Home | History | Annotate | Download | only in pyasn1_modules 
      1 # coding: utf-8
      2 #
      3 # This file is part of pyasn1-modules software.
      4 #
      5 # Created by Stanisaw Pitucha with asn1ate tool.
      6 # Copyright (c) 2005-2017, Ilya Etingof <etingof (at] gmail.com>
      7 # License: http://pyasn1.sf.net/license.html
      8 #
      9 # Cryptographic Message Syntax (CMS)
     10 #
     11 # ASN.1 source from:
     12 # http://www.ietf.org/rfc/rfc3852.txt
     13 #
     14 from pyasn1.type import constraint
     15 from pyasn1.type import namedtype
     16 from pyasn1.type import namedval
     17 from pyasn1.type import tag
     18 from pyasn1.type import univ
     19 from pyasn1.type import useful
     20 
     21 from pyasn1_modules import rfc3280
     22 from pyasn1_modules import rfc3281
     23 
     24 MAX = float('inf')
     25 
     26 
     27 def _buildOid(*components):
     28     output = []
     29     for x in tuple(components):
     30         if isinstance(x, univ.ObjectIdentifier):
     31             output.extend(list(x))
     32         else:
     33             output.append(int(x))
     34 
     35     return univ.ObjectIdentifier(output)
     36 
     37 
     38 class AttributeValue(univ.Any):
     39     pass
     40 
     41 
     42 class Attribute(univ.Sequence):
     43     pass
     44 
     45 
     46 Attribute.componentType = namedtype.NamedTypes(
     47     namedtype.NamedType('attrType', univ.ObjectIdentifier()),
     48     namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()))
     49 )
     50 
     51 
     52 class SignedAttributes(univ.SetOf):
     53     pass
     54 
     55 
     56 SignedAttributes.componentType = Attribute()
     57 SignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
     58 
     59 
     60 class OtherRevocationInfoFormat(univ.Sequence):
     61     pass
     62 
     63 
     64 OtherRevocationInfoFormat.componentType = namedtype.NamedTypes(
     65     namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()),
     66     namedtype.NamedType('otherRevInfo', univ.Any())
     67 )
     68 
     69 
     70 class RevocationInfoChoice(univ.Choice):
     71     pass
     72 
     73 
     74 RevocationInfoChoice.componentType = namedtype.NamedTypes(
     75     namedtype.NamedType('crl', rfc3280.CertificateList()),
     76     namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(
     77         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
     78 )
     79 
     80 
     81 class RevocationInfoChoices(univ.SetOf):
     82     pass
     83 
     84 
     85 RevocationInfoChoices.componentType = RevocationInfoChoice()
     86 
     87 
     88 class OtherKeyAttribute(univ.Sequence):
     89     pass
     90 
     91 
     92 OtherKeyAttribute.componentType = namedtype.NamedTypes(
     93     namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()),
     94     namedtype.OptionalNamedType('keyAttr', univ.Any())
     95 )
     96 
     97 id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2)
     98 
     99 
    100 class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
    101     pass
    102 
    103 
    104 class EncryptedKey(univ.OctetString):
    105     pass
    106 
    107 
    108 class CMSVersion(univ.Integer):
    109     pass
    110 
    111 
    112 CMSVersion.namedValues = namedval.NamedValues(
    113     ('v0', 0),
    114     ('v1', 1),
    115     ('v2', 2),
    116     ('v3', 3),
    117     ('v4', 4),
    118     ('v5', 5)
    119 )
    120 
    121 
    122 class KEKIdentifier(univ.Sequence):
    123     pass
    124 
    125 
    126 KEKIdentifier.componentType = namedtype.NamedTypes(
    127     namedtype.NamedType('keyIdentifier', univ.OctetString()),
    128     namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
    129     namedtype.OptionalNamedType('other', OtherKeyAttribute())
    130 )
    131 
    132 
    133 class KEKRecipientInfo(univ.Sequence):
    134     pass
    135 
    136 
    137 KEKRecipientInfo.componentType = namedtype.NamedTypes(
    138     namedtype.NamedType('version', CMSVersion()),
    139     namedtype.NamedType('kekid', KEKIdentifier()),
    140     namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
    141     namedtype.NamedType('encryptedKey', EncryptedKey())
    142 )
    143 
    144 
    145 class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
    146     pass
    147 
    148 
    149 class PasswordRecipientInfo(univ.Sequence):
    150     pass
    151 
    152 
    153 PasswordRecipientInfo.componentType = namedtype.NamedTypes(
    154     namedtype.NamedType('version', CMSVersion()),
    155     namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(
    156         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
    157     namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
    158     namedtype.NamedType('encryptedKey', EncryptedKey())
    159 )
    160 
    161 
    162 class OtherRecipientInfo(univ.Sequence):
    163     pass
    164 
    165 
    166 OtherRecipientInfo.componentType = namedtype.NamedTypes(
    167     namedtype.NamedType('oriType', univ.ObjectIdentifier()),
    168     namedtype.NamedType('oriValue', univ.Any())
    169 )
    170 
    171 
    172 class IssuerAndSerialNumber(univ.Sequence):
    173     pass
    174 
    175 
    176 IssuerAndSerialNumber.componentType = namedtype.NamedTypes(
    177     namedtype.NamedType('issuer', rfc3280.Name()),
    178     namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber())
    179 )
    180 
    181 
    182 class SubjectKeyIdentifier(univ.OctetString):
    183     pass
    184 
    185 
    186 class RecipientKeyIdentifier(univ.Sequence):
    187     pass
    188 
    189 
    190 RecipientKeyIdentifier.componentType = namedtype.NamedTypes(
    191     namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()),
    192     namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
    193     namedtype.OptionalNamedType('other', OtherKeyAttribute())
    194 )
    195 
    196 
    197 class KeyAgreeRecipientIdentifier(univ.Choice):
    198     pass
    199 
    200 
    201 KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes(
    202     namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
    203     namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(
    204         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
    205 )
    206 
    207 
    208 class RecipientEncryptedKey(univ.Sequence):
    209     pass
    210 
    211 
    212 RecipientEncryptedKey.componentType = namedtype.NamedTypes(
    213     namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()),
    214     namedtype.NamedType('encryptedKey', EncryptedKey())
    215 )
    216 
    217 
    218 class RecipientEncryptedKeys(univ.SequenceOf):
    219     pass
    220 
    221 
    222 RecipientEncryptedKeys.componentType = RecipientEncryptedKey()
    223 
    224 
    225 class UserKeyingMaterial(univ.OctetString):
    226     pass
    227 
    228 
    229 class OriginatorPublicKey(univ.Sequence):
    230     pass
    231 
    232 
    233 OriginatorPublicKey.componentType = namedtype.NamedTypes(
    234     namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()),
    235     namedtype.NamedType('publicKey', univ.BitString())
    236 )
    237 
    238 
    239 class OriginatorIdentifierOrKey(univ.Choice):
    240     pass
    241 
    242 
    243 OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes(
    244     namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
    245     namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
    246         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
    247     namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(
    248         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
    249 )
    250 
    251 
    252 class KeyAgreeRecipientInfo(univ.Sequence):
    253     pass
    254 
    255 
    256 KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes(
    257     namedtype.NamedType('version', CMSVersion()),
    258     namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(
    259         explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
    260     namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(
    261         explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
    262     namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
    263     namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys())
    264 )
    265 
    266 
    267 class RecipientIdentifier(univ.Choice):
    268     pass
    269 
    270 
    271 RecipientIdentifier.componentType = namedtype.NamedTypes(
    272     namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
    273     namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
    274         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
    275 )
    276 
    277 
    278 class KeyTransRecipientInfo(univ.Sequence):
    279     pass
    280 
    281 
    282 KeyTransRecipientInfo.componentType = namedtype.NamedTypes(
    283     namedtype.NamedType('version', CMSVersion()),
    284     namedtype.NamedType('rid', RecipientIdentifier()),
    285     namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
    286     namedtype.NamedType('encryptedKey', EncryptedKey())
    287 )
    288 
    289 
    290 class RecipientInfo(univ.Choice):
    291     pass
    292 
    293 
    294 RecipientInfo.componentType = namedtype.NamedTypes(
    295     namedtype.NamedType('ktri', KeyTransRecipientInfo()),
    296     namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(
    297         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
    298     namedtype.NamedType('kekri', KEKRecipientInfo().subtype(
    299         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
    300     namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(
    301         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
    302     namedtype.NamedType('ori', OtherRecipientInfo().subtype(
    303         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)))
    304 )
    305 
    306 
    307 class RecipientInfos(univ.SetOf):
    308     pass
    309 
    310 
    311 RecipientInfos.componentType = RecipientInfo()
    312 RecipientInfos.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
    313 
    314 
    315 class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
    316     pass
    317 
    318 
    319 class Signature(univ.BitString):
    320     pass
    321 
    322 
    323 class SignerIdentifier(univ.Choice):
    324     pass
    325 
    326 
    327 SignerIdentifier.componentType = namedtype.NamedTypes(
    328     namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
    329     namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
    330         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
    331 )
    332 
    333 
    334 class UnprotectedAttributes(univ.SetOf):
    335     pass
    336 
    337 
    338 UnprotectedAttributes.componentType = Attribute()
    339 UnprotectedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
    340 
    341 
    342 class ContentType(univ.ObjectIdentifier):
    343     pass
    344 
    345 
    346 class EncryptedContent(univ.OctetString):
    347     pass
    348 
    349 
    350 class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
    351     pass
    352 
    353 
    354 class EncryptedContentInfo(univ.Sequence):
    355     pass
    356 
    357 
    358 EncryptedContentInfo.componentType = namedtype.NamedTypes(
    359     namedtype.NamedType('contentType', ContentType()),
    360     namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
    361     namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
    362         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
    363 )
    364 
    365 
    366 class EncryptedData(univ.Sequence):
    367     pass
    368 
    369 
    370 EncryptedData.componentType = namedtype.NamedTypes(
    371     namedtype.NamedType('version', CMSVersion()),
    372     namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
    373     namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
    374         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
    375 )
    376 
    377 id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3)
    378 
    379 id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1)
    380 
    381 id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4)
    382 
    383 
    384 class DigestAlgorithmIdentifiers(univ.SetOf):
    385     pass
    386 
    387 
    388 DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier()
    389 
    390 
    391 class EncapsulatedContentInfo(univ.Sequence):
    392     pass
    393 
    394 
    395 EncapsulatedContentInfo.componentType = namedtype.NamedTypes(
    396     namedtype.NamedType('eContentType', ContentType()),
    397     namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(
    398         explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
    399 )
    400 
    401 
    402 class Digest(univ.OctetString):
    403     pass
    404 
    405 
    406 class DigestedData(univ.Sequence):
    407     pass
    408 
    409 
    410 DigestedData.componentType = namedtype.NamedTypes(
    411     namedtype.NamedType('version', CMSVersion()),
    412     namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
    413     namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
    414     namedtype.NamedType('digest', Digest())
    415 )
    416 
    417 
    418 class ContentInfo(univ.Sequence):
    419     pass
    420 
    421 
    422 ContentInfo.componentType = namedtype.NamedTypes(
    423     namedtype.NamedType('contentType', ContentType()),
    424     namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
    425 )
    426 
    427 
    428 class UnauthAttributes(univ.SetOf):
    429     pass
    430 
    431 
    432 UnauthAttributes.componentType = Attribute()
    433 UnauthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
    434 
    435 
    436 class ExtendedCertificateInfo(univ.Sequence):
    437     pass
    438 
    439 
    440 ExtendedCertificateInfo.componentType = namedtype.NamedTypes(
    441     namedtype.NamedType('version', CMSVersion()),
    442     namedtype.NamedType('certificate', rfc3280.Certificate()),
    443     namedtype.NamedType('attributes', UnauthAttributes())
    444 )
    445 
    446 
    447 class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
    448     pass
    449 
    450 
    451 class ExtendedCertificate(univ.Sequence):
    452     pass
    453 
    454 
    455 ExtendedCertificate.componentType = namedtype.NamedTypes(
    456     namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
    457     namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
    458     namedtype.NamedType('signature', Signature())
    459 )
    460 
    461 
    462 class OtherCertificateFormat(univ.Sequence):
    463     pass
    464 
    465 
    466 OtherCertificateFormat.componentType = namedtype.NamedTypes(
    467     namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()),
    468     namedtype.NamedType('otherCert', univ.Any())
    469 )
    470 
    471 
    472 class AttributeCertificateV2(rfc3281.AttributeCertificate):
    473     pass
    474 
    475 
    476 class AttCertVersionV1(univ.Integer):
    477     pass
    478 
    479 
    480 AttCertVersionV1.namedValues = namedval.NamedValues(
    481     ('v1', 0)
    482 )
    483 
    484 
    485 class AttributeCertificateInfoV1(univ.Sequence):
    486     pass
    487 
    488 
    489 AttributeCertificateInfoV1.componentType = namedtype.NamedTypes(
    490     namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")),
    491     namedtype.NamedType(
    492         'subject', univ.Choice(
    493             componentType=namedtype.NamedTypes(
    494                 namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
    495                 namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
    496             )
    497         )
    498     ),
    499     namedtype.NamedType('issuer', rfc3280.GeneralNames()),
    500     namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()),
    501     namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()),
    502     namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()),
    503     namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())),
    504     namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()),
    505     namedtype.OptionalNamedType('extensions', rfc3280.Extensions())
    506 )
    507 
    508 
    509 class AttributeCertificateV1(univ.Sequence):
    510     pass
    511 
    512 
    513 AttributeCertificateV1.componentType = namedtype.NamedTypes(
    514     namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
    515     namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()),
    516     namedtype.NamedType('signature', univ.BitString())
    517 )
    518 
    519 
    520 class CertificateChoices(univ.Choice):
    521     pass
    522 
    523 
    524 CertificateChoices.componentType = namedtype.NamedTypes(
    525     namedtype.NamedType('certificate', rfc3280.Certificate()),
    526     namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
    527         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
    528     namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(
    529         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
    530     namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(
    531         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
    532     namedtype.NamedType('other', OtherCertificateFormat().subtype(
    533         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
    534 )
    535 
    536 
    537 class CertificateSet(univ.SetOf):
    538     pass
    539 
    540 
    541 CertificateSet.componentType = CertificateChoices()
    542 
    543 
    544 class MessageAuthenticationCode(univ.OctetString):
    545     pass
    546 
    547 
    548 class UnsignedAttributes(univ.SetOf):
    549     pass
    550 
    551 
    552 UnsignedAttributes.componentType = Attribute()
    553 UnsignedAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
    554 
    555 
    556 class SignatureValue(univ.OctetString):
    557     pass
    558 
    559 
    560 class SignerInfo(univ.Sequence):
    561     pass
    562 
    563 
    564 SignerInfo.componentType = namedtype.NamedTypes(
    565     namedtype.NamedType('version', CMSVersion()),
    566     namedtype.NamedType('sid', SignerIdentifier()),
    567     namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
    568     namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(
    569         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
    570     namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
    571     namedtype.NamedType('signature', SignatureValue()),
    572     namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(
    573         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
    574 )
    575 
    576 
    577 class SignerInfos(univ.SetOf):
    578     pass
    579 
    580 
    581 SignerInfos.componentType = SignerInfo()
    582 
    583 
    584 class SignedData(univ.Sequence):
    585     pass
    586 
    587 
    588 SignedData.componentType = namedtype.NamedTypes(
    589     namedtype.NamedType('version', CMSVersion()),
    590     namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
    591     namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
    592     namedtype.OptionalNamedType('certificates', CertificateSet().subtype(
    593         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
    594     namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
    595         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
    596     namedtype.NamedType('signerInfos', SignerInfos())
    597 )
    598 
    599 
    600 class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier):
    601     pass
    602 
    603 
    604 class MessageDigest(univ.OctetString):
    605     pass
    606 
    607 
    608 class Time(univ.Choice):
    609     pass
    610 
    611 
    612 Time.componentType = namedtype.NamedTypes(
    613     namedtype.NamedType('utcTime', useful.UTCTime()),
    614     namedtype.NamedType('generalTime', useful.GeneralizedTime())
    615 )
    616 
    617 
    618 class OriginatorInfo(univ.Sequence):
    619     pass
    620 
    621 
    622 OriginatorInfo.componentType = namedtype.NamedTypes(
    623     namedtype.OptionalNamedType('certs', CertificateSet().subtype(
    624         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
    625     namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
    626         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
    627 )
    628 
    629 
    630 class AuthAttributes(univ.SetOf):
    631     pass
    632 
    633 
    634 AuthAttributes.componentType = Attribute()
    635 AuthAttributes.subtypeSpec = constraint.ValueSizeConstraint(1, MAX)
    636 
    637 
    638 class AuthenticatedData(univ.Sequence):
    639     pass
    640 
    641 
    642 AuthenticatedData.componentType = namedtype.NamedTypes(
    643     namedtype.NamedType('version', CMSVersion()),
    644     namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
    645         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
    646     namedtype.NamedType('recipientInfos', RecipientInfos()),
    647     namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()),
    648     namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(
    649         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
    650     namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
    651     namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(
    652         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
    653     namedtype.NamedType('mac', MessageAuthenticationCode()),
    654     namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(
    655         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
    656 )
    657 
    658 id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6)
    659 
    660 id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3)
    661 
    662 
    663 class EnvelopedData(univ.Sequence):
    664     pass
    665 
    666 
    667 EnvelopedData.componentType = namedtype.NamedTypes(
    668     namedtype.NamedType('version', CMSVersion()),
    669     namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
    670         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
    671     namedtype.NamedType('recipientInfos', RecipientInfos()),
    672     namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
    673     namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
    674         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
    675 )
    676 
    677 
    678 class Countersignature(SignerInfo):
    679     pass
    680 
    681 
    682 id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5)
    683 
    684 id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5)
    685 
    686 
    687 class ExtendedCertificateOrCertificate(univ.Choice):
    688     pass
    689 
    690 
    691 ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes(
    692     namedtype.NamedType('certificate', rfc3280.Certificate()),
    693     namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
    694         implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
    695 )
    696 
    697 id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6)
    698 
    699 id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2)
    700 
    701 
    702 class SigningTime(Time):
    703     pass
    704 
    705 
    706 id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6)
    707