alpcentaur
/
basabuuka_prototyp
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
10 Commits
1 Branch
4.1 GiB
Tree: 9ed0e1f6e7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9ed0e1f6e7'
${ noResults }
basabuuka_prototyp/venv/lib/python3.5/site-packages/asn1crypto/pkcs12.py

193 lines
4.5 KiB
Raw Normal View History

initial commit
4 years ago
 
  1. # coding: utf-8
  2. 

  3. """

  4. ASN.1 type classes for PKCS#12 files. Exports the following items:
  5. 

  6.  - CertBag()
  7.  - CrlBag()
  8.  - Pfx()
  9.  - SafeBag()
  10.  - SecretBag()
  11. 

  12. Other type classes are defined that help compose the types listed above.
  13. """

  14. 

  15. from __future__ import unicode_literals, division, absolute_import, print_function
  16. 

  17. from .algos import DigestInfo
  18. from .cms import ContentInfo, SignedData
  19. from .core import (
  20.     Any,
  21.     BMPString,
  22.     Integer,
  23.     ObjectIdentifier,
  24.     OctetString,
  25.     ParsableOctetString,
  26.     Sequence,
  27.     SequenceOf,
  28.     SetOf,
  29. )
  30. from .keys import PrivateKeyInfo, EncryptedPrivateKeyInfo
  31. from .x509 import Certificate, KeyPurposeId
  32. 

  33. 

  34. # The structures in this file are taken from https://tools.ietf.org/html/rfc7292
  35. 

  36. class MacData(Sequence):
  37.     _fields = [
  38.         ('mac', DigestInfo),
  39.         ('mac_salt', OctetString),
  40.         ('iterations', Integer, {'default': 1}),
  41.     ]
  42. 

  43. 

  44. class Version(Integer):
  45.     _map = {
  46.         3: 'v3'
  47.     }
  48. 

  49. 

  50. class AttributeType(ObjectIdentifier):
  51.     _map = {
  52.         # https://tools.ietf.org/html/rfc2985#page-18
  53.         '1.2.840.113549.1.9.20': 'friendly_name',
  54.         '1.2.840.113549.1.9.21': 'local_key_id',
  55.         # https://support.microsoft.com/en-us/kb/287547
  56.         '1.3.6.1.4.1.311.17.1': 'microsoft_local_machine_keyset',
  57.         # https://github.com/frohoff/jdk8u-dev-jdk/blob/master/src/share/classes/sun/security/pkcs12/PKCS12KeyStore.java
  58.         # this is a set of OIDs, representing key usage, the usual value is a SET of one element OID 2.5.29.37.0
  59.         '2.16.840.1.113894.746875.1.1': 'trusted_key_usage',
  60.     }
  61. 

  62. 

  63. class SetOfAny(SetOf):
  64.     _child_spec = Any
  65. 

  66. 

  67. class SetOfBMPString(SetOf):
  68.     _child_spec = BMPString
  69. 

  70. 

  71. class SetOfOctetString(SetOf):
  72.     _child_spec = OctetString
  73. 

  74. 

  75. class SetOfKeyPurposeId(SetOf):
  76.     _child_spec = KeyPurposeId
  77. 

  78. 

  79. class Attribute(Sequence):
  80.     _fields = [
  81.         ('type', AttributeType),
  82.         ('values', None),
  83.     ]
  84. 

  85.     _oid_specs = {
  86.         'friendly_name': SetOfBMPString,
  87.         'local_key_id': SetOfOctetString,
  88.         'microsoft_csp_name': SetOfBMPString,
  89.         'trusted_key_usage': SetOfKeyPurposeId,
  90.     }
  91. 

  92.     def _values_spec(self):
  93.         return self._oid_specs.get(self['type'].native, SetOfAny)
  94. 

  95.     _spec_callbacks = {
  96.         'values': _values_spec
  97.     }
  98. 

  99. 

  100. class Attributes(SetOf):
  101.     _child_spec = Attribute
  102. 

  103. 

  104. class Pfx(Sequence):
  105.     _fields = [
  106.         ('version', Version),
  107.         ('auth_safe', ContentInfo),
  108.         ('mac_data', MacData, {'optional': True})
  109.     ]
  110. 

  111.     _authenticated_safe = None
  112. 

  113.     @property
  114.     def authenticated_safe(self):
  115.         if self._authenticated_safe is None:
  116.             content = self['auth_safe']['content']
  117.             if isinstance(content, SignedData):
  118.                 content = content['content_info']['content']
  119.             self._authenticated_safe = AuthenticatedSafe.load(content.native)
  120.         return self._authenticated_safe
  121. 

  122. 

  123. class AuthenticatedSafe(SequenceOf):
  124.     _child_spec = ContentInfo
  125. 

  126. 

  127. class BagId(ObjectIdentifier):
  128.     _map = {
  129.         '1.2.840.113549.1.12.10.1.1': 'key_bag',
  130.         '1.2.840.113549.1.12.10.1.2': 'pkcs8_shrouded_key_bag',
  131.         '1.2.840.113549.1.12.10.1.3': 'cert_bag',
  132.         '1.2.840.113549.1.12.10.1.4': 'crl_bag',
  133.         '1.2.840.113549.1.12.10.1.5': 'secret_bag',
  134.         '1.2.840.113549.1.12.10.1.6': 'safe_contents',
  135.     }
  136. 

  137. 

  138. class CertId(ObjectIdentifier):
  139.     _map = {
  140.         '1.2.840.113549.1.9.22.1': 'x509',
  141.         '1.2.840.113549.1.9.22.2': 'sdsi',
  142.     }
  143. 

  144. 

  145. class CertBag(Sequence):
  146.     _fields = [
  147.         ('cert_id', CertId),
  148.         ('cert_value', ParsableOctetString, {'explicit': 0}),
  149.     ]
  150. 

  151.     _oid_pair = ('cert_id', 'cert_value')
  152.     _oid_specs = {
  153.         'x509': Certificate,
  154.     }
  155. 

  156. 

  157. class CrlBag(Sequence):
  158.     _fields = [
  159.         ('crl_id', ObjectIdentifier),
  160.         ('crl_value', OctetString, {'explicit': 0}),
  161.     ]
  162. 

  163. 

  164. class SecretBag(Sequence):
  165.     _fields = [
  166.         ('secret_type_id', ObjectIdentifier),
  167.         ('secret_value', OctetString, {'explicit': 0}),
  168.     ]
  169. 

  170. 

  171. class SafeContents(SequenceOf):
  172.     pass
  173. 

  174. 

  175. class SafeBag(Sequence):
  176.     _fields = [
  177.         ('bag_id', BagId),
  178.         ('bag_value', Any, {'explicit': 0}),
  179.         ('bag_attributes', Attributes, {'optional': True}),
  180.     ]
  181. 

  182.     _oid_pair = ('bag_id', 'bag_value')
  183.     _oid_specs = {
  184.         'key_bag': PrivateKeyInfo,
  185.         'pkcs8_shrouded_key_bag': EncryptedPrivateKeyInfo,
  186.         'cert_bag': CertBag,
  187.         'crl_bag': CrlBag,
  188.         'secret_bag': SecretBag,
  189.         'safe_contents': SafeContents
  190.     }
  191. 

  192. 

  193. SafeContents._child_spec = SafeBag