1# 2# This file is part of pyasn1-modules software. 3# 4# Created by Russ Housley. 5# 6# Copyright (c) 2019, Vigil Security, LLC 7# License: http://snmplabs.com/pyasn1/license.html 8# 9# PKCS #1: RSA Cryptography Specifications Version 2.2 10# 11# ASN.1 source from: 12# https://www.rfc-editor.org/rfc/rfc8017.txt 13# 14 15from pyasn1.type import constraint 16from pyasn1.type import namedtype 17from pyasn1.type import namedval 18from pyasn1.type import univ 19 20from pyasn1_modules import rfc2437 21from pyasn1_modules import rfc3447 22from pyasn1_modules import rfc4055 23from pyasn1_modules import rfc5280 24 25MAX = float('inf') 26 27 28# Import Algorithm Identifier from RFC 5280 29 30AlgorithmIdentifier = rfc5280.AlgorithmIdentifier 31 32class DigestAlgorithm(AlgorithmIdentifier): 33 pass 34 35class HashAlgorithm(AlgorithmIdentifier): 36 pass 37 38class MaskGenAlgorithm(AlgorithmIdentifier): 39 pass 40 41class PSourceAlgorithm(AlgorithmIdentifier): 42 pass 43 44 45# Object identifiers from NIST SHA2 46 47hashAlgs = univ.ObjectIdentifier('2.16.840.1.101.3.4.2') 48id_sha256 = rfc4055.id_sha256 49id_sha384 = rfc4055.id_sha384 50id_sha512 = rfc4055.id_sha512 51id_sha224 = rfc4055.id_sha224 52id_sha512_224 = hashAlgs + (5, ) 53id_sha512_256 = hashAlgs + (6, ) 54 55 56# Basic object identifiers 57 58pkcs_1 = univ.ObjectIdentifier('1.2.840.113549.1.1') 59rsaEncryption = rfc2437.rsaEncryption 60id_RSAES_OAEP = rfc2437.id_RSAES_OAEP 61id_pSpecified = rfc2437.id_pSpecified 62id_RSASSA_PSS = rfc4055.id_RSASSA_PSS 63md2WithRSAEncryption = rfc2437.md2WithRSAEncryption 64md5WithRSAEncryption = rfc2437.md5WithRSAEncryption 65sha1WithRSAEncryption = rfc2437.sha1WithRSAEncryption 66sha224WithRSAEncryption = rfc4055.sha224WithRSAEncryption 67sha256WithRSAEncryption = rfc4055.sha256WithRSAEncryption 68sha384WithRSAEncryption = rfc4055.sha384WithRSAEncryption 69sha512WithRSAEncryption = rfc4055.sha512WithRSAEncryption 70sha512_224WithRSAEncryption = pkcs_1 + (15, ) 71sha512_256WithRSAEncryption = pkcs_1 + (16, ) 72id_sha1 = rfc2437.id_sha1 73id_md2 = univ.ObjectIdentifier('1.2.840.113549.2.2') 74id_md5 = univ.ObjectIdentifier('1.2.840.113549.2.5') 75id_mgf1 = rfc2437.id_mgf1 76 77 78# Default parameter values 79 80sha1 = rfc4055.sha1Identifier 81SHA1Parameters = univ.Null("") 82 83mgf1SHA1 = rfc4055.mgf1SHA1Identifier 84 85class EncodingParameters(univ.OctetString): 86 subtypeSpec = constraint.ValueSizeConstraint(0, MAX) 87 88pSpecifiedEmpty = rfc4055.pSpecifiedEmptyIdentifier 89 90emptyString = EncodingParameters(value='') 91 92 93# Main structures 94 95class Version(univ.Integer): 96 namedValues = namedval.NamedValues( 97 ('two-prime', 0), 98 ('multi', 1) 99 ) 100 101class TrailerField(univ.Integer): 102 namedValues = namedval.NamedValues( 103 ('trailerFieldBC', 1) 104 ) 105 106RSAPublicKey = rfc2437.RSAPublicKey 107 108OtherPrimeInfo = rfc3447.OtherPrimeInfo 109OtherPrimeInfos = rfc3447.OtherPrimeInfos 110RSAPrivateKey = rfc3447.RSAPrivateKey 111 112RSAES_OAEP_params = rfc4055.RSAES_OAEP_params 113rSAES_OAEP_Default_Identifier = rfc4055.rSAES_OAEP_Default_Identifier 114 115RSASSA_PSS_params = rfc4055.RSASSA_PSS_params 116rSASSA_PSS_Default_Identifier = rfc4055.rSASSA_PSS_Default_Identifier 117 118 119# Syntax for the EMSA-PKCS1-v1_5 hash identifier 120 121class DigestInfo(univ.Sequence): 122 componentType = namedtype.NamedTypes( 123 namedtype.NamedType('digestAlgorithm', DigestAlgorithm()), 124 namedtype.NamedType('digest', univ.OctetString()) 125 ) 126 127 128# Update the Algorithm Identifier map 129 130_algorithmIdentifierMapUpdate = { 131 id_sha1: univ.Null(), 132 id_sha224: univ.Null(), 133 id_sha256: univ.Null(), 134 id_sha384: univ.Null(), 135 id_sha512: univ.Null(), 136 id_sha512_224: univ.Null(), 137 id_sha512_256: univ.Null(), 138 id_mgf1: AlgorithmIdentifier(), 139 id_pSpecified: univ.OctetString(), 140 id_RSAES_OAEP: RSAES_OAEP_params(), 141 id_RSASSA_PSS: RSASSA_PSS_params(), 142 md2WithRSAEncryption: univ.Null(), 143 md5WithRSAEncryption: univ.Null(), 144 sha1WithRSAEncryption: univ.Null(), 145 sha224WithRSAEncryption: univ.Null(), 146 sha256WithRSAEncryption: univ.Null(), 147 sha384WithRSAEncryption: univ.Null(), 148 sha512WithRSAEncryption: univ.Null(), 149 sha512_224WithRSAEncryption: univ.Null(), 150 sha512_256WithRSAEncryption: univ.Null(), 151} 152 153rfc5280.algorithmIdentifierMap.update(_algorithmIdentifierMapUpdate) 154