, {'tag_type': 'implicit', 'tag': 3}),
+ ('extended_certificate', ExtendedCertificate, {'implicit': 0}),
+ ('v1_attr_cert', AttributeCertificateV1, {'implicit': 1}),
+ ('v2_attr_cert', AttributeCertificateV2, {'implicit': 2}),
+ ('other', OtherCertificateFormat, {'implicit': 3}),
]
def validate(self, class_, tag, contents):
@@ -491,7 +507,7 @@ class CertificateSet(SetOf):
class ContentInfo(Sequence):
_fields = [
('content_type', ContentType),
- ('content', Any, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
+ ('content', Any, {'explicit': 0, 'optional': True}),
]
_oid_pair = ('content_type', 'content')
@@ -505,7 +521,7 @@ class SetOfContentInfo(SetOf):
class EncapsulatedContentInfo(Sequence):
_fields = [
('content_type', ContentType),
- ('content', ParsableOctetString, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
+ ('content', ParsableOctetString, {'explicit': 0, 'optional': True}),
]
_oid_pair = ('content_type', 'content')
@@ -522,7 +538,7 @@ class IssuerAndSerialNumber(Sequence):
class SignerIdentifier(Choice):
_alternatives = [
('issuer_and_serial_number', IssuerAndSerialNumber),
- ('subject_key_identifier', OctetString, {'tag_type': 'implicit', 'tag': 0}),
+ ('subject_key_identifier', OctetString, {'implicit': 0}),
]
@@ -536,7 +552,7 @@ class CertificateRevocationLists(SetOf):
class SCVPReqRes(Sequence):
_fields = [
- ('request', ContentInfo, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
+ ('request', ContentInfo, {'explicit': 0, 'optional': True}),
('response', ContentInfo),
]
@@ -564,7 +580,7 @@ class OtherRevocationInfoFormat(Sequence):
class RevocationInfoChoice(Choice):
_alternatives = [
('crl', CertificateList),
- ('other', OtherRevocationInfoFormat, {'tag_type': 'implciit', 'tag': 1}),
+ ('other', OtherRevocationInfoFormat, {'implicit': 1}),
]
@@ -577,10 +593,10 @@ class SignerInfo(Sequence):
('version', CMSVersion),
('sid', SignerIdentifier),
('digest_algorithm', DigestAlgorithm),
- ('signed_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+ ('signed_attrs', CMSAttributes, {'implicit': 0, 'optional': True}),
('signature_algorithm', SignedDigestAlgorithm),
('signature', OctetString),
- ('unsigned_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('unsigned_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),
]
@@ -593,8 +609,8 @@ class SignedData(Sequence):
('version', CMSVersion),
('digest_algorithms', DigestAlgorithms),
('encap_content_info', None),
- ('certificates', CertificateSet, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
- ('crls', RevocationInfoChoices, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('certificates', CertificateSet, {'implicit': 0, 'optional': True}),
+ ('crls', RevocationInfoChoices, {'implicit': 1, 'optional': True}),
('signer_infos', SignerInfos),
]
@@ -619,15 +635,15 @@ class SignedData(Sequence):
class OriginatorInfo(Sequence):
_fields = [
- ('certs', CertificateSet, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
- ('crls', RevocationInfoChoices, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('certs', CertificateSet, {'implicit': 0, 'optional': True}),
+ ('crls', RevocationInfoChoices, {'implicit': 1, 'optional': True}),
]
class RecipientIdentifier(Choice):
_alternatives = [
('issuer_and_serial_number', IssuerAndSerialNumber),
- ('subject_key_identifier', OctetString, {'tag_type': 'implicit', 'tag': 0}),
+ ('subject_key_identifier', OctetString, {'implicit': 0}),
]
@@ -662,8 +678,8 @@ class KeyTransRecipientInfo(Sequence):
class OriginatorIdentifierOrKey(Choice):
_alternatives = [
('issuer_and_serial_number', IssuerAndSerialNumber),
- ('subject_key_identifier', OctetString, {'tag_type': 'implicit', 'tag': 0}),
- ('originator_key', PublicKeyInfo, {'tag_type': 'implicit', 'tag': 1}),
+ ('subject_key_identifier', OctetString, {'implicit': 0}),
+ ('originator_key', PublicKeyInfo, {'implicit': 1}),
]
@@ -685,7 +701,7 @@ class RecipientKeyIdentifier(Sequence):
class KeyAgreementRecipientIdentifier(Choice):
_alternatives = [
('issuer_and_serial_number', IssuerAndSerialNumber),
- ('r_key_id', RecipientKeyIdentifier, {'tag_type': 'implicit', 'tag': 0}),
+ ('r_key_id', RecipientKeyIdentifier, {'implicit': 0}),
]
@@ -703,8 +719,8 @@ class RecipientEncryptedKeys(SequenceOf):
class KeyAgreeRecipientInfo(Sequence):
_fields = [
('version', CMSVersion),
- ('originator', OriginatorIdentifierOrKey, {'tag_type': 'explicit', 'tag': 0}),
- ('ukm', OctetString, {'tag_type': 'explicit', 'tag': 1, 'optional': True}),
+ ('originator', OriginatorIdentifierOrKey, {'explicit': 0}),
+ ('ukm', OctetString, {'explicit': 1, 'optional': True}),
('key_encryption_algorithm', KeyEncryptionAlgorithm),
('recipient_encrypted_keys', RecipientEncryptedKeys),
]
@@ -730,7 +746,7 @@ class KEKRecipientInfo(Sequence):
class PasswordRecipientInfo(Sequence):
_fields = [
('version', CMSVersion),
- ('key_derivation_algorithm', KdfAlgorithm, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+ ('key_derivation_algorithm', KdfAlgorithm, {'implicit': 0, 'optional': True}),
('key_encryption_algorithm', KeyEncryptionAlgorithm),
('encrypted_key', OctetString),
]
@@ -746,10 +762,10 @@ class OtherRecipientInfo(Sequence):
class RecipientInfo(Choice):
_alternatives = [
('ktri', KeyTransRecipientInfo),
- ('kari', KeyAgreeRecipientInfo, {'tag_type': 'implicit', 'tag': 1}),
- ('kekri', KEKRecipientInfo, {'tag_type': 'implicit', 'tag': 2}),
- ('pwri', PasswordRecipientInfo, {'tag_type': 'implicit', 'tag': 3}),
- ('ori', OtherRecipientInfo, {'tag_type': 'implicit', 'tag': 4}),
+ ('kari', KeyAgreeRecipientInfo, {'implicit': 1}),
+ ('kekri', KEKRecipientInfo, {'implicit': 2}),
+ ('pwri', PasswordRecipientInfo, {'implicit': 3}),
+ ('ori', OtherRecipientInfo, {'implicit': 4}),
]
@@ -761,17 +777,17 @@ class EncryptedContentInfo(Sequence):
_fields = [
('content_type', ContentType),
('content_encryption_algorithm', EncryptionAlgorithm),
- ('encrypted_content', OctetString, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+ ('encrypted_content', OctetString, {'implicit': 0, 'optional': True}),
]
class EnvelopedData(Sequence):
_fields = [
('version', CMSVersion),
- ('originator_info', OriginatorInfo, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+ ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),
('recipient_infos', RecipientInfos),
('encrypted_content_info', EncryptedContentInfo),
- ('unprotected_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('unprotected_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),
]
@@ -781,8 +797,8 @@ class SignedAndEnvelopedData(Sequence):
('recipient_infos', RecipientInfos),
('digest_algorithms', DigestAlgorithms),
('encrypted_content_info', EncryptedContentInfo),
- ('certificates', CertificateSet, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
- ('crls', CertificateRevocationLists, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('certificates', CertificateSet, {'implicit': 0, 'optional': True}),
+ ('crls', CertificateRevocationLists, {'implicit': 1, 'optional': True}),
('signer_infos', SignerInfos),
]
@@ -818,35 +834,35 @@ class EncryptedData(Sequence):
_fields = [
('version', CMSVersion),
('encrypted_content_info', EncryptedContentInfo),
- ('unprotected_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('unprotected_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),
]
class AuthenticatedData(Sequence):
_fields = [
('version', CMSVersion),
- ('originator_info', OriginatorInfo, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+ ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),
('recipient_infos', RecipientInfos),
('mac_algorithm', HmacAlgorithm),
- ('digest_algorithm', DigestAlgorithm, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+ ('digest_algorithm', DigestAlgorithm, {'implicit': 1, 'optional': True}),
# This does not require the _spec_callbacks approach of SignedData and
# DigestedData since AuthenticatedData was not part of PKCS#7
('encap_content_info', EncapsulatedContentInfo),
- ('auth_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 2, 'optional': True}),
+ ('auth_attrs', CMSAttributes, {'implicit': 2, 'optional': True}),
... 3612 lines suppressed ...
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/asn1crypto.git
More information about the Python-modules-commits
mailing list