158 lines
4.4 KiB
Python
158 lines
4.4 KiB
Python
|
#
|
||
|
# This file is part of pyasn1-modules software.
|
||
|
#
|
||
|
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
|
||
|
#
|
||
|
# Copyright (c) 2019, Vigil Security, LLC
|
||
|
# License: http://snmplabs.com/pyasn1/license.html
|
||
|
#
|
||
|
# Elliptic Curve Cryptography (ECC) Algorithms in the CMS
|
||
|
#
|
||
|
# ASN.1 source from:
|
||
|
# https://www.rfc-editor.org/rfc/rfc5753.txt
|
||
|
#
|
||
|
|
||
|
from pyasn1.type import univ, char, namedtype, namedval, tag, constraint, useful
|
||
|
|
||
|
from pyasn1_modules import rfc5280
|
||
|
from pyasn1_modules import rfc5480
|
||
|
from pyasn1_modules import rfc5652
|
||
|
from pyasn1_modules import rfc5751
|
||
|
from pyasn1_modules import rfc8018
|
||
|
|
||
|
|
||
|
# Imports from RFC 5280
|
||
|
|
||
|
AlgorithmIdentifier = rfc5280.AlgorithmIdentifier
|
||
|
|
||
|
|
||
|
# Imports from RFC 5652
|
||
|
|
||
|
OriginatorPublicKey = rfc5652.OriginatorPublicKey
|
||
|
|
||
|
UserKeyingMaterial = rfc5652.UserKeyingMaterial
|
||
|
|
||
|
|
||
|
# Imports from RFC 5480
|
||
|
|
||
|
ECDSA_Sig_Value = rfc5480.ECDSA_Sig_Value
|
||
|
|
||
|
ECParameters = rfc5480.ECParameters
|
||
|
|
||
|
ECPoint = rfc5480.ECPoint
|
||
|
|
||
|
id_ecPublicKey = rfc5480.id_ecPublicKey
|
||
|
|
||
|
|
||
|
# Imports from RFC 8018
|
||
|
|
||
|
id_hmacWithSHA224 = rfc8018.id_hmacWithSHA224
|
||
|
|
||
|
id_hmacWithSHA256 = rfc8018.id_hmacWithSHA256
|
||
|
|
||
|
id_hmacWithSHA384 = rfc8018.id_hmacWithSHA384
|
||
|
|
||
|
id_hmacWithSHA512 = rfc8018.id_hmacWithSHA512
|
||
|
|
||
|
|
||
|
# Object Identifier arcs
|
||
|
|
||
|
x9_63_scheme = univ.ObjectIdentifier('1.3.133.16.840.63.0')
|
||
|
|
||
|
secg_scheme = univ.ObjectIdentifier('1.3.132.1')
|
||
|
|
||
|
|
||
|
# Object Identifiers for the algorithms
|
||
|
|
||
|
dhSinglePass_cofactorDH_sha1kdf_scheme = x9_63_scheme + (3, )
|
||
|
|
||
|
dhSinglePass_cofactorDH_sha224kdf_scheme = secg_scheme + (14, 0, )
|
||
|
|
||
|
dhSinglePass_cofactorDH_sha256kdf_scheme = secg_scheme + (14, 1, )
|
||
|
|
||
|
dhSinglePass_cofactorDH_sha384kdf_scheme = secg_scheme + (14, 2, )
|
||
|
|
||
|
dhSinglePass_cofactorDH_sha512kdf_scheme = secg_scheme + (14, 3, )
|
||
|
|
||
|
dhSinglePass_stdDH_sha1kdf_scheme = x9_63_scheme + (2, )
|
||
|
|
||
|
dhSinglePass_stdDH_sha224kdf_scheme = secg_scheme + (11, 0, )
|
||
|
|
||
|
dhSinglePass_stdDH_sha256kdf_scheme = secg_scheme + (11, 1, )
|
||
|
|
||
|
dhSinglePass_stdDH_sha384kdf_scheme = secg_scheme + (11, 2, )
|
||
|
|
||
|
dhSinglePass_stdDH_sha512kdf_scheme = secg_scheme + (11, 3, )
|
||
|
|
||
|
mqvSinglePass_sha1kdf_scheme = x9_63_scheme + (16, )
|
||
|
|
||
|
mqvSinglePass_sha224kdf_scheme = secg_scheme + (15, 0, )
|
||
|
|
||
|
mqvSinglePass_sha256kdf_scheme = secg_scheme + (15, 1, )
|
||
|
|
||
|
mqvSinglePass_sha384kdf_scheme = secg_scheme + (15, 2, )
|
||
|
|
||
|
mqvSinglePass_sha512kdf_scheme = secg_scheme + (15, 3, )
|
||
|
|
||
|
|
||
|
# Structures for parameters and key derivation
|
||
|
|
||
|
class IV(univ.OctetString):
|
||
|
# Exactly 8 octets
|
||
|
pass
|
||
|
|
||
|
|
||
|
class CBCParameter(IV):
|
||
|
pass
|
||
|
|
||
|
|
||
|
class KeyWrapAlgorithm(AlgorithmIdentifier):
|
||
|
pass
|
||
|
|
||
|
|
||
|
class ECC_CMS_SharedInfo(univ.Sequence):
|
||
|
componentType = namedtype.NamedTypes(
|
||
|
namedtype.NamedType('keyInfo', KeyWrapAlgorithm()),
|
||
|
namedtype.OptionalNamedType('entityUInfo',
|
||
|
univ.OctetString().subtype(explicitTag=tag.Tag(
|
||
|
tag.tagClassContext, tag.tagFormatSimple, 0))),
|
||
|
namedtype.NamedType('suppPubInfo',
|
||
|
univ.OctetString().subtype(explicitTag=tag.Tag(
|
||
|
tag.tagClassContext, tag.tagFormatSimple, 2)))
|
||
|
)
|
||
|
|
||
|
|
||
|
class MQVuserKeyingMaterial(univ.Sequence):
|
||
|
componentType = namedtype.NamedTypes(
|
||
|
namedtype.NamedType('ephemeralPublicKey', OriginatorPublicKey()),
|
||
|
namedtype.OptionalNamedType('addedukm',
|
||
|
UserKeyingMaterial().subtype(explicitTag=tag.Tag(
|
||
|
tag.tagClassContext, tag.tagFormatSimple, 0)))
|
||
|
)
|
||
|
|
||
|
|
||
|
# Update the Algorithm Identifier map in rfc5280.py and
|
||
|
# Update the SMIMECapabilities Attribute Map in rfc5751.py
|
||
|
|
||
|
_algorithmIdentifierMapUpdate = {
|
||
|
dhSinglePass_stdDH_sha1kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_stdDH_sha224kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_stdDH_sha256kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_stdDH_sha384kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_stdDH_sha512kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_cofactorDH_sha1kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_cofactorDH_sha224kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_cofactorDH_sha256kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_cofactorDH_sha384kdf_scheme: KeyWrapAlgorithm(),
|
||
|
dhSinglePass_cofactorDH_sha512kdf_scheme: KeyWrapAlgorithm(),
|
||
|
mqvSinglePass_sha1kdf_scheme: KeyWrapAlgorithm(),
|
||
|
mqvSinglePass_sha224kdf_scheme: KeyWrapAlgorithm(),
|
||
|
mqvSinglePass_sha256kdf_scheme: KeyWrapAlgorithm(),
|
||
|
mqvSinglePass_sha384kdf_scheme: KeyWrapAlgorithm(),
|
||
|
mqvSinglePass_sha512kdf_scheme: KeyWrapAlgorithm(),
|
||
|
}
|
||
|
|
||
|
rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate)
|
||
|
|
||
|
rfc5751.smimeCapabilityMap.update(_algorithmIdentifierMapUpdate)
|