2 # PyGOST -- Pure Python GOST cryptographic functions library
3 # Copyright (C) 2015-2018 Sergey Matveev <stargrave@stargrave.org>
5 # This program is free software: you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation, either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
17 """CMS related structures (**NOT COMPLETE**)
20 from pyderasn import Any
21 from pyderasn import BitString
22 from pyderasn import Choice
23 from pyderasn import Integer
24 from pyderasn import ObjectIdentifier
25 from pyderasn import OctetString
26 from pyderasn import Sequence
27 from pyderasn import SequenceOf
28 from pyderasn import SetOf
29 from pyderasn import tag_ctxc
30 from pyderasn import tag_ctxp
32 from pygost.asn1schemas.oids import id_digestedData
33 from pygost.asn1schemas.oids import id_envelopedData
34 from pygost.asn1schemas.oids import id_Gost28147_89
35 from pygost.asn1schemas.oids import id_signedData
36 from pygost.asn1schemas.oids import id_tc26_gost3410_2012_256
37 from pygost.asn1schemas.oids import id_tc26_gost3410_2012_512
38 from pygost.asn1schemas.x509 import AlgorithmIdentifier
39 from pygost.asn1schemas.x509 import SubjectPublicKeyInfo
42 class CMSVersion(Integer):
46 class ContentType(ObjectIdentifier):
50 class RecipientIdentifier(Choice):
52 ("issuerAndSerialNumber", Any()),
53 # ("subjectKeyIdentifier", SubjectKeyIdentifier(impl=tag_ctxp(0))),
57 class Gost2814789Key(OctetString):
61 class Gost2814789MAC(OctetString):
65 class Gost2814789EncryptedKey(Sequence):
67 ("encryptedKey", Gost2814789Key()),
68 ("maskKey", Gost2814789Key(impl=tag_ctxp(0), optional=True)),
69 ("macKey", Gost2814789MAC()),
73 class GostR34102001TransportParameters(Sequence):
75 ("encryptionParamSet", ObjectIdentifier()),
76 ("ephemeralPublicKey", SubjectPublicKeyInfo(
80 ("ukm", OctetString()),
84 class GostR3410KeyTransport(Sequence):
86 ("sessionEncryptedKey", Gost2814789EncryptedKey()),
87 ("transportParameters", GostR34102001TransportParameters(
94 class KeyEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
96 ("algorithm", ObjectIdentifier(defines=(
97 (("..", "encryptedKey"), {
98 id_tc26_gost3410_2012_256: GostR3410KeyTransport(),
99 id_tc26_gost3410_2012_512: GostR3410KeyTransport(),
101 (("..", "recipientEncryptedKeys", any, "encryptedKey"), {
102 id_tc26_gost3410_2012_256: Gost2814789EncryptedKey(),
103 id_tc26_gost3410_2012_512: Gost2814789EncryptedKey(),
106 ("parameters", Any(optional=True)),
110 class EncryptedKey(OctetString):
114 class KeyTransRecipientInfo(Sequence):
116 ("version", CMSVersion()),
117 ("rid", RecipientIdentifier()),
118 ("keyEncryptionAlgorithm", KeyEncryptionAlgorithmIdentifier()),
119 ("encryptedKey", EncryptedKey()),
123 class OriginatorPublicKey(Sequence):
125 ("algorithm", AlgorithmIdentifier()),
126 ("publicKey", BitString()),
130 class OriginatorIdentifierOrKey(Choice):
132 # ("issuerAndSerialNumber", IssuerAndSerialNumber()),
133 # ("subjectKeyIdentifier", SubjectKeyIdentifier(impl=tag_ctxp(0))),
134 ("originatorKey", OriginatorPublicKey(impl=tag_ctxc(1))),
138 class UserKeyingMaterial(OctetString):
142 class KeyAgreeRecipientIdentifier(Choice):
144 ("issuerAndSerialNumber", Any()),
145 # ("rKeyId", RecipientKeyIdentifier(impl=tag_ctxc(0))),
149 class RecipientEncryptedKey(Sequence):
151 ("rid", KeyAgreeRecipientIdentifier()),
152 ("encryptedKey", EncryptedKey()),
156 class RecipientEncryptedKeys(SequenceOf):
157 schema = RecipientEncryptedKey()
160 class KeyAgreeRecipientInfo(Sequence):
162 ("version", CMSVersion(3)),
163 ("originator", OriginatorIdentifierOrKey(expl=tag_ctxc(0))),
164 ("ukm", UserKeyingMaterial(expl=tag_ctxc(1), optional=True)),
165 ("keyEncryptionAlgorithm", KeyEncryptionAlgorithmIdentifier()),
166 ("recipientEncryptedKeys", RecipientEncryptedKeys()),
170 class RecipientInfo(Choice):
172 ("ktri", KeyTransRecipientInfo()),
173 ("kari", KeyAgreeRecipientInfo(impl=tag_ctxc(1))),
174 # ("kekri", KEKRecipientInfo(impl=tag_ctxc(2))),
175 # ("pwri", PasswordRecipientInfo(impl=tag_ctxc(3))),
176 # ("ori", OtherRecipientInfo(impl=tag_ctxc(4))),
180 class RecipientInfos(SetOf):
181 schema = RecipientInfo()
182 bounds = (1, float("+inf"))
185 class Gost2814789IV(OctetString):
189 class Gost2814789Parameters(Sequence):
191 ("iv", Gost2814789IV()),
192 ("encryptionParamSet", ObjectIdentifier()),
196 class ContentEncryptionAlgorithmIdentifier(AlgorithmIdentifier):
198 ("algorithm", ObjectIdentifier(defines=(
199 (("parameters",), {id_Gost28147_89: Gost2814789Parameters()}),
201 ("parameters", Any(optional=True)),
205 class EncryptedContent(OctetString):
209 class EncryptedContentInfo(Sequence):
211 ("contentType", ContentType()),
212 ("contentEncryptionAlgorithm", ContentEncryptionAlgorithmIdentifier()),
213 ("encryptedContent", EncryptedContent(impl=tag_ctxp(0), optional=True)),
217 class EnvelopedData(Sequence):
219 ("version", CMSVersion()),
220 # ("originatorInfo", OriginatorInfo(impl=tag_ctxc(0), optional=True)),
221 ("recipientInfos", RecipientInfos()),
222 ("encryptedContentInfo", EncryptedContentInfo()),
223 # ("unprotectedAttrs", UnprotectedAttributes(impl=tag_ctxc(1), optional=True)),
227 class EncapsulatedContentInfo(Sequence):
229 ("eContentType", ContentType()),
230 ("eContent", OctetString(expl=tag_ctxc(0), optional=True)),
234 class SignerIdentifier(Choice):
236 ("issuerAndSerialNumber", Any()),
237 # ("subjectKeyIdentifier", SubjectKeyIdentifier(impl=tag_ctxp(0))),
241 class DigestAlgorithmIdentifiers(SetOf):
242 schema = AlgorithmIdentifier()
245 class DigestAlgorithmIdentifier(AlgorithmIdentifier):
249 class SignatureAlgorithmIdentifier(AlgorithmIdentifier):
253 class SignatureValue(OctetString):
257 class SignerInfo(Sequence):
259 ("version", CMSVersion()),
260 ("sid", SignerIdentifier()),
261 ("digestAlgorithm", DigestAlgorithmIdentifier()),
262 # ("signedAttrs", SignedAttributes(impl=tag_ctxc(0), optional=True)),
263 ("signatureAlgorithm", SignatureAlgorithmIdentifier()),
264 ("signature", SignatureValue()),
265 # ("unsignedAttrs", UnsignedAttributes(impl=tag_ctxc(1), optional=True)),
269 class SignerInfos(SetOf):
270 schema = SignerInfo()
273 class SignedData(Sequence):
275 ("version", CMSVersion()),
276 ("digestAlgorithms", DigestAlgorithmIdentifiers()),
277 ("encapContentInfo", EncapsulatedContentInfo()),
278 # ("certificates", CertificateSet(impl=tag_ctxc(0), optional=True)),
279 # ("crls", RevocationInfoChoices(impl=tag_ctxc(1), optional=True)),
280 ("signerInfos", SignerInfos()),
284 class Digest(OctetString):
288 class DigestedData(Sequence):
290 ("version", CMSVersion()),
291 ("digestAlgorithm", DigestAlgorithmIdentifier()),
292 ("encapContentInfo", EncapsulatedContentInfo()),
293 ("digest", Digest()),
297 class ContentInfo(Sequence):
299 ("contentType", ContentType(defines=(
301 id_digestedData: DigestedData(),
302 id_envelopedData: EnvelopedData(),
303 id_signedData: SignedData(),
306 ("content", Any(expl=tag_ctxc(0))),