1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
# Modified by Russ Housley to add maps for use with opentypes.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# X.509 Extensions for IP Addresses and AS Identifiers
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3779.txt
#
from pyasn1.type import constraint
from pyasn1.type import namedtype
from pyasn1.type import tag
from pyasn1.type import univ
from pyasn1_modules import rfc5280
# IP Address Delegation Extension
id_pe_ipAddrBlocks = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.7')
class IPAddress(univ.BitString):
pass
class IPAddressRange(univ.Sequence):
pass
IPAddressRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('min', IPAddress()),
namedtype.NamedType('max', IPAddress())
)
class IPAddressOrRange(univ.Choice):
pass
IPAddressOrRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('addressPrefix', IPAddress()),
namedtype.NamedType('addressRange', IPAddressRange())
)
class IPAddressChoice(univ.Choice):
pass
IPAddressChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('inherit', univ.Null()),
namedtype.NamedType('addressesOrRanges', univ.SequenceOf(
componentType=IPAddressOrRange())
)
)
class IPAddressFamily(univ.Sequence):
pass
IPAddressFamily.componentType = namedtype.NamedTypes(
namedtype.NamedType('addressFamily', univ.OctetString().subtype(
subtypeSpec=constraint.ValueSizeConstraint(2, 3))),
namedtype.NamedType('ipAddressChoice', IPAddressChoice())
)
class IPAddrBlocks(univ.SequenceOf):
pass
IPAddrBlocks.componentType = IPAddressFamily()
# Autonomous System Identifier Delegation Extension
id_pe_autonomousSysIds = univ.ObjectIdentifier('1.3.6.1.5.5.7.1.8')
class ASId(univ.Integer):
pass
class ASRange(univ.Sequence):
pass
ASRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('min', ASId()),
namedtype.NamedType('max', ASId())
)
class ASIdOrRange(univ.Choice):
pass
ASIdOrRange.componentType = namedtype.NamedTypes(
namedtype.NamedType('id', ASId()),
namedtype.NamedType('range', ASRange())
)
class ASIdentifierChoice(univ.Choice):
pass
ASIdentifierChoice.componentType = namedtype.NamedTypes(
namedtype.NamedType('inherit', univ.Null()),
namedtype.NamedType('asIdsOrRanges', univ.SequenceOf(
componentType=ASIdOrRange())
)
)
class ASIdentifiers(univ.Sequence):
pass
ASIdentifiers.componentType = namedtype.NamedTypes(
namedtype.OptionalNamedType('asnum', ASIdentifierChoice().subtype(
explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 0))),
namedtype.OptionalNamedType('rdi', ASIdentifierChoice().subtype(
explicitTag=tag.Tag(tag.tagClassContext,
tag.tagFormatConstructed, 1)))
)
# Map of Certificate Extension OIDs to Extensions is added to the
# ones that are in rfc5280.py
_certificateExtensionsMapUpdate = {
id_pe_ipAddrBlocks: IPAddrBlocks(),
id_pe_autonomousSysIds: ASIdentifiers(),
}
rfc5280.certificateExtensionsMap.update(_certificateExtensionsMapUpdate)
|
