alpcentaur
/
basabuuka_prototyp

# coding: utf-8
"""
ASN.1 type classes for cryptographic message syntax (CMS). Structures are alsocompatible with PKCS#7. Exports the following items:
 - AuthenticatedData() - AuthEnvelopedData() - CompressedData() - ContentInfo() - DigestedData() - EncryptedData() - EnvelopedData() - SignedAndEnvelopedData() - SignedData()
Other type classes are defined that help compose the types listed above.
Most CMS structures in the wild are formatted as ContentInfo encapsulating one of the other types."""

from __future__ import unicode_literals, division, absolute_import, print_function
try:    import zlibexcept (ImportError):    zlib = None
from .algos import (    _ForceNullParameters,    DigestAlgorithm,    EncryptionAlgorithm,    HmacAlgorithm,    KdfAlgorithm,    SignedDigestAlgorithm,)from .core import (    Any,    BitString,    Choice,    Enumerated,    GeneralizedTime,    Integer,    ObjectIdentifier,    OctetBitString,    OctetString,    ParsableOctetString,    Sequence,    SequenceOf,    SetOf,    UTCTime,    UTF8String,)from .crl import CertificateListfrom .keys import PublicKeyInfofrom .ocsp import OCSPResponsefrom .x509 import Attributes, Certificate, Extensions, GeneralName, GeneralNames, Name

# These structures are taken from# ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-6.asc
class ExtendedCertificateInfo(Sequence):    _fields = [        ('version', Integer),        ('certificate', Certificate),        ('attributes', Attributes),    ]

class ExtendedCertificate(Sequence):    _fields = [        ('extended_certificate_info', ExtendedCertificateInfo),        ('signature_algorithm', SignedDigestAlgorithm),        ('signature', OctetBitString),    ]

# These structures are taken from https://tools.ietf.org/html/rfc5652,# https://tools.ietf.org/html/rfc5083, http://tools.ietf.org/html/rfc2315,# https://tools.ietf.org/html/rfc5940, https://tools.ietf.org/html/rfc3274,# https://tools.ietf.org/html/rfc3281

class CMSVersion(Integer):    _map = {        0: 'v0',        1: 'v1',        2: 'v2',        3: 'v3',        4: 'v4',        5: 'v5',    }

class CMSAttributeType(ObjectIdentifier):    _map = {        '1.2.840.113549.1.9.3': 'content_type',        '1.2.840.113549.1.9.4': 'message_digest',        '1.2.840.113549.1.9.5': 'signing_time',        '1.2.840.113549.1.9.6': 'counter_signature',        # https://tools.ietf.org/html/rfc3161#page-20        '1.2.840.113549.1.9.16.2.14': 'signature_time_stamp_token',        # https://tools.ietf.org/html/rfc6211#page-5        '1.2.840.113549.1.9.52': 'cms_algorithm_protection',    }

class Time(Choice):    _alternatives = [        ('utc_time', UTCTime),        ('generalized_time', GeneralizedTime),    ]

class ContentType(ObjectIdentifier):    _map = {        '1.2.840.113549.1.7.1': 'data',        '1.2.840.113549.1.7.2': 'signed_data',        '1.2.840.113549.1.7.3': 'enveloped_data',        '1.2.840.113549.1.7.4': 'signed_and_enveloped_data',        '1.2.840.113549.1.7.5': 'digested_data',        '1.2.840.113549.1.7.6': 'encrypted_data',        '1.2.840.113549.1.9.16.1.2': 'authenticated_data',        '1.2.840.113549.1.9.16.1.9': 'compressed_data',        '1.2.840.113549.1.9.16.1.23': 'authenticated_enveloped_data',    }

class CMSAlgorithmProtection(Sequence):    _fields = [        ('digest_algorithm', DigestAlgorithm),        ('signature_algorithm', SignedDigestAlgorithm, {'implicit': 1, 'optional': True}),        ('mac_algorithm', HmacAlgorithm, {'implicit': 2, 'optional': True}),    ]

class SetOfContentType(SetOf):    _child_spec = ContentType

class SetOfOctetString(SetOf):    _child_spec = OctetString

class SetOfTime(SetOf):    _child_spec = Time

class SetOfAny(SetOf):    _child_spec = Any

class SetOfCMSAlgorithmProtection(SetOf):    _child_spec = CMSAlgorithmProtection

class CMSAttribute(Sequence):    _fields = [        ('type', CMSAttributeType),        ('values', None),    ]
    _oid_specs = {}
    def _values_spec(self):        return self._oid_specs.get(self['type'].native, SetOfAny)
    _spec_callbacks = {        'values': _values_spec    }

class CMSAttributes(SetOf):    _child_spec = CMSAttribute

class IssuerSerial(Sequence):    _fields = [        ('issuer', GeneralNames),        ('serial', Integer),        ('issuer_uid', OctetBitString, {'optional': True}),    ]

class AttCertVersion(Integer):    _map = {        0: 'v1',        1: 'v2',    }

class AttCertSubject(Choice):    _alternatives = [        ('base_certificate_id', IssuerSerial, {'explicit': 0}),        ('subject_name', GeneralNames, {'explicit': 1}),    ]

class AttCertValidityPeriod(Sequence):    _fields = [        ('not_before_time', GeneralizedTime),        ('not_after_time', GeneralizedTime),    ]

class AttributeCertificateInfoV1(Sequence):    _fields = [        ('version', AttCertVersion, {'default': 'v1'}),        ('subject', AttCertSubject),        ('issuer', GeneralNames),        ('signature', SignedDigestAlgorithm),        ('serial_number', Integer),        ('att_cert_validity_period', AttCertValidityPeriod),        ('attributes', Attributes),        ('issuer_unique_id', OctetBitString, {'optional': True}),        ('extensions', Extensions, {'optional': True}),    ]

class AttributeCertificateV1(Sequence):    _fields = [        ('ac_info', AttributeCertificateInfoV1),        ('signature_algorithm', SignedDigestAlgorithm),        ('signature', OctetBitString),    ]

class DigestedObjectType(Enumerated):    _map = {        0: 'public_key',        1: 'public_key_cert',        2: 'other_objy_types',    }

class ObjectDigestInfo(Sequence):    _fields = [        ('digested_object_type', DigestedObjectType),        ('other_object_type_id', ObjectIdentifier, {'optional': True}),        ('digest_algorithm', DigestAlgorithm),        ('object_digest', OctetBitString),    ]

class Holder(Sequence):    _fields = [        ('base_certificate_id', IssuerSerial, {'implicit': 0, 'optional': True}),        ('entity_name', GeneralNames, {'implicit': 1, 'optional': True}),        ('object_digest_info', ObjectDigestInfo, {'implicit': 2, 'optional': True}),    ]

class V2Form(Sequence):    _fields = [        ('issuer_name', GeneralNames, {'optional': True}),        ('base_certificate_id', IssuerSerial, {'explicit': 0, 'optional': True}),        ('object_digest_info', ObjectDigestInfo, {'explicit': 1, 'optional': True}),    ]

class AttCertIssuer(Choice):    _alternatives = [        ('v1_form', GeneralNames),        ('v2_form', V2Form, {'explicit': 0}),    ]

class IetfAttrValue(Choice):    _alternatives = [        ('octets', OctetString),        ('oid', ObjectIdentifier),        ('string', UTF8String),    ]

class IetfAttrValues(SequenceOf):    _child_spec = IetfAttrValue

class IetfAttrSyntax(Sequence):    _fields = [        ('policy_authority', GeneralNames, {'implicit': 0, 'optional': True}),        ('values', IetfAttrValues),    ]

class SetOfIetfAttrSyntax(SetOf):    _child_spec = IetfAttrSyntax

class SvceAuthInfo(Sequence):    _fields = [        ('service', GeneralName),        ('ident', GeneralName),        ('auth_info', OctetString, {'optional': True}),    ]

class SetOfSvceAuthInfo(SetOf):    _child_spec = SvceAuthInfo

class RoleSyntax(Sequence):    _fields = [        ('role_authority', GeneralNames, {'implicit': 0, 'optional': True}),        ('role_name', GeneralName, {'implicit': 1}),    ]

class SetOfRoleSyntax(SetOf):    _child_spec = RoleSyntax

class ClassList(BitString):    _map = {        0: 'unmarked',        1: 'unclassified',        2: 'restricted',        3: 'confidential',        4: 'secret',        5: 'top_secret',    }

class SecurityCategory(Sequence):    _fields = [        ('type', ObjectIdentifier, {'implicit': 0}),        ('value', Any, {'implicit': 1}),    ]

class SetOfSecurityCategory(SetOf):    _child_spec = SecurityCategory

class Clearance(Sequence):    _fields = [        ('policy_id', ObjectIdentifier, {'implicit': 0}),        ('class_list', ClassList, {'implicit': 1, 'default': 'unclassified'}),        ('security_categories', SetOfSecurityCategory, {'implicit': 2, 'optional': True}),    ]

class SetOfClearance(SetOf):    _child_spec = Clearance

class BigTime(Sequence):    _fields = [        ('major', Integer),        ('fractional_seconds', Integer),        ('sign', Integer, {'optional': True}),    ]

class LeapData(Sequence):    _fields = [        ('leap_time', BigTime),        ('action', Integer),    ]

class SetOfLeapData(SetOf):    _child_spec = LeapData

class TimingMetrics(Sequence):    _fields = [        ('ntp_time', BigTime),        ('offset', BigTime),        ('delay', BigTime),        ('expiration', BigTime),        ('leap_event', SetOfLeapData, {'optional': True}),    ]

class SetOfTimingMetrics(SetOf):    _child_spec = TimingMetrics

class TimingPolicy(Sequence):    _fields = [        ('policy_id', SequenceOf, {'spec': ObjectIdentifier}),        ('max_offset', BigTime, {'explicit': 0, 'optional': True}),        ('max_delay', BigTime, {'explicit': 1, 'optional': True}),    ]

class SetOfTimingPolicy(SetOf):    _child_spec = TimingPolicy

class AttCertAttributeType(ObjectIdentifier):    _map = {        '1.3.6.1.5.5.7.10.1': 'authentication_info',        '1.3.6.1.5.5.7.10.2': 'access_identity',        '1.3.6.1.5.5.7.10.3': 'charging_identity',        '1.3.6.1.5.5.7.10.4': 'group',        '2.5.4.72': 'role',        '2.5.4.55': 'clearance',        '1.3.6.1.4.1.601.10.4.1': 'timing_metrics',        '1.3.6.1.4.1.601.10.4.2': 'timing_policy',    }

class AttCertAttribute(Sequence):    _fields = [        ('type', AttCertAttributeType),        ('values', None),    ]
    _oid_specs = {        'authentication_info': SetOfSvceAuthInfo,        'access_identity': SetOfSvceAuthInfo,        'charging_identity': SetOfIetfAttrSyntax,        'group': SetOfIetfAttrSyntax,        'role': SetOfRoleSyntax,        'clearance': SetOfClearance,        'timing_metrics': SetOfTimingMetrics,        'timing_policy': SetOfTimingPolicy,    }
    def _values_spec(self):        return self._oid_specs.get(self['type'].native, SetOfAny)
    _spec_callbacks = {        'values': _values_spec    }

class AttCertAttributes(SequenceOf):    _child_spec = AttCertAttribute

class AttributeCertificateInfoV2(Sequence):    _fields = [        ('version', AttCertVersion),        ('holder', Holder),        ('issuer', AttCertIssuer),        ('signature', SignedDigestAlgorithm),        ('serial_number', Integer),        ('att_cert_validity_period', AttCertValidityPeriod),        ('attributes', AttCertAttributes),        ('issuer_unique_id', OctetBitString, {'optional': True}),        ('extensions', Extensions, {'optional': True}),    ]

class AttributeCertificateV2(Sequence):    # Handle the situation where a V2 cert is encoded as V1    _bad_tag = 1
    _fields = [        ('ac_info', AttributeCertificateInfoV2),        ('signature_algorithm', SignedDigestAlgorithm),        ('signature', OctetBitString),    ]

class OtherCertificateFormat(Sequence):    _fields = [        ('other_cert_format', ObjectIdentifier),        ('other_cert', Any),    ]

class CertificateChoices(Choice):    _alternatives = [        ('certificate', Certificate),        ('extended_certificate', ExtendedCertificate, {'implicit': 0}),        ('v1_attr_cert', AttributeCertificateV1, {'implicit': 1}),        ('v2_attr_cert', AttributeCertificateV2, {'implicit': 2}),        ('other', OtherCertificateFormat, {'implicit': 3}),    ]
    def validate(self, class_, tag, contents):        """
        Ensures that the class and tag specified exist as an alternative. This        custom version fixes parsing broken encodings there a V2 attribute        # certificate is encoded as a V1
        :param class_:            The integer class_ from the encoded value header
        :param tag:            The integer tag from the encoded value header
        :param contents:            A byte string of the contents of the value - used when the object            is explicitly tagged
        :raises:            ValueError - when value is not a valid alternative        """

        super(CertificateChoices, self).validate(class_, tag, contents)        if self._choice == 2:            if AttCertVersion.load(Sequence.load(contents)[0].dump()).native == 'v2':                self._choice = 3

class CertificateSet(SetOf):    _child_spec = CertificateChoices

class ContentInfo(Sequence):    _fields = [        ('content_type', ContentType),        ('content', Any, {'explicit': 0, 'optional': True}),    ]
    _oid_pair = ('content_type', 'content')    _oid_specs = {}

class SetOfContentInfo(SetOf):    _child_spec = ContentInfo

class EncapsulatedContentInfo(Sequence):    _fields = [        ('content_type', ContentType),        ('content', ParsableOctetString, {'explicit': 0, 'optional': True}),    ]
    _oid_pair = ('content_type', 'content')    _oid_specs = {}

class IssuerAndSerialNumber(Sequence):    _fields = [        ('issuer', Name),        ('serial_number', Integer),    ]

class SignerIdentifier(Choice):    _alternatives = [        ('issuer_and_serial_number', IssuerAndSerialNumber),        ('subject_key_identifier', OctetString, {'implicit': 0}),    ]

class DigestAlgorithms(SetOf):    _child_spec = DigestAlgorithm

class CertificateRevocationLists(SetOf):    _child_spec = CertificateList

class SCVPReqRes(Sequence):    _fields = [        ('request', ContentInfo, {'explicit': 0, 'optional': True}),        ('response', ContentInfo),    ]

class OtherRevInfoFormatId(ObjectIdentifier):    _map = {        '1.3.6.1.5.5.7.16.2': 'ocsp_response',        '1.3.6.1.5.5.7.16.4': 'scvp',    }

class OtherRevocationInfoFormat(Sequence):    _fields = [        ('other_rev_info_format', OtherRevInfoFormatId),        ('other_rev_info', Any),    ]
    _oid_pair = ('other_rev_info_format', 'other_rev_info')    _oid_specs = {        'ocsp_response': OCSPResponse,        'scvp': SCVPReqRes,    }

class RevocationInfoChoice(Choice):    _alternatives = [        ('crl', CertificateList),        ('other', OtherRevocationInfoFormat, {'implicit': 1}),    ]

class RevocationInfoChoices(SetOf):    _child_spec = RevocationInfoChoice

class SignerInfo(Sequence):    _fields = [        ('version', CMSVersion),        ('sid', SignerIdentifier),        ('digest_algorithm', DigestAlgorithm),        ('signed_attrs', CMSAttributes, {'implicit': 0, 'optional': True}),        ('signature_algorithm', SignedDigestAlgorithm),        ('signature', OctetString),        ('unsigned_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),    ]

class SignerInfos(SetOf):    _child_spec = SignerInfo

class SignedData(Sequence):    _fields = [        ('version', CMSVersion),        ('digest_algorithms', DigestAlgorithms),        ('encap_content_info', None),        ('certificates', CertificateSet, {'implicit': 0, 'optional': True}),        ('crls', RevocationInfoChoices, {'implicit': 1, 'optional': True}),        ('signer_infos', SignerInfos),    ]
    def _encap_content_info_spec(self):        # If the encap_content_info is version v1, then this could be a PKCS#7        # structure, or a CMS structure. CMS wraps the encoded value in an        # Octet String tag.
        # If the version is greater than 1, it is definite CMS        if self['version'].native != 'v1':            return EncapsulatedContentInfo
        # Otherwise, the ContentInfo spec from PKCS#7 will be compatible with        # CMS v1 (which only allows Data, an Octet String) and PKCS#7, which        # allows Any        return ContentInfo
    _spec_callbacks = {        'encap_content_info': _encap_content_info_spec    }

class OriginatorInfo(Sequence):    _fields = [        ('certs', CertificateSet, {'implicit': 0, 'optional': True}),        ('crls', RevocationInfoChoices, {'implicit': 1, 'optional': True}),    ]

class RecipientIdentifier(Choice):    _alternatives = [        ('issuer_and_serial_number', IssuerAndSerialNumber),        ('subject_key_identifier', OctetString, {'implicit': 0}),    ]

class KeyEncryptionAlgorithmId(ObjectIdentifier):    _map = {        '1.2.840.113549.1.1.1': 'rsa',        '2.16.840.1.101.3.4.1.5': 'aes128_wrap',        '2.16.840.1.101.3.4.1.8': 'aes128_wrap_pad',        '2.16.840.1.101.3.4.1.25': 'aes192_wrap',        '2.16.840.1.101.3.4.1.28': 'aes192_wrap_pad',        '2.16.840.1.101.3.4.1.45': 'aes256_wrap',        '2.16.840.1.101.3.4.1.48': 'aes256_wrap_pad',    }

class KeyEncryptionAlgorithm(_ForceNullParameters, Sequence):    _fields = [        ('algorithm', KeyEncryptionAlgorithmId),        ('parameters', Any, {'optional': True}),    ]

class KeyTransRecipientInfo(Sequence):    _fields = [        ('version', CMSVersion),        ('rid', RecipientIdentifier),        ('key_encryption_algorithm', KeyEncryptionAlgorithm),        ('encrypted_key', OctetString),    ]

class OriginatorIdentifierOrKey(Choice):    _alternatives = [        ('issuer_and_serial_number', IssuerAndSerialNumber),        ('subject_key_identifier', OctetString, {'implicit': 0}),        ('originator_key', PublicKeyInfo, {'implicit': 1}),    ]

class OtherKeyAttribute(Sequence):    _fields = [        ('key_attr_id', ObjectIdentifier),        ('key_attr', Any),    ]

class RecipientKeyIdentifier(Sequence):    _fields = [        ('subject_key_identifier', OctetString),        ('date', GeneralizedTime, {'optional': True}),        ('other', OtherKeyAttribute, {'optional': True}),    ]

class KeyAgreementRecipientIdentifier(Choice):    _alternatives = [        ('issuer_and_serial_number', IssuerAndSerialNumber),        ('r_key_id', RecipientKeyIdentifier, {'implicit': 0}),    ]

class RecipientEncryptedKey(Sequence):    _fields = [        ('rid', KeyAgreementRecipientIdentifier),        ('encrypted_key', OctetString),    ]

class RecipientEncryptedKeys(SequenceOf):    _child_spec = RecipientEncryptedKey

class KeyAgreeRecipientInfo(Sequence):    _fields = [        ('version', CMSVersion),        ('originator', OriginatorIdentifierOrKey, {'explicit': 0}),        ('ukm', OctetString, {'explicit': 1, 'optional': True}),        ('key_encryption_algorithm', KeyEncryptionAlgorithm),        ('recipient_encrypted_keys', RecipientEncryptedKeys),    ]

class KEKIdentifier(Sequence):    _fields = [        ('key_identifier', OctetString),        ('date', GeneralizedTime, {'optional': True}),        ('other', OtherKeyAttribute, {'optional': True}),    ]

class KEKRecipientInfo(Sequence):    _fields = [        ('version', CMSVersion),        ('kekid', KEKIdentifier),        ('key_encryption_algorithm', KeyEncryptionAlgorithm),        ('encrypted_key', OctetString),    ]

class PasswordRecipientInfo(Sequence):    _fields = [        ('version', CMSVersion),        ('key_derivation_algorithm', KdfAlgorithm, {'implicit': 0, 'optional': True}),        ('key_encryption_algorithm', KeyEncryptionAlgorithm),        ('encrypted_key', OctetString),    ]

class OtherRecipientInfo(Sequence):    _fields = [        ('ori_type', ObjectIdentifier),        ('ori_value', Any),    ]

class RecipientInfo(Choice):    _alternatives = [        ('ktri', KeyTransRecipientInfo),        ('kari', KeyAgreeRecipientInfo, {'implicit': 1}),        ('kekri', KEKRecipientInfo, {'implicit': 2}),        ('pwri', PasswordRecipientInfo, {'implicit': 3}),        ('ori', OtherRecipientInfo, {'implicit': 4}),    ]

class RecipientInfos(SetOf):    _child_spec = RecipientInfo

class EncryptedContentInfo(Sequence):    _fields = [        ('content_type', ContentType),        ('content_encryption_algorithm', EncryptionAlgorithm),        ('encrypted_content', OctetString, {'implicit': 0, 'optional': True}),    ]

class EnvelopedData(Sequence):    _fields = [        ('version', CMSVersion),        ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),        ('recipient_infos', RecipientInfos),        ('encrypted_content_info', EncryptedContentInfo),        ('unprotected_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),    ]

class SignedAndEnvelopedData(Sequence):    _fields = [        ('version', CMSVersion),        ('recipient_infos', RecipientInfos),        ('digest_algorithms', DigestAlgorithms),        ('encrypted_content_info', EncryptedContentInfo),        ('certificates', CertificateSet, {'implicit': 0, 'optional': True}),        ('crls', CertificateRevocationLists, {'implicit': 1, 'optional': True}),        ('signer_infos', SignerInfos),    ]

class DigestedData(Sequence):    _fields = [        ('version', CMSVersion),        ('digest_algorithm', DigestAlgorithm),        ('encap_content_info', None),        ('digest', OctetString),    ]
    def _encap_content_info_spec(self):        # If the encap_content_info is version v1, then this could be a PKCS#7        # structure, or a CMS structure. CMS wraps the encoded value in an        # Octet String tag.
        # If the version is greater than 1, it is definite CMS        if self['version'].native != 'v1':            return EncapsulatedContentInfo
        # Otherwise, the ContentInfo spec from PKCS#7 will be compatible with        # CMS v1 (which only allows Data, an Octet String) and PKCS#7, which        # allows Any        return ContentInfo
    _spec_callbacks = {        'encap_content_info': _encap_content_info_spec    }

class EncryptedData(Sequence):    _fields = [        ('version', CMSVersion),        ('encrypted_content_info', EncryptedContentInfo),        ('unprotected_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),    ]

class AuthenticatedData(Sequence):    _fields = [        ('version', CMSVersion),        ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),        ('recipient_infos', RecipientInfos),        ('mac_algorithm', HmacAlgorithm),        ('digest_algorithm', DigestAlgorithm, {'implicit': 1, 'optional': True}),        # This does not require the _spec_callbacks approach of SignedData and        # DigestedData since AuthenticatedData was not part of PKCS#7        ('encap_content_info', EncapsulatedContentInfo),        ('auth_attrs', CMSAttributes, {'implicit': 2, 'optional': True}),        ('mac', OctetString),        ('unauth_attrs', CMSAttributes, {'implicit': 3, 'optional': True}),    ]

class AuthEnvelopedData(Sequence):    _fields = [        ('version', CMSVersion),        ('originator_info', OriginatorInfo, {'implicit': 0, 'optional': True}),        ('recipient_infos', RecipientInfos),        ('auth_encrypted_content_info', EncryptedContentInfo),        ('auth_attrs', CMSAttributes, {'implicit': 1, 'optional': True}),        ('mac', OctetString),        ('unauth_attrs', CMSAttributes, {'implicit': 2, 'optional': True}),    ]

class CompressionAlgorithmId(ObjectIdentifier):    _map = {        '1.2.840.113549.1.9.16.3.8': 'zlib',    }

class CompressionAlgorithm(Sequence):    _fields = [        ('algorithm', CompressionAlgorithmId),        ('parameters', Any, {'optional': True}),    ]

class CompressedData(Sequence):    _fields = [        ('version', CMSVersion),        ('compression_algorithm', CompressionAlgorithm),        ('encap_content_info', EncapsulatedContentInfo),    ]
    _decompressed = None
    @property    def decompressed(self):        if self._decompressed is None:            if zlib is None:                raise SystemError('The zlib module is not available')            self._decompressed = zlib.decompress(self['encap_content_info']['content'].native)        return self._decompressed

ContentInfo._oid_specs = {    'data': OctetString,    'signed_data': SignedData,    'enveloped_data': EnvelopedData,    'signed_and_enveloped_data': SignedAndEnvelopedData,    'digested_data': DigestedData,    'encrypted_data': EncryptedData,    'authenticated_data': AuthenticatedData,    'compressed_data': CompressedData,    'authenticated_enveloped_data': AuthEnvelopedData,}

EncapsulatedContentInfo._oid_specs = {    'signed_data': SignedData,    'enveloped_data': EnvelopedData,    'signed_and_enveloped_data': SignedAndEnvelopedData,    'digested_data': DigestedData,    'encrypted_data': EncryptedData,    'authenticated_data': AuthenticatedData,    'compressed_data': CompressedData,    'authenticated_enveloped_data': AuthEnvelopedData,}

CMSAttribute._oid_specs = {    'content_type': SetOfContentType,    'message_digest': SetOfOctetString,    'signing_time': SetOfTime,    'counter_signature': SignerInfos,    'signature_time_stamp_token': SetOfContentInfo,    'cms_algorithm_protection': SetOfCMSAlgorithmProtection,}