`^5oddlmZddlmZddlmZddlmZddlmZddlmZddlmZddlm Z dd lm Z dd lm Z e d Z Gd d ejZGdde j ZGddeZGddeZGddej(ZGddej(ZGddej(ZGddej0ZGddej(ZGddej(ZGd d!ej8ZGd"d#ej(ZGd$d%ej0ZGd&d'ej0Z Gd(d)ej(Z!Gd*d+ejDZ#Gd,d-ej0Z$Gd.d/ej(Z%Gd0d1ej0Z&Gd2d3ejNZ(Gd4d5ejRZ*Gd6d7ej0Z+Gd8d9ej0Z,Gd:d;ej0Z-Gd<d=ej(Z.Gd>d?ej0Z/Gd@dAej0Z0GdBdCej0Z1GdDdEej0Z2GdFdGej0Z3GdHdIej(Z4GdJdKej0Z5GdLdMej(Z6GdNdOej0Z7ejpdPZ9GdQdRej0Z:ejpdSZ;GdTdUejRZ<e6j{ej|ej~ejdVWZAGdXdYejDZBGdZd[ej0ZCGd\d]ej0ZDGd^d_ej0ZEGd`daej(ZFeFe6_GeFeA_Gyb)c)char) constraint) namedtype)namedval)tag)univ)useful)rfc2314)rfc2459)rfc2511infc eZdZy) KeyIdentifierN__name__ __module__ __qualname__8/usr/lib/python3/dist-packages/pyasn1_modules/rfc4210.pyrrrrc eZdZy)CMPCertificateNrrrrrrrrrc eZdZy)OOBCertNrrrrrr"rrrc eZdZy)CertAnnContentNrrrrrr&rrrceZdZdZej Zejje jde zZ y) PKIFreeTextz> PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String N) rrr__doc__r UTF8String componentTyper SequenceOfsizeSpecrValueSizeConstraintMAXrrrrr*s;$DOO%M''*H**H*HC*PPHrrcHeZdZdZGddej ZeZy)PollRepContentz PollRepContent ::= SEQUENCE OF SEQUENCE { certReqId INTEGER, checkAfter INTEGER, -- time in seconds reason PKIFreeText OPTIONAL } c eZdZejej dejej dejejde Z y)PollRepContent.CertReq certReqId checkAfterreasonN) rrrr NamedTypes NamedTyperIntegerOptionalNamedTyperr#rrrCertReqr+;s\, ,, I   \T\\^ < I   ldlln = 'I ' '+- @ rr3Nrrrr!rSequencer3r#rrrr)r)2s  $-- IMrr)cHeZdZdZGddej ZeZy)PollReqContentzh PollReqContent ::= SEQUENCE OF SEQUENCE { certReqId INTEGER } cpeZdZejej dejZy)PollReqContent.CertReqr,N) rrrrr/r0rr1r#rrrr3r9Ms., ,, I   \T\\^ < rr3Nr4rrrr7r7Es  $-- IMrr7ceZdZdZej ej dejejdejZ y)InfoTypeAndValuez InfoTypeAndValue ::= SEQUENCE { infoType OBJECT IDENTIFIER, infoValue ANY DEFINED BY infoType OPTIONAL }infoType infoValueN) rrrr!rr/r0rObjectIdentifierr2Anyr#rrrr;r;UsS )I(( J(=(=(=(?@# ##K<Mrr;ceZdZeZy) GenRepContentNrrrr;r#rrrrArAa $&MrrAceZdZeZy) GenMsgContentNrBrrrrErEerCrrEc eZdZy)PKIConfirmContentNrrrrrGrGirrrGc.eZdZejZy) CRLAnnContentN)rrrr CertificateListr#rrrrIrIms+G++-MrrIc eZdZdZej ej deej deej deZy)CAKeyUpdAnnContentz CAKeyUpdAnnContent ::= SEQUENCE { oldWithNew CMPCertificate, newWithOld CMPCertificate, newWithNew CMPCertificate } oldWithNew newWithOld newWithNewN) rrrr!rr/r0rr#rrrrLrLqsZ)I(( L.*:; L.*:; L.*:;MrrLceZdZdZej ej dejejde jZ y) RevDetailsz RevDetails ::= SEQUENCE { certDetails CertTemplate, crlEntryDetails Extensions OPTIONAL } certDetailscrlEntryDetailsN) rrrr!rr/r0r CertTemplater2r Extensionsr#rrrrQrQsX )I(( M+?7+?+?+AB# ##$57Iw7I7I7KLMrrQceZdZeZy) RevReqContentN)rrrrQr#rrrrWrW LMrrWc zeZdZdZej ej deje je je jdej de jje je je jdZy) CertOrEncCertz CertOrEncCert ::= CHOICE { certificate [0] CMPCertificate, encryptedCert [1] EncryptedValue } certificater explicitTag encryptedCertr N)rrrr!rr/r0rsubtyperTagtagClassContexttagFormatConstructedr EncryptedValuer#rrrrZrZs )I(( M>+;+C+CPWPSPWPWX[XkXkmpnFnFHIQJ+C,K L O-CW-C-C-E-M-MZaZ]ZaZabebubuwzxPxPRS[T-M.U VMrrZceZdZdZej ej deejde jje je je jdejde j je je je jdZy) CertifiedKeyPairz CertifiedKeyPair ::= SEQUENCE { certOrEncCert CertOrEncCert, privateKey [0] EncryptedValue OPTIONAL, publicationInfo [1] PKIPublicationInfo OPTIONAL } certOrEncCert privateKeyrr\publicationInfor N)rrrr!rr/r0rZr2r rcr_rr`rarbPKIPublicationInfor#rrrreres)I(( O]_=# ##L2H'2H2H2J2R2R_f_b_f_fgjgzgz|}U}UWX`Y2R3Z [# ##$57Qw7Q7Q7S7[7[hohkhohopsqDqDFIF^F^`aib7[8c dMrrec.eZdZejZy)POPODecKeyRespContentN)rrrrr1r#rrrrkrks DLLNMrrkc eZdZdZej ej dejejde jejde jZ y) Challengez Challenge ::= SEQUENCE { owf AlgorithmIdentifier OPTIONAL, witness OCTET STRING, challenge OCTET STRING } owfwitness challengeN) rrrr!rr/r2r AlgorithmIdentifierr0r OctetStringr#rrrrmrmsu)I((# ##E+F7+F+F+HI I'7t'7'7'9: K)9)9)9);<Mrrmc @eZdZdZej dddddddZy ) PKIStatusa+ PKIStatus ::= INTEGER { accepted (0), grantedWithMods (1), rejection (2), waiting (3), revocationWarning (4), revocationNotification (5), keyUpdateWarning (6) } )acceptedr)grantedWithModsr ) rejection)waiting)revocationWarning)revocationNotification)keyUpdateWarningNrrrr!r NamedValues namedValuesrrrrtrts0 '(&& %KrrtcheZdZdZej dddddddd d d d d dddddddddddddddZy)PKIFailureInfoa PKIFailureInfo ::= BIT STRING { badAlg (0), badMessageCheck (1), badRequest (2), badTime (3), badCertId (4), badDataFormat (5), wrongAuthority (6), incorrectData (7), missingTimeStamp (8), badPOP (9), certRevoked (10), certConfirmed (11), wrongIntegrity (12), badRecipientNonce (13), timeNotAvailable (14), unacceptedPolicy (15), unacceptedExtension (16), addInfoNotAvailable (17), badSenderNonce (18), badCertTemplate (19), signerNotTrusted (20), transactionIdInUse (21), unsupportedVersion (22), notAuthorized (23), systemUnavail (24), systemFailure (25), duplicateCertReq (26) )badAlgr)badMessageCheckr ) badRequestrx)badTimerz) badCertIdr|) badDataFormatr~)wrongAuthorityr) incorrectData)missingTimeStamp)badPOP ) certRevoked ) certConfirmed )wrongIntegrity )badRecipientNonce )timeNotAvailable)unacceptedPolicy)unacceptedExtension)addInfoNotAvailable)badSenderNonce)badCertTemplate)signerNotTrusted)transactionIdInUse)unsupportedVersion) notAuthorized) systemUnavail) systemFailure)duplicateCertReqNrrrrrrsl<'(&&!  ## "" 7Krrc eZdZdZej ej deejde ejde Z y) PKIStatusInfoz PKIStatusInfo ::= SEQUENCE { status PKIStatus, statusString PKIFreeText OPTIONAL, failInfo PKIFailureInfo OPTIONAL } status statusStringfailInfoN) rrrr!rr/r0rtr2rrr#rrrrrsX)I(( Hik2# ##NKMB# ##J0@AMrrc eZdZdZej ej deejde jejde Z y)ErrorMsgContenta7 ErrorMsgContent ::= SEQUENCE { pKIStatusInfo PKIStatusInfo, errorCode INTEGER OPTIONAL, -- implementation-specific error codes errorDetails PKIFreeText OPTIONAL -- implementation-specific error details } pKIStatusInfo errorCode errorDetailsN) rrrr!rr/r0rr2rr1rr#rrrrr$s])I(( O]_=# ##K@# ##NKMBMrrc eZdZdZej ej dejej dejejde Z y) CertStatusz CertStatus ::= SEQUENCE { certHash OCTET STRING, certReqId INTEGER, statusInfo PKIStatusInfo OPTIONAL } certHashr, statusInfoN) rrrr!rr/r0rrrr1r2rr#rrrrr5sg)I(( J(8(8(8(:; K8# ##L-/BMrrceZdZeZy)CertConfirmContentN)rrrrr#rrrrrDrXrrc heZdZdZej ej deej dejej de jej de jejde jZy) RevAnnContenta RevAnnContent ::= SEQUENCE { status PKIStatus, certId CertId, willBeRevokedAt GeneralizedTime, badSinceDate GeneralizedTime, crlDetails Extensions OPTIONAL } rcertIdwillBeRevokedAt badSinceDate crlDetailsN)rrrr!rr/r0rtr CertIdr GeneralizedTimer2r rUr#rrrrrHs)I(( Hik2 Hngnn&67 -/Ev/E/E/GH N,BF,B,B,DE# ##L2D'2D2D2FG MrrceZdZdZej ej deje e jde ejdejejj!e jde ej$ej&ej(dejd ejej,j!e jde ej$ej&ej(dZy ) RevRepContentaI RevRepContent ::= SEQUENCE { status SEQUENCE SIZE (1..MAX) OF PKIStatusInfo, revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL, crls [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL rr )r#r%revCertsr#rr%r]crlsN)rrrr!rr/r0rr$rrr&r'r2r rr_rr`rarbr rJr#rrrrr[s/)I((  odoo+o7773? $ ## ngnn6FGOO7773?#CGGC$7$79Q9QSTUP $ ## ODOO2I'2I2I2KLTT7773?#CGGC$7$79Q9QSTUU MrrceZdZdZej ej deejde je je je jdejdej e je je je jdej$de ejd ej eje je je jd ej$de Zy ) KeyRecRepContenta KeyRecRepContent ::= SEQUENCE { status PKIStatusInfo, newSigCert [0] CMPCertificate OPTIONAL, caCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, keyPairHist [2] SEQUENCE SIZE (1..MAX) OF CertifiedKeyPair OPTIONAL } r newSigCertrr\caCertsrr )r]r% keyPairHistrxN)rrrr!rr/r0rr2rr_rr`rarbrr$rr&r'rer#rrrrrzsC )I(( Hmo6# ## .*22#CGGC$7$79Q9QSTU3 $ ## t^5EFNN#CGGC$7$79Q9QSTU7773?O $ ##M?4??QaQc3d3l3l 3 3S5M5MqQ3Z33As;4m4= Mrrc eZdZdZej ej dejej de ejde ejdejZ y) CertResponsez CertResponse ::= SEQUENCE { certReqId INTEGER, status PKIStatusInfo, certifiedKeyPair CertifiedKeyPair OPTIONAL, rspInfo OCTET STRING OPTIONAL } r,rcertifiedKeyPairrspInfoN)rrrr!rr/r0rr1rr2rerrr#rrrrrs~)I(( K8 Hmo6# ##$68H8JK# ##I/?t/?/?/AB Mrrc beZdZdZej ej deje je jde ejej ej"dej$dejeZy)CertRepMessagez CertRepMessage ::= SEQUENCE { caPubs [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL, response SEQUENCE OF CertResponse } caPubsrr rresponseN)rrrr!rr/r2rr$rr_rr&r'rr`rarbr0rr#rrrrrs)I((# ## odoo,.g=z==aE")#''#*=*=s?W?WYZ"[]  Jln(UVMrrceZdZeZy)POPODecKeyChallContentN)rrrrmr#rrrrrs KMrrc eZdZdZej ej dejje je je jdej dejje je je jdej dej$Zy) OOBCertHashz OOBCertHash ::= SEQUENCE { hashAlg [0] AlgorithmIdentifier OPTIONAL, certId [1] CertId OPTIONAL, hashVal BIT STRING } hashAlgrr\rr hashValN)rrrr!rr/r2r rqr_rr`rarbr rr0r BitStringr#rrrrrs)I((# ## 2w224<<QTQdQdfif~f~ABJC<D  $ ## ngnn&..73773CVCVX[XpXprs;t.u   I~t~~'78Mrrc2eZdZdZej Zy)NestedMessageContentz. NestedMessageContent ::= PKIMessages N)rrrr!rr?r#rrrrrsDHHJMrrceZdZdZej ej dejej dejZ y) DHBMParametera1 DHBMParameter ::= SEQUENCE { owf AlgorithmIdentifier, -- AlgId for a One-Way Function (SHA-1 recommended) mac AlgorithmIdentifier -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11], } -- or HMAC [RFC2104, RFC2202]) rnmacN) rrrr!rr/r0r rqr#rrrrrsW)I(( E#>7#>#>#@A E#>7#>#>#@AMrrz1.2.840.113533.7.66.30c |eZdZdZej ej dejje jddej de jej dejej de jZy ) PBMParameterz PBMParameter ::= SEQUENCE { salt OCTET STRING, owf AlgorithmIdentifier, iterationCount INTEGER, mac AlgorithmIdentifier } saltr) subtypeSpecrniterationCountrN)rrrr!rr/r0rrrr_rr&r rqr1r#rrrrrs)I((  $D$$&..;Y:;Y;YZ[]`;a.b   E#>7#>#>#@A ,ldlln= E#>7#>#>#@A Mrrz1.2.840.113533.7.66.13c eZdZy) PKIProtectionNrrrrrrrrrrr\c&reZdZdZej ej dejje je je jdej deje je je jdej dejje je je jdej d eje je je jd ej d ej je je je jd ej d eje je je jdej deje je je jdej dejje je je jdej deje je je jdej dejje je je jdej deje je je jdej deje je je jdej deje je je jdej dejje je je jdej deje je je jd ej d!eje je je jd"ej d#eje je je jd$ej d%eje je je jd&ej d'eje je je jd(ej d)eje je je jd*ej d+eej d,eje je je jd-ej d.eje je je jd/ej d0eje je je jd1ej d2eje je je jd3ej d4e je je je jd5ej d6e!je je je jd7Z"y8)9PKIBodyag PKIBody ::= CHOICE { -- message-specific body elements ir [0] CertReqMessages, --Initialization Request ip [1] CertRepMessage, --Initialization Response cr [2] CertReqMessages, --Certification Request cp [3] CertRepMessage, --Certification Response p10cr [4] CertificationRequest, --imported from [PKCS10] popdecc [5] POPODecKeyChallContent, --pop Challenge popdecr [6] POPODecKeyRespContent, --pop Response kur [7] CertReqMessages, --Key Update Request kup [8] CertRepMessage, --Key Update Response krr [9] CertReqMessages, --Key Recovery Request krp [10] KeyRecRepContent, --Key Recovery Response rr [11] RevReqContent, --Revocation Request rp [12] RevRepContent, --Revocation Response ccr [13] CertReqMessages, --Cross-Cert. Request ccp [14] CertRepMessage, --Cross-Cert. Response ckuann [15] CAKeyUpdAnnContent, --CA Key Update Ann. cann [16] CertAnnContent, --Certificate Ann. rann [17] RevAnnContent, --Revocation Ann. crlann [18] CRLAnnContent, --CRL Announcement pkiconf [19] PKIConfirmContent, --Confirmation nested [20] NestedMessageContent, --Nested Message genm [21] GenMsgContent, --General Message genp [22] GenRepContent, --General Response error [23] ErrorMsgContent, --Error Message certConf [24] CertConfirmContent, --Certificate confirm pollReq [25] PollReqContent, --Polling request pollRep [26] PollRepContent --Polling response irrr\ipr crrxcprzp10crr|popdeccr~popdecrrkurrkuprkrrrkrprrrrrprccrrccprckuannrcannrrannrcrlannrpkiconfrnestedgenmrgenrerrorrcertConfrpollReqrpollReprN)#rrrr!rr/r0r CertReqMessagesr_rr`rarbrr CertificationRequestrrkrrWrrLrrrIrGnestedMessageContentrErArrr7r)r#rrrrrs>)I((  )'))+33#CGGC$7$79Q9QSTU4   ."**#CGGC$7$79Q9QSTU+   )'))+33#CGGC$7$79Q9QSTU4   ."**#CGGC$7$79Q9QSTU+   1W113;;#CGGC$7$79Q9QSTU<   -/77#CGGC$7$79Q9QSTU8   ,.66#CGGC$7$79Q9QSTU7   *7**,44#CGGC$7$79Q9QSTU5   >#++#CGGC$7$79Q9QSTU,   *7**,44#CGGC$7$79Q9QSTU5   #%--#CGGC$7$79Q9QSUV.   -/))#CGGC$7$79Q9QSUV*   -/))#CGGC$7$79Q9QSUV*   *7**,44#CGGC$7$79Q9QSUV5   >#++#CGGC$7$79Q9QSUV,   (*22#CGGC$7$79Q9QSUV3   N$,,#CGGC$7$79Q9QSUV-   MO++#CGGC$7$79Q9QSUV,   mo--#CGGC$7$79Q9QSUV.   (*22#CGGC$7$79Q9QSUV3   *    MO++#CGGC$7$79Q9QSUV,   =?**#CGGC$7$79Q9QSUV+   _&..#CGGC$7$79Q9QSUV/   *,44#CGGC$7$79Q9QSUV5   ~'//#CGGC$7$79Q9QSUV0   ~'//#CGGC$7$79Q9QSUV0 KJMrrcxeZdZdZej ej deje jddej de jej de jejdejj!ej$ej&ej(d  ejd e j*j!ej$ej&ej,d  ejd e j.j!ej$ej&ej(d ejde j.j!ej$ej&ej(d ejdej0j!ej$ej&ej(d ejdej0j!ej$ej&ej(d ejdej0j!ej$ej&ej(d ejdej!ej$ej&ej,d ejdej4ej!ej:d ej!ej$ej&ej(d  Zy) PKIHeadera PKIHeader ::= SEQUENCE { pvno INTEGER { cmp1999(1), cmp2000(2) }, sender GeneralName, recipient GeneralName, messageTime [0] GeneralizedTime OPTIONAL, protectionAlg [1] AlgorithmIdentifier OPTIONAL, senderKID [2] KeyIdentifier OPTIONAL, recipKID [3] KeyIdentifier OPTIONAL, transactionID [4] OCTET STRING OPTIONAL, senderNonce [5] OCTET STRING OPTIONAL, recipNonce [6] OCTET STRING OPTIONAL, freeText [7] PKIFreeText OPTIONAL, generalInfo [8] SEQUENCE SIZE (1..MAX) OF InfoTypeAndValue OPTIONAL } pvno)cmp1999r )cmp2000rx)rsender recipient messageTimerr\ protectionAlgr senderKIDrxrecipKIDrz transactionIDr| senderNoncer~ recipNoncerfreeTextr generalInfo)r%rrN) rrrr!rr/r0rr1rrr GeneralNamer2r rr_rr`ratagFormatSimplerqrbrrrrr$r;rr&r'r#rrrrrs$)I((  LDLL0H00P  H&9g&9&9&;< K)<)<)<)>?# ##M3I63I3I3K3S3S 3 3S5H5H!L4T4N O# ##O5PW5P5P5R5Z5Z 3 3S5M5MqQ6[6S T# ##K1F1F1F1H1P1P 3 3S5H5H!L2Q2N O# ##J0E0E0E0G0O0O 3 3S5H5H!L1P1N O# ##O5ET5E5E5G5O5O 3 3S5H5H!L6P6N O# ##M3C43C3C3E3M3M 3 3S5H5H!L4N4N O# ##L2B$2B2B2D2L2L 3 3S5H5H!L3M3N O# ##J 0E0E 3 3S5M5MqQ1F1S T# ##M$3DOO6F6H6P6P5SZ5S5STUWZ5[7Q7*%&'.g 3 3S5H5H!L'.'N  1 MrrceZdZdZej ej deej deZ y) ProtectedPartzg ProtectedPart ::= SEQUENCE { header PKIHeader, body PKIBody } headerr=N) rrrr!rr/r0rrr#rrrr'r'sC )I(( Hik2 K3Mrr'ceZdZdZej ej deej deejde je je je jdejdej"ejej(d ee je je j,d  Zy ) PKIMessagez PKIMessage ::= SEQUENCE { header PKIHeader, body PKIBody, protection [0] PKIProtection OPTIONAL, extraCerts [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate OPTIONAL }r(body protectionrr\ extraCertsrr rN)rrrr!rr/r0rrr2rr_rr`rar%rr$rrr&r'rbr#rrrr*r*s )I(( Hik2 FGI.# ##L-/2I2I 3 3S5H5H!L3J3N O# ##L$3DOO6D6F%&&-g1O1O1OPQSV1W4;CGGC PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage r N) rrrr!r*r#rr$r%rr&r'rrrr/r/s4LM''*H**H*HC*PPHrr/N)H pyasn1.typerrrrrrr pyasn1_modulesr r r floatr'rrr Certificaterrrr$rr)r7r5r;rArENullrGrIrLrQrWChoicerZrerkrmr1rtrrrrrrrrrrrrrrrr> id_DHBasedMacrid_PasswordBasedMacrr_r`rarbrrrr'r*r/_componentTyperrrr9s@"! """ El D$$  W((  n  ^ Q$//QT__& T__  t}} 'DOO''DOO'   .DOO.    !DOO! DKK  t}} #DOO#   .;T^^;| DMM dmm"  !!DMM&DMM>t}}>4=="T]]& T__ $--*4?? DMM &%%&>? 4==&,d++,DE DNN ,-55++S-E-ErJ6LjdkkjZ3 3l DMM 2Q$//Q'2m#&1m#r