Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1325)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/google-endpoints/pyasn1_modules/rfc2560.py

Issue 2666783008: Add google-endpoints to third_party/. (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/google-endpoints/pyasn1_modules/rfc2511.py ('k') | third_party/google-endpoints/pyasn1_modules/rfc3412.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 #
2 # OCSP request/response syntax
3 #
4 # Derived from a minimal OCSP library (RFC2560) code written by
5 # Bud P. Bruegger <bud@ancitel.it>
6 # Copyright: Ancitel, S.p.a, Rome, Italy
7 # License: BSD
8 #
9
10 #
11 # current limitations:
12 # * request and response works only for a single certificate
13 # * only some values are parsed out of the response
14 # * the request does't set a nonce nor signature
15 # * there is no signature validation of the response
16 # * dates are left as strings in GeneralizedTime format -- datetime.datetime
17 # would be nicer
18 #
19 from pyasn1.type import tag, namedtype, namedval, univ, constraint, useful
20 from pyasn1_modules import rfc2459
21
22 # Start of OCSP module definitions
23
24 # This should be in directory Authentication Framework (X.509) module
25
26 class CRLReason(univ.Enumerated):
27 namedValues = namedval.NamedValues(
28 ('unspecified', 0),
29 ('keyCompromise', 1),
30 ('cACompromise', 2),
31 ('affiliationChanged', 3),
32 ('superseded', 4),
33 ('cessationOfOperation', 5),
34 ('certificateHold', 6),
35 ('removeFromCRL', 8),
36 ('privilegeWithdrawn', 9),
37 ('aACompromise', 10)
38 )
39
40 # end of directory Authentication Framework (X.509) module
41
42 # This should be in PKIX Certificate Extensions module
43
44 class GeneralName(univ.OctetString): pass
45
46 # end of PKIX Certificate Extensions module
47
48 id_kp_OCSPSigning = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 3, 9))
49 id_pkix_ocsp = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1))
50 id_pkix_ocsp_basic = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 1))
51 id_pkix_ocsp_nonce = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 2))
52 id_pkix_ocsp_crl = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 3))
53 id_pkix_ocsp_response = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 4))
54 id_pkix_ocsp_nocheck = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 5))
55 id_pkix_ocsp_archive_cutoff = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1, 6))
56 id_pkix_ocsp_service_locator = univ.ObjectIdentifier((1, 3, 6, 1, 5, 5, 7, 48, 1 , 7))
57
58 class AcceptableResponses(univ.SequenceOf):
59 componentType = univ.ObjectIdentifier()
60
61 class ArchiveCutoff(useful.GeneralizedTime): pass
62
63 class UnknownInfo(univ.Null): pass
64
65 class RevokedInfo(univ.Sequence):
66 componentType = namedtype.NamedTypes(
67 namedtype.NamedType('revocationTime', useful.GeneralizedTime()),
68 namedtype.OptionalNamedType('revocationReason', CRLReason().subtype(expl icitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
69 )
70
71 class CertID(univ.Sequence):
72 componentType = namedtype.NamedTypes(
73 namedtype.NamedType('hashAlgorithm', rfc2459.AlgorithmIdentifier()),
74 namedtype.NamedType('issuerNameHash', univ.OctetString()),
75 namedtype.NamedType('issuerKeyHash', univ.OctetString()),
76 namedtype.NamedType('serialNumber', rfc2459.CertificateSerialNumber())
77 )
78
79 class CertStatus(univ.Choice):
80 componentType = namedtype.NamedTypes(
81 namedtype.NamedType('good', univ.Null().subtype(implicitTag=tag.Tag(tag. tagClassContext, tag.tagFormatSimple, 0))),
82 namedtype.NamedType('revoked', RevokedInfo().subtype(implicitTag=tag.Tag (tag.tagClassContext, tag.tagFormatSimple, 1))),
83 namedtype.NamedType('unknown', UnknownInfo().subtype(implicitTag=tag.Tag (tag.tagClassContext, tag.tagFormatSimple, 2)))
84 )
85
86 class SingleResponse(univ.Sequence):
87 componentType = namedtype.NamedTypes(
88 namedtype.NamedType('certID', CertID()),
89 namedtype.NamedType('certStatus', CertStatus()),
90 namedtype.NamedType('thisUpdate', useful.GeneralizedTime()),
91 namedtype.OptionalNamedType('nextUpdate', useful.GeneralizedTime().subty pe(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
92 namedtype.OptionalNamedType('singleExtensions', rfc2459.Extensions().sub type(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
93 )
94
95 class KeyHash(univ.OctetString): pass
96
97 class ResponderID(univ.Choice):
98 componentType = namedtype.NamedTypes(
99 namedtype.NamedType('byName', rfc2459.Name().subtype(implicitTag=tag.Tag (tag.tagClassContext, tag.tagFormatSimple, 1))),
100 namedtype.NamedType('byKey', KeyHash().subtype(implicitTag=tag.Tag(tag.t agClassContext, tag.tagFormatSimple, 2)))
101 )
102
103 class Version(univ.Integer):
104 namedValues = namedval.NamedValues(('v1', 0))
105
106 class ResponseData(univ.Sequence):
107 componentType = namedtype.NamedTypes(
108 namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTa g=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
109 namedtype.NamedType('responderID', ResponderID()),
110 namedtype.NamedType('producedAt', useful.GeneralizedTime()),
111 namedtype.NamedType('responses', univ.SequenceOf(SingleResponse())),
112 namedtype.OptionalNamedType('responseExtensions', rfc2459.Extensions().s ubtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
113 )
114
115 class BasicOCSPResponse(univ.Sequence):
116 componentType = namedtype.NamedTypes(
117 namedtype.NamedType('tbsResponseData', ResponseData()),
118 namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()) ,
119 namedtype.NamedType('signature', univ.BitString()),
120 namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate ()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
121 )
122
123 class ResponseBytes(univ.Sequence):
124 componentType = namedtype.NamedTypes(
125 namedtype.NamedType('responseType', univ.ObjectIdentifier()),
126 namedtype.NamedType('response', univ.OctetString())
127 )
128
129 class OCSPResponseStatus(univ.Enumerated):
130 namedValues = namedval.NamedValues(
131 ('successful', 0),
132 ('malformedRequest', 1),
133 ('internalError', 2),
134 ('tryLater', 3),
135 ('undefinedStatus', 4), # should never occur
136 ('sigRequired', 5),
137 ('unauthorized', 6)
138 )
139
140 class OCSPResponse(univ.Sequence):
141 componentType = namedtype.NamedTypes(
142 namedtype.NamedType('responseStatus', OCSPResponseStatus()),
143 namedtype.OptionalNamedType('responseBytes', ResponseBytes().subtype(exp licitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
144 )
145
146 class Request(univ.Sequence):
147 componentType = namedtype.NamedTypes(
148 namedtype.NamedType('reqCert', CertID()),
149 namedtype.OptionalNamedType('singleRequestExtensions', rfc2459.Extension s().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
150 )
151
152 class Signature(univ.Sequence):
153 componentType = namedtype.NamedTypes(
154 namedtype.NamedType('signatureAlgorithm', rfc2459.AlgorithmIdentifier()) ,
155 namedtype.NamedType('signature', univ.BitString()),
156 namedtype.OptionalNamedType('certs', univ.SequenceOf(rfc2459.Certificate ()).subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
157 )
158
159 class TBSRequest(univ.Sequence):
160 componentType = namedtype.NamedTypes(
161 namedtype.DefaultedNamedType('version', Version('v1').subtype(explicitTa g=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
162 namedtype.OptionalNamedType('requestorName', GeneralName().subtype(expli citTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
163 namedtype.NamedType('requestList', univ.SequenceOf(Request())),
164 namedtype.OptionalNamedType('requestExtensions', rfc2459.Extensions().su btype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2)))
165 )
166
167 class OCSPRequest(univ.Sequence):
168 componentType = namedtype.NamedTypes(
169 namedtype.NamedType('tbsRequest', TBSRequest()),
170 namedtype.OptionalNamedType('optionalSignature', Signature().subtype(exp licitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
171 )
OLDNEW
« no previous file with comments | « third_party/google-endpoints/pyasn1_modules/rfc2511.py ('k') | third_party/google-endpoints/pyasn1_modules/rfc3412.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698