[Python-modules-commits] [asn1crypto] 01/05: New upstream version 0.24.0

Tristan Seligmann mithrandi at moszumanska.debian.org
Sat Dec 23 18:36:16 UTC 2017


This is an automated email from the git hooks/post-receive script.

mithrandi pushed a commit to annotated tag debian/0.24.0-1
in repository asn1crypto.

commit 6cc5f6e90409ffdbe77a6943aa29e391d14fb2a0
Author: Tristan Seligmann <mithrandi at mithrandi.net>
Date:   Sat Dec 23 20:28:36 2017 +0200

    New upstream version 0.24.0
---
 LICENSE                             |  19 +
 MANIFEST.in                         |   3 +
 PKG-INFO                            |   3 +-
 asn1crypto.egg-info/PKG-INFO        |   3 +-
 asn1crypto.egg-info/SOURCES.txt     |   9 +-
 asn1crypto/_elliptic_curve.py       |  12 +-
 asn1crypto/_inet.py                 | 340 +++++++++---------
 asn1crypto/_perf/_big_num_ctypes.py |   6 +-
 asn1crypto/algos.py                 |  49 ++-
 asn1crypto/cms.py                   | 131 ++++---
 asn1crypto/core.py                  | 575 ++++++++++++++++++------------
 asn1crypto/crl.py                   |  16 +-
 asn1crypto/csr.py                   |   2 +-
 asn1crypto/keys.py                  |  16 +-
 asn1crypto/ocsp.py                  |  45 +--
 asn1crypto/pdf.py                   |   6 +-
 asn1crypto/pem.py                   |  16 +-
 asn1crypto/pkcs12.py                |   8 +-
 asn1crypto/tsp.py                   |  26 +-
 asn1crypto/version.py               |   4 +-
 asn1crypto/x509.py                  | 483 +++++++++++++++++++++-----
 changelog.md                        | 339 ++++++++++++++++++
 docs/pem.md                         |  79 +++++
 docs/readme.md                      |  23 ++
 docs/universal_types.md             | 675 ++++++++++++++++++++++++++++++++++++
 readme.md                           | 232 +++++++++++++
 setup.cfg                           |   1 -
 27 files changed, 2506 insertions(+), 615 deletions(-)

diff --git a/LICENSE b/LICENSE
new file mode 100644
index 0000000..cd7ac9e
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,19 @@
+Copyright (c) 2015-2017 Will Bond <will at wbond.net>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
+of the Software, and to permit persons to whom the Software is furnished to do
+so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
diff --git a/MANIFEST.in b/MANIFEST.in
new file mode 100644
index 0000000..40e672e
--- /dev/null
+++ b/MANIFEST.in
@@ -0,0 +1,3 @@
+include LICENSE
+include readme.md changelog.md
+recursive-include docs *.md
diff --git a/PKG-INFO b/PKG-INFO
index b1aeb1a..9f3943d 100644
--- a/PKG-INFO
+++ b/PKG-INFO
@@ -1,11 +1,12 @@
 Metadata-Version: 1.1
 Name: asn1crypto
-Version: 0.22.0
+Version: 0.24.0
 Summary: Fast ASN.1 parser and serializer with definitions for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8, PKCS#12, PKCS#5, X.509 and TSP
 Home-page: https://github.com/wbond/asn1crypto
 Author: wbond
 Author-email: will at wbond.net
 License: MIT
+Description-Content-Type: UNKNOWN
 Description: Docs for this project are maintained at https://github.com/wbond/asn1crypto#readme.
 Keywords: asn1 crypto pki x509 certificate rsa dsa ec dh
 Platform: UNKNOWN
diff --git a/asn1crypto.egg-info/PKG-INFO b/asn1crypto.egg-info/PKG-INFO
index b1aeb1a..9f3943d 100644
--- a/asn1crypto.egg-info/PKG-INFO
+++ b/asn1crypto.egg-info/PKG-INFO
@@ -1,11 +1,12 @@
 Metadata-Version: 1.1
 Name: asn1crypto
-Version: 0.22.0
+Version: 0.24.0
 Summary: Fast ASN.1 parser and serializer with definitions for private keys, public keys, certificates, CRL, OCSP, CMS, PKCS#3, PKCS#7, PKCS#8, PKCS#12, PKCS#5, X.509 and TSP
 Home-page: https://github.com/wbond/asn1crypto
 Author: wbond
 Author-email: will at wbond.net
 License: MIT
+Description-Content-Type: UNKNOWN
 Description: Docs for this project are maintained at https://github.com/wbond/asn1crypto#readme.
 Keywords: asn1 crypto pki x509 certificate rsa dsa ec dh
 Platform: UNKNOWN
diff --git a/asn1crypto.egg-info/SOURCES.txt b/asn1crypto.egg-info/SOURCES.txt
index bc551e1..b48a333 100644
--- a/asn1crypto.egg-info/SOURCES.txt
+++ b/asn1crypto.egg-info/SOURCES.txt
@@ -1,3 +1,7 @@
+LICENSE
+MANIFEST.in
+changelog.md
+readme.md
 setup.py
 asn1crypto/__init__.py
 asn1crypto/_elliptic_curve.py
@@ -29,4 +33,7 @@ asn1crypto.egg-info/SOURCES.txt
 asn1crypto.egg-info/dependency_links.txt
 asn1crypto.egg-info/top_level.txt
 asn1crypto/_perf/__init__.py
-asn1crypto/_perf/_big_num_ctypes.py
\ No newline at end of file
+asn1crypto/_perf/_big_num_ctypes.py
+docs/pem.md
+docs/readme.md
+docs/universal_types.md
\ No newline at end of file
diff --git a/asn1crypto/_elliptic_curve.py b/asn1crypto/_elliptic_curve.py
index 0ecab2d..8c0f12d 100644
--- a/asn1crypto/_elliptic_curve.py
+++ b/asn1crypto/_elliptic_curve.py
@@ -160,10 +160,10 @@ class PrimePoint():
 
         p = self.curve.p
 
-        l = ((other.y - self.y) * inverse_mod(other.x - self.x, p)) % p
+        l_ = ((other.y - self.y) * inverse_mod(other.x - self.x, p)) % p
 
-        x3 = (l * l - self.x - other.x) % p
-        y3 = (l * (self.x - x3) - self.y) % p
+        x3 = (l_ * l_ - self.x - other.x) % p
+        y3 = (l_ * (self.x - x3) - self.y) % p
 
         return PrimePoint(self.curve, x3, y3)
 
@@ -232,10 +232,10 @@ class PrimePoint():
         p = self.curve.p
         a = self.curve.a
 
-        l = ((3 * self.x * self.x + a) * inverse_mod(2 * self.y, p)) % p
+        l_ = ((3 * self.x * self.x + a) * inverse_mod(2 * self.y, p)) % p
 
-        x3 = (l * l - 2 * self.x) % p
-        y3 = (l * (self.x - x3) - self.y) % p
+        x3 = (l_ * l_ - 2 * self.x) % p
+        y3 = (l_ * (self.x - x3) - self.y) % p
 
         return PrimePoint(self.curve, x3, y3)
 
diff --git a/asn1crypto/_inet.py b/asn1crypto/_inet.py
index 0d78aa4..045ba56 100644
--- a/asn1crypto/_inet.py
+++ b/asn1crypto/_inet.py
@@ -1,170 +1,170 @@
-# coding: utf-8
-from __future__ import unicode_literals, division, absolute_import, print_function
-
-import socket
-import struct
-
-from ._errors import unwrap
-from ._types import byte_cls, bytes_to_list, str_cls, type_name
-
-
-def inet_ntop(address_family, packed_ip):
-    """
-    Windows compatiblity shim for socket.inet_ntop().
-
-    :param address_family:
-        socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
-
-    :param packed_ip:
-        A byte string of the network form of an IP address
-
-    :return:
-        A unicode string of the IP address
-    """
-
-    if address_family not in set([socket.AF_INET, socket.AF_INET6]):
-        raise ValueError(unwrap(
-            '''
-            address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
-            not %s
-            ''',
-            repr(socket.AF_INET),
-            repr(socket.AF_INET6),
-            repr(address_family)
-        ))
-
-    if not isinstance(packed_ip, byte_cls):
-        raise TypeError(unwrap(
-            '''
-            packed_ip must be a byte string, not %s
-            ''',
-            type_name(packed_ip)
-        ))
-
-    required_len = 4 if address_family == socket.AF_INET else 16
-    if len(packed_ip) != required_len:
-        raise ValueError(unwrap(
-            '''
-            packed_ip must be %d bytes long - is %d
-            ''',
-            required_len,
-            len(packed_ip)
-        ))
-
-    if address_family == socket.AF_INET:
-        return '%d.%d.%d.%d' % tuple(bytes_to_list(packed_ip))
-
-    octets = struct.unpack(b'!HHHHHHHH', packed_ip)
-
-    runs_of_zero = {}
-    longest_run = 0
-    zero_index = None
-    for i, octet in enumerate(octets + (-1,)):
-        if octet != 0:
-            if zero_index is not None:
-                length = i - zero_index
-                if length not in runs_of_zero:
-                    runs_of_zero[length] = zero_index
-                longest_run = max(longest_run, length)
-                zero_index = None
-        elif zero_index is None:
-            zero_index = i
-
-    hexed = [hex(o)[2:] for o in octets]
-
-    if longest_run < 2:
-        return ':'.join(hexed)
-
-    zero_start = runs_of_zero[longest_run]
-    zero_end = zero_start + longest_run
-
-    return ':'.join(hexed[:zero_start]) + '::' + ':'.join(hexed[zero_end:])
-
-
-def inet_pton(address_family, ip_string):
-    """
-    Windows compatiblity shim for socket.inet_ntop().
-
-    :param address_family:
-        socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
-
-    :param ip_string:
-        A unicode string of an IP address
-
-    :return:
-        A byte string of the network form of the IP address
-    """
-
-    if address_family not in set([socket.AF_INET, socket.AF_INET6]):
-        raise ValueError(unwrap(
-            '''
-            address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
-            not %s
-            ''',
-            repr(socket.AF_INET),
-            repr(socket.AF_INET6),
-            repr(address_family)
-        ))
-
-    if not isinstance(ip_string, str_cls):
-        raise TypeError(unwrap(
-            '''
-            ip_string must be a unicode string, not %s
-            ''',
-            type_name(ip_string)
-        ))
-
-    if address_family == socket.AF_INET:
-        octets = ip_string.split('.')
-        error = len(octets) != 4
-        if not error:
-            ints = []
-            for o in octets:
-                o = int(o)
-                if o > 255 or o < 0:
-                    error = True
-                    break
-                ints.append(o)
-
-        if error:
-            raise ValueError(unwrap(
-                '''
-                ip_string must be a dotted string with four integers in the
-                range of 0 to 255, got %s
-                ''',
-                repr(ip_string)
-            ))
-
-        return struct.pack(b'!BBBB', *ints)
-
-    error = False
-    omitted = ip_string.count('::')
-    if omitted > 1:
-        error = True
-    elif omitted == 0:
-        octets = ip_string.split(':')
-        error = len(octets) != 8
-    else:
-        begin, end = ip_string.split('::')
-        begin_octets = begin.split(':')
-        end_octets = end.split(':')
-        missing = 8 - len(begin_octets) - len(end_octets)
-        octets = begin_octets + (['0'] * missing) + end_octets
-
-    if not error:
-        ints = []
-        for o in octets:
-            o = int(o, 16)
-            if o > 65535 or o < 0:
-                error = True
-                break
-            ints.append(o)
-
-        return struct.pack(b'!HHHHHHHH', *ints)
-
-    raise ValueError(unwrap(
-        '''
-        ip_string must be a valid ipv6 string, got %s
-        ''',
-        repr(ip_string)
-    ))
+# coding: utf-8
+from __future__ import unicode_literals, division, absolute_import, print_function
+
+import socket
+import struct
+
+from ._errors import unwrap
+from ._types import byte_cls, bytes_to_list, str_cls, type_name
+
+
+def inet_ntop(address_family, packed_ip):
+    """
+    Windows compatibility shim for socket.inet_ntop().
+
+    :param address_family:
+        socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
+
+    :param packed_ip:
+        A byte string of the network form of an IP address
+
+    :return:
+        A unicode string of the IP address
+    """
+
+    if address_family not in set([socket.AF_INET, socket.AF_INET6]):
+        raise ValueError(unwrap(
+            '''
+            address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
+            not %s
+            ''',
+            repr(socket.AF_INET),
+            repr(socket.AF_INET6),
+            repr(address_family)
+        ))
+
+    if not isinstance(packed_ip, byte_cls):
+        raise TypeError(unwrap(
+            '''
+            packed_ip must be a byte string, not %s
+            ''',
+            type_name(packed_ip)
+        ))
+
+    required_len = 4 if address_family == socket.AF_INET else 16
+    if len(packed_ip) != required_len:
+        raise ValueError(unwrap(
+            '''
+            packed_ip must be %d bytes long - is %d
+            ''',
+            required_len,
+            len(packed_ip)
+        ))
+
+    if address_family == socket.AF_INET:
+        return '%d.%d.%d.%d' % tuple(bytes_to_list(packed_ip))
+
+    octets = struct.unpack(b'!HHHHHHHH', packed_ip)
+
+    runs_of_zero = {}
+    longest_run = 0
+    zero_index = None
+    for i, octet in enumerate(octets + (-1,)):
+        if octet != 0:
+            if zero_index is not None:
+                length = i - zero_index
+                if length not in runs_of_zero:
+                    runs_of_zero[length] = zero_index
+                longest_run = max(longest_run, length)
+                zero_index = None
+        elif zero_index is None:
+            zero_index = i
+
+    hexed = [hex(o)[2:] for o in octets]
+
+    if longest_run < 2:
+        return ':'.join(hexed)
+
+    zero_start = runs_of_zero[longest_run]
+    zero_end = zero_start + longest_run
+
+    return ':'.join(hexed[:zero_start]) + '::' + ':'.join(hexed[zero_end:])
+
+
+def inet_pton(address_family, ip_string):
+    """
+    Windows compatibility shim for socket.inet_ntop().
+
+    :param address_family:
+        socket.AF_INET for IPv4 or socket.AF_INET6 for IPv6
+
+    :param ip_string:
+        A unicode string of an IP address
+
+    :return:
+        A byte string of the network form of the IP address
+    """
+
+    if address_family not in set([socket.AF_INET, socket.AF_INET6]):
+        raise ValueError(unwrap(
+            '''
+            address_family must be socket.AF_INET (%s) or socket.AF_INET6 (%s),
+            not %s
+            ''',
+            repr(socket.AF_INET),
+            repr(socket.AF_INET6),
+            repr(address_family)
+        ))
+
+    if not isinstance(ip_string, str_cls):
+        raise TypeError(unwrap(
+            '''
+            ip_string must be a unicode string, not %s
+            ''',
+            type_name(ip_string)
+        ))
+
+    if address_family == socket.AF_INET:
+        octets = ip_string.split('.')
+        error = len(octets) != 4
+        if not error:
+            ints = []
+            for o in octets:
+                o = int(o)
+                if o > 255 or o < 0:
+                    error = True
+                    break
+                ints.append(o)
+
+        if error:
+            raise ValueError(unwrap(
+                '''
+                ip_string must be a dotted string with four integers in the
+                range of 0 to 255, got %s
+                ''',
+                repr(ip_string)
+            ))
+
+        return struct.pack(b'!BBBB', *ints)
+
+    error = False
+    omitted = ip_string.count('::')
+    if omitted > 1:
+        error = True
+    elif omitted == 0:
+        octets = ip_string.split(':')
+        error = len(octets) != 8
+    else:
+        begin, end = ip_string.split('::')
+        begin_octets = begin.split(':')
+        end_octets = end.split(':')
+        missing = 8 - len(begin_octets) - len(end_octets)
+        octets = begin_octets + (['0'] * missing) + end_octets
+
+    if not error:
+        ints = []
+        for o in octets:
+            o = int(o, 16)
+            if o > 65535 or o < 0:
+                error = True
+                break
+            ints.append(o)
+
+        return struct.pack(b'!HHHHHHHH', *ints)
+
+    raise ValueError(unwrap(
+        '''
+        ip_string must be a valid ipv6 string, got %s
+        ''',
+        repr(ip_string)
+    ))
diff --git a/asn1crypto/_perf/_big_num_ctypes.py b/asn1crypto/_perf/_big_num_ctypes.py
index dc4d853..8e37e9b 100644
--- a/asn1crypto/_perf/_big_num_ctypes.py
+++ b/asn1crypto/_perf/_big_num_ctypes.py
@@ -21,6 +21,8 @@ interfacing with libcrypto.
 
 from __future__ import unicode_literals, division, absolute_import, print_function
 
+import sys
+
 from ctypes import CDLL, c_int, c_char_p, c_void_p
 from ctypes.util import find_library
 
@@ -28,7 +30,9 @@ from .._ffi import LibraryNotFoundError, FFIEngineError
 
 
 try:
-    libcrypto_path = find_library('crypto')
+    # On Python 2, the unicode string here may raise a UnicodeDecodeError as it
+    # tries to join a bytestring path to the unicode name "crypto"
+    libcrypto_path = find_library(b'crypto' if sys.version_info < (3,) else 'crypto')
     if not libcrypto_path:
         raise LibraryNotFoundError('The library libcrypto could not be found')
 
diff --git a/asn1crypto/algos.py b/asn1crypto/algos.py
index 979207a..c805433 100644
--- a/asn1crypto/algos.py
+++ b/asn1crypto/algos.py
@@ -5,6 +5,7 @@ ASN.1 type classes for various algorithms using in various aspects of public
 key cryptography. Exports the following items:
 
  - AlgorithmIdentifier()
+ - AnyAlgorithmIdentifier()
  - DigestAlgorithm()
  - DigestInfo()
  - DSASignature()
@@ -182,8 +183,7 @@ class RSASSAPSSParams(Sequence):
             'hash_algorithm',
             DigestAlgorithm,
             {
-                'tag_type': 'explicit',
-                'tag': 0,
+                'explicit': 0,
                 'default': {'algorithm': 'sha1'},
             }
         ),
@@ -191,8 +191,7 @@ class RSASSAPSSParams(Sequence):
             'mask_gen_algorithm',
             MaskGenAlgorithm,
             {
-                'tag_type': 'explicit',
-                'tag': 1,
+                'explicit': 1,
                 'default': {
                     'algorithm': 'mgf1',
                     'parameters': {'algorithm': 'sha1'},
@@ -203,8 +202,7 @@ class RSASSAPSSParams(Sequence):
             'salt_length',
             Integer,
             {
-                'tag_type': 'explicit',
-                'tag': 2,
+                'explicit': 2,
                 'default': 20,
             }
         ),
@@ -212,8 +210,7 @@ class RSASSAPSSParams(Sequence):
             'trailer_field',
             TrailerField,
             {
-                'tag_type': 'explicit',
-                'tag': 3,
+                'explicit': 3,
                 'default': 'trailer_field_bc',
             }
         ),
@@ -481,8 +478,7 @@ class RSAESOAEPParams(Sequence):
             'hash_algorithm',
             DigestAlgorithm,
             {
-                'tag_type': 'explicit',
-                'tag': 0,
+                'explicit': 0,
                 'default': {'algorithm': 'sha1'}
             }
         ),
@@ -490,8 +486,7 @@ class RSAESOAEPParams(Sequence):
             'mask_gen_algorithm',
             MaskGenAlgorithm,
             {
-                'tag_type': 'explicit',
-                'tag': 1,
+                'explicit': 1,
                 'default': {
                     'algorithm': 'mgf1',
                     'parameters': {'algorithm': 'sha1'}
@@ -502,8 +497,7 @@ class RSAESOAEPParams(Sequence):
             'p_source_algorithm',
             PSourceAlgorithm,
             {
-                'tag_type': 'explicit',
-                'tag': 2,
+                'explicit': 2,
                 'default': {
                     'algorithm': 'p_specified',
                     'parameters': b''
@@ -1120,3 +1114,30 @@ class Pkcs5MacAlgorithm(Sequence):
 
 
 EncryptionAlgorithm._oid_specs['pbes2'] = Pbes2Params
+
+
+class AnyAlgorithmId(ObjectIdentifier):
+    _map = {}
+
+    def _setup(self):
+        _map = self.__class__._map
+        for other_cls in (EncryptionAlgorithmId, SignedDigestAlgorithmId, DigestAlgorithmId):
+            for oid, name in other_cls._map.items():
+                _map[oid] = name
+
+
+class AnyAlgorithmIdentifier(_ForceNullParameters, Sequence):
+    _fields = [
+        ('algorithm', AnyAlgorithmId),
+        ('parameters', Any, {'optional': True}),
+    ]
+
+    _oid_pair = ('algorithm', 'parameters')
+    _oid_specs = {}
+
+    def _setup(self):
+        Sequence._setup(self)
+        specs = self.__class__._oid_specs
+        for other_cls in (EncryptionAlgorithm, SignedDigestAlgorithm):
+            for oid, spec in other_cls._oid_specs.items():
+                specs[oid] = spec
diff --git a/asn1crypto/cms.py b/asn1crypto/cms.py
index 8218797..9cad949 100644
--- a/asn1crypto/cms.py
+++ b/asn1crypto/cms.py
@@ -15,6 +15,8 @@ compatible with PKCS#7. Exports the following items:
  - SignedData()
 
 Other type classes are defined that help compose the types listed above.
+
+Most CMS structures in the wild are formatted as ContentInfo encapsulating one of the other types.
 """
 
 from __future__ import unicode_literals, division, absolute_import, print_function
@@ -99,6 +101,8 @@ class CMSAttributeType(ObjectIdentifier):
         '1.2.840.113549.1.9.6': 'counter_signature',
         # https://tools.ietf.org/html/rfc3161#page-20
         '1.2.840.113549.1.9.16.2.14': 'signature_time_stamp_token',
+        # https://tools.ietf.org/html/rfc6211#page-5
+        '1.2.840.113549.1.9.52': 'cms_algorithm_protection',
     }
 
 
@@ -123,6 +127,14 @@ class ContentType(ObjectIdentifier):
     }
 
 
+class CMSAlgorithmProtection(Sequence):
+    _fields = [
+        ('digest_algorithm', DigestAlgorithm),
+        ('signature_algorithm', SignedDigestAlgorithm, {'implicit': 1, 'optional': True}),
+        ('mac_algorithm', HmacAlgorithm, {'implicit': 2, 'optional': True}),
+    ]
+
+
 class SetOfContentType(SetOf):
     _child_spec = ContentType
 
@@ -139,6 +151,10 @@ class SetOfAny(SetOf):
     _child_spec = Any
 
 
+class SetOfCMSAlgorithmProtection(SetOf):
+    _child_spec = CMSAlgorithmProtection
+
+
 class CMSAttribute(Sequence):
     _fields = [
         ('type', CMSAttributeType),
@@ -176,8 +192,8 @@ class AttCertVersion(Integer):
 
 class AttCertSubject(Choice):
     _alternatives = [
-        ('base_certificate_id', IssuerSerial, {'tag_type': 'explicit', 'tag': 0}),
-        ('subject_name', GeneralNames, {'tag_type': 'explicit', 'tag': 1}),
+        ('base_certificate_id', IssuerSerial, {'explicit': 0}),
+        ('subject_name', GeneralNames, {'explicit': 1}),
     ]
 
 
@@ -229,24 +245,24 @@ class ObjectDigestInfo(Sequence):
 
 class Holder(Sequence):
     _fields = [
-        ('base_certificate_id', IssuerSerial, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
-        ('entity_name', GeneralNames, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
-        ('object_digest_info', ObjectDigestInfo, {'tag_type': 'implicit', 'tag': 2, 'optional': True}),
+        ('base_certificate_id', IssuerSerial, {'implicit': 0, 'optional': True}),
+        ('entity_name', GeneralNames, {'implicit': 1, 'optional': True}),
+        ('object_digest_info', ObjectDigestInfo, {'implicit': 2, 'optional': True}),
     ]
 
 
 class V2Form(Sequence):
     _fields = [
         ('issuer_name', GeneralNames, {'optional': True}),
-        ('base_certificate_id', IssuerSerial, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
-        ('object_digest_info', ObjectDigestInfo, {'tag_type': 'explicit', 'tag': 1, 'optional': True}),
+        ('base_certificate_id', IssuerSerial, {'explicit': 0, 'optional': True}),
+        ('object_digest_info', ObjectDigestInfo, {'explicit': 1, 'optional': True}),
     ]
 
 
 class AttCertIssuer(Choice):
     _alternatives = [
         ('v1_form', GeneralNames),
-        ('v2_form', V2Form, {'tag_type': 'explicit', 'tag': 0}),
+        ('v2_form', V2Form, {'explicit': 0}),
     ]
 
 
@@ -264,7 +280,7 @@ class IetfAttrValues(SequenceOf):
 
 class IetfAttrSyntax(Sequence):
     _fields = [
-        ('policy_authority', GeneralNames, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+        ('policy_authority', GeneralNames, {'implicit': 0, 'optional': True}),
         ('values', IetfAttrValues),
     ]
 
@@ -287,8 +303,8 @@ class SetOfSvceAuthInfo(SetOf):
 
 class RoleSyntax(Sequence):
     _fields = [
-        ('role_authority', GeneralNames, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
-        ('role_name', GeneralName, {'tag_type': 'implicit', 'tag': 1}),
+        ('role_authority', GeneralNames, {'implicit': 0, 'optional': True}),
+        ('role_name', GeneralName, {'implicit': 1}),
     ]
 
 
@@ -309,8 +325,8 @@ class ClassList(BitString):
 
 class SecurityCategory(Sequence):
     _fields = [
-        ('type', ObjectIdentifier, {'tag_type': 'implicit', 'tag': 0}),
-        ('value', Any, {'tag_type': 'implicit', 'tag': 1}),
+        ('type', ObjectIdentifier, {'implicit': 0}),
+        ('value', Any, {'implicit': 1}),
     ]
 
 
@@ -320,9 +336,9 @@ class SetOfSecurityCategory(SetOf):
 
 class Clearance(Sequence):
     _fields = [
-        ('policy_id', ObjectIdentifier, {'tag_type': 'implicit', 'tag': 0}),
-        ('class_list', ClassList, {'tag_type': 'implicit', 'tag': 1, 'default': 'unclassified'}),
-        ('security_categories', SetOfSecurityCategory, {'tag_type': 'implicit', 'tag': 2, 'optional': True}),
+        ('policy_id', ObjectIdentifier, {'implicit': 0}),
+        ('class_list', ClassList, {'implicit': 1, 'default': 'unclassified'}),
+        ('security_categories', SetOfSecurityCategory, {'implicit': 2, 'optional': True}),
     ]
 
 
@@ -366,8 +382,8 @@ class SetOfTimingMetrics(SetOf):
 class TimingPolicy(Sequence):
     _fields = [
         ('policy_id', SequenceOf, {'spec': ObjectIdentifier}),
-        ('max_offset', BigTime, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
-        ('max_delay', BigTime, {'tag_type': 'explicit', 'tag': 1, 'optional': True}),
+        ('max_offset', BigTime, {'explicit': 0, 'optional': True}),
+        ('max_delay', BigTime, {'explicit': 1, 'optional': True}),
     ]
 
 
@@ -452,10 +468,10 @@ class OtherCertificateFormat(Sequence):
 class CertificateChoices(Choice):
     _alternatives = [
         ('certificate', Certificate),
-        ('extended_certificate', ExtendedCertificate, {'tag_type': 'implicit', 'tag': 0}),
-        ('v1_attr_cert', AttributeCertificateV1, {'tag_type': 'implicit', 'tag': 1}),
-        ('v2_attr_cert', AttributeCertificateV2, {'tag_type': 'implicit', 'tag': 2}),
-        ('other', OtherCertificateFormat, {'tag_type': 'implicit', 'tag': 3}),
+        ('extended_certificate', ExtendedCertificate, {'implicit': 0}),
+        ('v1_attr_cert', AttributeCertificateV1, {'implicit': 1}),
+        ('v2_attr_cert', AttributeCertificateV2, {'implicit': 2}),
+        ('other', OtherCertificateFormat, {'implicit': 3}),
     ]
 
     def validate(self, class_, tag, contents):
@@ -491,7 +507,7 @@ class CertificateSet(SetOf):
 class ContentInfo(Sequence):
     _fields = [
         ('content_type', ContentType),
-        ('content', Any, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
+        ('content', Any, {'explicit': 0, 'optional': True}),
     ]
 
     _oid_pair = ('content_type', 'content')
@@ -505,7 +521,7 @@ class SetOfContentInfo(SetOf):
 class EncapsulatedContentInfo(Sequence):
     _fields = [
         ('content_type', ContentType),
-        ('content', ParsableOctetString, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
+        ('content', ParsableOctetString, {'explicit': 0, 'optional': True}),
     ]
 
     _oid_pair = ('content_type', 'content')
@@ -522,7 +538,7 @@ class IssuerAndSerialNumber(Sequence):
 class SignerIdentifier(Choice):
     _alternatives = [
         ('issuer_and_serial_number', IssuerAndSerialNumber),
-        ('subject_key_identifier', OctetString, {'tag_type': 'implicit', 'tag': 0}),
+        ('subject_key_identifier', OctetString, {'implicit': 0}),
     ]
 
 
@@ -536,7 +552,7 @@ class CertificateRevocationLists(SetOf):
 
 class SCVPReqRes(Sequence):
     _fields = [
-        ('request', ContentInfo, {'tag_type': 'explicit', 'tag': 0, 'optional': True}),
+        ('request', ContentInfo, {'explicit': 0, 'optional': True}),
         ('response', ContentInfo),
     ]
 
@@ -564,7 +580,7 @@ class OtherRevocationInfoFormat(Sequence):
 class RevocationInfoChoice(Choice):
     _alternatives = [
         ('crl', CertificateList),
-        ('other', OtherRevocationInfoFormat, {'tag_type': 'implciit', 'tag': 1}),
+        ('other', OtherRevocationInfoFormat, {'implicit': 1}),
     ]
 
 
@@ -577,10 +593,10 @@ class SignerInfo(Sequence):
         ('version', CMSVersion),
         ('sid', SignerIdentifier),
         ('digest_algorithm', DigestAlgorithm),
-        ('signed_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+        ('signed_attrs', CMSAttributes, {'implicit': 0, 'optional': True}),
         ('signature_algorithm', SignedDigestAlgorithm),
         ('signature', OctetString),
-        ('unsigned_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('unsigned_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),
     ]
 
 
@@ -593,8 +609,8 @@ class SignedData(Sequence):
         ('version', CMSVersion),
         ('digest_algorithms', DigestAlgorithms),
         ('encap_content_info', None),
-        ('certificates', CertificateSet, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
-        ('crls', RevocationInfoChoices, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('certificates', CertificateSet, {'implicit': 0, 'optional': True}),
+        ('crls', RevocationInfoChoices, {'implicit': 1, 'optional': True}),
         ('signer_infos', SignerInfos),
     ]
 
@@ -619,15 +635,15 @@ class SignedData(Sequence):
 
 class OriginatorInfo(Sequence):
     _fields = [
-        ('certs', CertificateSet, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
-        ('crls', RevocationInfoChoices, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('certs', CertificateSet, {'implicit': 0, 'optional': True}),
+        ('crls', RevocationInfoChoices, {'implicit': 1, 'optional': True}),
     ]
 
 
 class RecipientIdentifier(Choice):
     _alternatives = [
         ('issuer_and_serial_number', IssuerAndSerialNumber),
-        ('subject_key_identifier', OctetString, {'tag_type': 'implicit', 'tag': 0}),
+        ('subject_key_identifier', OctetString, {'implicit': 0}),
     ]
 
 
@@ -662,8 +678,8 @@ class KeyTransRecipientInfo(Sequence):
 class OriginatorIdentifierOrKey(Choice):
     _alternatives = [
         ('issuer_and_serial_number', IssuerAndSerialNumber),
-        ('subject_key_identifier', OctetString, {'tag_type': 'implicit', 'tag': 0}),
-        ('originator_key', PublicKeyInfo, {'tag_type': 'implicit', 'tag': 1}),
+        ('subject_key_identifier', OctetString, {'implicit': 0}),
+        ('originator_key', PublicKeyInfo, {'implicit': 1}),
     ]
 
 
@@ -685,7 +701,7 @@ class RecipientKeyIdentifier(Sequence):
 class KeyAgreementRecipientIdentifier(Choice):
     _alternatives = [
         ('issuer_and_serial_number', IssuerAndSerialNumber),
-        ('r_key_id', RecipientKeyIdentifier, {'tag_type': 'implicit', 'tag': 0}),
+        ('r_key_id', RecipientKeyIdentifier, {'implicit': 0}),
     ]
 
 
@@ -703,8 +719,8 @@ class RecipientEncryptedKeys(SequenceOf):
 class KeyAgreeRecipientInfo(Sequence):
     _fields = [
         ('version', CMSVersion),
-        ('originator', OriginatorIdentifierOrKey, {'tag_type': 'explicit', 'tag': 0}),
-        ('ukm', OctetString, {'tag_type': 'explicit', 'tag': 1, 'optional': True}),
+        ('originator', OriginatorIdentifierOrKey, {'explicit': 0}),
+        ('ukm', OctetString, {'explicit': 1, 'optional': True}),
         ('key_encryption_algorithm', KeyEncryptionAlgorithm),
         ('recipient_encrypted_keys', RecipientEncryptedKeys),
     ]
@@ -730,7 +746,7 @@ class KEKRecipientInfo(Sequence):
 class PasswordRecipientInfo(Sequence):
     _fields = [
         ('version', CMSVersion),
-        ('key_derivation_algorithm', KdfAlgorithm, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+        ('key_derivation_algorithm', KdfAlgorithm, {'implicit': 0, 'optional': True}),
         ('key_encryption_algorithm', KeyEncryptionAlgorithm),
         ('encrypted_key', OctetString),
     ]
@@ -746,10 +762,10 @@ class OtherRecipientInfo(Sequence):
 class RecipientInfo(Choice):
     _alternatives = [
         ('ktri', KeyTransRecipientInfo),
-        ('kari', KeyAgreeRecipientInfo, {'tag_type': 'implicit', 'tag': 1}),
-        ('kekri', KEKRecipientInfo, {'tag_type': 'implicit', 'tag': 2}),
-        ('pwri', PasswordRecipientInfo, {'tag_type': 'implicit', 'tag': 3}),
-        ('ori', OtherRecipientInfo, {'tag_type': 'implicit', 'tag': 4}),
+        ('kari', KeyAgreeRecipientInfo, {'implicit': 1}),
+        ('kekri', KEKRecipientInfo, {'implicit': 2}),
+        ('pwri', PasswordRecipientInfo, {'implicit': 3}),
+        ('ori', OtherRecipientInfo, {'implicit': 4}),
     ]
 
 
@@ -761,17 +777,17 @@ class EncryptedContentInfo(Sequence):
     _fields = [
         ('content_type', ContentType),
         ('content_encryption_algorithm', EncryptionAlgorithm),
-        ('encrypted_content', OctetString, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+        ('encrypted_content', OctetString, {'implicit': 0, 'optional': True}),
     ]
 
 
 class EnvelopedData(Sequence):
     _fields = [
         ('version', CMSVersion),
-        ('originator_info', OriginatorInfo, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+        ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),
         ('recipient_infos', RecipientInfos),
         ('encrypted_content_info', EncryptedContentInfo),
-        ('unprotected_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('unprotected_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),
     ]
 
 
@@ -781,8 +797,8 @@ class SignedAndEnvelopedData(Sequence):
         ('recipient_infos', RecipientInfos),
         ('digest_algorithms', DigestAlgorithms),
         ('encrypted_content_info', EncryptedContentInfo),
-        ('certificates', CertificateSet, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
-        ('crls', CertificateRevocationLists, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('certificates', CertificateSet, {'implicit': 0, 'optional': True}),
+        ('crls', CertificateRevocationLists, {'implicit': 1, 'optional': True}),
         ('signer_infos', SignerInfos),
     ]
 
@@ -818,35 +834,35 @@ class EncryptedData(Sequence):
     _fields = [
         ('version', CMSVersion),
         ('encrypted_content_info', EncryptedContentInfo),
-        ('unprotected_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('unprotected_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),
     ]
 
 
 class AuthenticatedData(Sequence):
     _fields = [
         ('version', CMSVersion),
-        ('originator_info', OriginatorInfo, {'tag_type': 'implicit', 'tag': 0, 'optional': True}),
+        ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),
         ('recipient_infos', RecipientInfos),
         ('mac_algorithm', HmacAlgorithm),
-        ('digest_algorithm', DigestAlgorithm, {'tag_type': 'implicit', 'tag': 1, 'optional': True}),
+        ('digest_algorithm', DigestAlgorithm, {'implicit': 1, 'optional': True}),
         # This does not require the _spec_callbacks approach of SignedData and
         # DigestedData since AuthenticatedData was not part of PKCS#7
         ('encap_content_info', EncapsulatedContentInfo),
-        ('auth_attrs', CMSAttributes, {'tag_type': 'implicit', 'tag': 2, 'optional': True}),
+        ('auth_attrs', CMSAttributes, {'implicit': 2, 'optional': True}),
... 3612 lines suppressed ...

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/python-modules/packages/asn1crypto.git



More information about the Python-modules-commits mailing list