1# coding: utf-8
2#
3# This file is part of pyasn1-modules software.
4#
5# Created by Stanisław Pitucha with asn1ate tool.
6# Copyright (c) 2005-2019, Ilya Etingof <[email protected]>
7# License: http://snmplabs.com/pyasn1/license.html
8#
9# Cryptographic Message Syntax (CMS)
10#
11# ASN.1 source from:
12# http://www.ietf.org/rfc/rfc3852.txt
13#
14from pyasn1.type import constraint
15from pyasn1.type import namedtype
16from pyasn1.type import namedval
17from pyasn1.type import tag
18from pyasn1.type import univ
19from pyasn1.type import useful
20
21from pyasn1_modules import rfc3280
22from pyasn1_modules import rfc3281
23
24MAX = float('inf')
25
26
27def _buildOid(*components):
28    output = []
29    for x in tuple(components):
30        if isinstance(x, univ.ObjectIdentifier):
31            output.extend(list(x))
32        else:
33            output.append(int(x))
34
35    return univ.ObjectIdentifier(output)
36
37
38class AttributeValue(univ.Any):
39    pass
40
41
42class Attribute(univ.Sequence):
43    pass
44
45
46Attribute.componentType = namedtype.NamedTypes(
47    namedtype.NamedType('attrType', univ.ObjectIdentifier()),
48    namedtype.NamedType('attrValues', univ.SetOf(componentType=AttributeValue()))
49)
50
51
52class SignedAttributes(univ.SetOf):
53    pass
54
55
56SignedAttributes.componentType = Attribute()
57SignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
58
59
60class OtherRevocationInfoFormat(univ.Sequence):
61    pass
62
63
64OtherRevocationInfoFormat.componentType = namedtype.NamedTypes(
65    namedtype.NamedType('otherRevInfoFormat', univ.ObjectIdentifier()),
66    namedtype.NamedType('otherRevInfo', univ.Any())
67)
68
69
70class RevocationInfoChoice(univ.Choice):
71    pass
72
73
74RevocationInfoChoice.componentType = namedtype.NamedTypes(
75    namedtype.NamedType('crl', rfc3280.CertificateList()),
76    namedtype.NamedType('other', OtherRevocationInfoFormat().subtype(
77        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
78)
79
80
81class RevocationInfoChoices(univ.SetOf):
82    pass
83
84
85RevocationInfoChoices.componentType = RevocationInfoChoice()
86
87
88class OtherKeyAttribute(univ.Sequence):
89    pass
90
91
92OtherKeyAttribute.componentType = namedtype.NamedTypes(
93    namedtype.NamedType('keyAttrId', univ.ObjectIdentifier()),
94    namedtype.OptionalNamedType('keyAttr', univ.Any())
95)
96
97id_signedData = _buildOid(1, 2, 840, 113549, 1, 7, 2)
98
99
100class KeyEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
101    pass
102
103
104class EncryptedKey(univ.OctetString):
105    pass
106
107
108class CMSVersion(univ.Integer):
109    pass
110
111
112CMSVersion.namedValues = namedval.NamedValues(
113    ('v0', 0),
114    ('v1', 1),
115    ('v2', 2),
116    ('v3', 3),
117    ('v4', 4),
118    ('v5', 5)
119)
120
121
122class KEKIdentifier(univ.Sequence):
123    pass
124
125
126KEKIdentifier.componentType = namedtype.NamedTypes(
127    namedtype.NamedType('keyIdentifier', univ.OctetString()),
128    namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
129    namedtype.OptionalNamedType('other', OtherKeyAttribute())
130)
131
132
133class KEKRecipientInfo(univ.Sequence):
134    pass
135
136
137KEKRecipientInfo.componentType = namedtype.NamedTypes(
138    namedtype.NamedType('version', CMSVersion()),
139    namedtype.NamedType('kekid', KEKIdentifier()),
140    namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
141    namedtype.NamedType('encryptedKey', EncryptedKey())
142)
143
144
145class KeyDerivationAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
146    pass
147
148
149class PasswordRecipientInfo(univ.Sequence):
150    pass
151
152
153PasswordRecipientInfo.componentType = namedtype.NamedTypes(
154    namedtype.NamedType('version', CMSVersion()),
155    namedtype.OptionalNamedType('keyDerivationAlgorithm', KeyDerivationAlgorithmIdentifier().subtype(
156        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
157    namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
158    namedtype.NamedType('encryptedKey', EncryptedKey())
159)
160
161
162class OtherRecipientInfo(univ.Sequence):
163    pass
164
165
166OtherRecipientInfo.componentType = namedtype.NamedTypes(
167    namedtype.NamedType('oriType', univ.ObjectIdentifier()),
168    namedtype.NamedType('oriValue', univ.Any())
169)
170
171
172class IssuerAndSerialNumber(univ.Sequence):
173    pass
174
175
176IssuerAndSerialNumber.componentType = namedtype.NamedTypes(
177    namedtype.NamedType('issuer', rfc3280.Name()),
178    namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber())
179)
180
181
182class SubjectKeyIdentifier(univ.OctetString):
183    pass
184
185
186class RecipientKeyIdentifier(univ.Sequence):
187    pass
188
189
190RecipientKeyIdentifier.componentType = namedtype.NamedTypes(
191    namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier()),
192    namedtype.OptionalNamedType('date', useful.GeneralizedTime()),
193    namedtype.OptionalNamedType('other', OtherKeyAttribute())
194)
195
196
197class KeyAgreeRecipientIdentifier(univ.Choice):
198    pass
199
200
201KeyAgreeRecipientIdentifier.componentType = namedtype.NamedTypes(
202    namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
203    namedtype.NamedType('rKeyId', RecipientKeyIdentifier().subtype(
204        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
205)
206
207
208class RecipientEncryptedKey(univ.Sequence):
209    pass
210
211
212RecipientEncryptedKey.componentType = namedtype.NamedTypes(
213    namedtype.NamedType('rid', KeyAgreeRecipientIdentifier()),
214    namedtype.NamedType('encryptedKey', EncryptedKey())
215)
216
217
218class RecipientEncryptedKeys(univ.SequenceOf):
219    pass
220
221
222RecipientEncryptedKeys.componentType = RecipientEncryptedKey()
223
224
225class UserKeyingMaterial(univ.OctetString):
226    pass
227
228
229class OriginatorPublicKey(univ.Sequence):
230    pass
231
232
233OriginatorPublicKey.componentType = namedtype.NamedTypes(
234    namedtype.NamedType('algorithm', rfc3280.AlgorithmIdentifier()),
235    namedtype.NamedType('publicKey', univ.BitString())
236)
237
238
239class OriginatorIdentifierOrKey(univ.Choice):
240    pass
241
242
243OriginatorIdentifierOrKey.componentType = namedtype.NamedTypes(
244    namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
245    namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
246        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
247    namedtype.NamedType('originatorKey', OriginatorPublicKey().subtype(
248        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1)))
249)
250
251
252class KeyAgreeRecipientInfo(univ.Sequence):
253    pass
254
255
256KeyAgreeRecipientInfo.componentType = namedtype.NamedTypes(
257    namedtype.NamedType('version', CMSVersion()),
258    namedtype.NamedType('originator', OriginatorIdentifierOrKey().subtype(
259        explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
260    namedtype.OptionalNamedType('ukm', UserKeyingMaterial().subtype(
261        explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
262    namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
263    namedtype.NamedType('recipientEncryptedKeys', RecipientEncryptedKeys())
264)
265
266
267class RecipientIdentifier(univ.Choice):
268    pass
269
270
271RecipientIdentifier.componentType = namedtype.NamedTypes(
272    namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
273    namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
274        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
275)
276
277
278class KeyTransRecipientInfo(univ.Sequence):
279    pass
280
281
282KeyTransRecipientInfo.componentType = namedtype.NamedTypes(
283    namedtype.NamedType('version', CMSVersion()),
284    namedtype.NamedType('rid', RecipientIdentifier()),
285    namedtype.NamedType('keyEncryptionAlgorithm', KeyEncryptionAlgorithmIdentifier()),
286    namedtype.NamedType('encryptedKey', EncryptedKey())
287)
288
289
290class RecipientInfo(univ.Choice):
291    pass
292
293
294RecipientInfo.componentType = namedtype.NamedTypes(
295    namedtype.NamedType('ktri', KeyTransRecipientInfo()),
296    namedtype.NamedType('kari', KeyAgreeRecipientInfo().subtype(
297        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 1))),
298    namedtype.NamedType('kekri', KEKRecipientInfo().subtype(
299        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))),
300    namedtype.NamedType('pwri', PasswordRecipientInfo().subtype(
301        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3))),
302    namedtype.NamedType('ori', OtherRecipientInfo().subtype(
303        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4)))
304)
305
306
307class RecipientInfos(univ.SetOf):
308    pass
309
310
311RecipientInfos.componentType = RecipientInfo()
312RecipientInfos.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
313
314
315class DigestAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
316    pass
317
318
319class Signature(univ.BitString):
320    pass
321
322
323class SignerIdentifier(univ.Choice):
324    pass
325
326
327SignerIdentifier.componentType = namedtype.NamedTypes(
328    namedtype.NamedType('issuerAndSerialNumber', IssuerAndSerialNumber()),
329    namedtype.NamedType('subjectKeyIdentifier', SubjectKeyIdentifier().subtype(
330        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
331)
332
333
334class UnprotectedAttributes(univ.SetOf):
335    pass
336
337
338UnprotectedAttributes.componentType = Attribute()
339UnprotectedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
340
341
342class ContentType(univ.ObjectIdentifier):
343    pass
344
345
346class EncryptedContent(univ.OctetString):
347    pass
348
349
350class ContentEncryptionAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
351    pass
352
353
354class EncryptedContentInfo(univ.Sequence):
355    pass
356
357
358EncryptedContentInfo.componentType = namedtype.NamedTypes(
359    namedtype.NamedType('contentType', ContentType()),
360    namedtype.NamedType('contentEncryptionAlgorithm', ContentEncryptionAlgorithmIdentifier()),
361    namedtype.OptionalNamedType('encryptedContent', EncryptedContent().subtype(
362        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
363)
364
365
366class EncryptedData(univ.Sequence):
367    pass
368
369
370EncryptedData.componentType = namedtype.NamedTypes(
371    namedtype.NamedType('version', CMSVersion()),
372    namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
373    namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
374        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
375)
376
377id_contentType = _buildOid(1, 2, 840, 113549, 1, 9, 3)
378
379id_data = _buildOid(1, 2, 840, 113549, 1, 7, 1)
380
381id_messageDigest = _buildOid(1, 2, 840, 113549, 1, 9, 4)
382
383
384class DigestAlgorithmIdentifiers(univ.SetOf):
385    pass
386
387
388DigestAlgorithmIdentifiers.componentType = DigestAlgorithmIdentifier()
389
390
391class EncapsulatedContentInfo(univ.Sequence):
392    pass
393
394
395EncapsulatedContentInfo.componentType = namedtype.NamedTypes(
396    namedtype.NamedType('eContentType', ContentType()),
397    namedtype.OptionalNamedType('eContent', univ.OctetString().subtype(
398        explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
399)
400
401
402class Digest(univ.OctetString):
403    pass
404
405
406class DigestedData(univ.Sequence):
407    pass
408
409
410DigestedData.componentType = namedtype.NamedTypes(
411    namedtype.NamedType('version', CMSVersion()),
412    namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
413    namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
414    namedtype.NamedType('digest', Digest())
415)
416
417
418class ContentInfo(univ.Sequence):
419    pass
420
421
422ContentInfo.componentType = namedtype.NamedTypes(
423    namedtype.NamedType('contentType', ContentType()),
424    namedtype.NamedType('content', univ.Any().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0)))
425)
426
427
428class UnauthAttributes(univ.SetOf):
429    pass
430
431
432UnauthAttributes.componentType = Attribute()
433UnauthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
434
435
436class ExtendedCertificateInfo(univ.Sequence):
437    pass
438
439
440ExtendedCertificateInfo.componentType = namedtype.NamedTypes(
441    namedtype.NamedType('version', CMSVersion()),
442    namedtype.NamedType('certificate', rfc3280.Certificate()),
443    namedtype.NamedType('attributes', UnauthAttributes())
444)
445
446
447class SignatureAlgorithmIdentifier(rfc3280.AlgorithmIdentifier):
448    pass
449
450
451class ExtendedCertificate(univ.Sequence):
452    pass
453
454
455ExtendedCertificate.componentType = namedtype.NamedTypes(
456    namedtype.NamedType('extendedCertificateInfo', ExtendedCertificateInfo()),
457    namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
458    namedtype.NamedType('signature', Signature())
459)
460
461
462class OtherCertificateFormat(univ.Sequence):
463    pass
464
465
466OtherCertificateFormat.componentType = namedtype.NamedTypes(
467    namedtype.NamedType('otherCertFormat', univ.ObjectIdentifier()),
468    namedtype.NamedType('otherCert', univ.Any())
469)
470
471
472class AttributeCertificateV2(rfc3281.AttributeCertificate):
473    pass
474
475
476class AttCertVersionV1(univ.Integer):
477    pass
478
479
480AttCertVersionV1.namedValues = namedval.NamedValues(
481    ('v1', 0)
482)
483
484
485class AttributeCertificateInfoV1(univ.Sequence):
486    pass
487
488
489AttributeCertificateInfoV1.componentType = namedtype.NamedTypes(
490    namedtype.DefaultedNamedType('version', AttCertVersionV1().subtype(value="v1")),
491    namedtype.NamedType(
492        'subject', univ.Choice(
493            componentType=namedtype.NamedTypes(
494                namedtype.NamedType('baseCertificateID', rfc3281.IssuerSerial().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
495                namedtype.NamedType('subjectName', rfc3280.GeneralNames().subtype(explicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
496            )
497        )
498    ),
499    namedtype.NamedType('issuer', rfc3280.GeneralNames()),
500    namedtype.NamedType('signature', rfc3280.AlgorithmIdentifier()),
501    namedtype.NamedType('serialNumber', rfc3280.CertificateSerialNumber()),
502    namedtype.NamedType('attCertValidityPeriod', rfc3281.AttCertValidityPeriod()),
503    namedtype.NamedType('attributes', univ.SequenceOf(componentType=rfc3280.Attribute())),
504    namedtype.OptionalNamedType('issuerUniqueID', rfc3280.UniqueIdentifier()),
505    namedtype.OptionalNamedType('extensions', rfc3280.Extensions())
506)
507
508
509class AttributeCertificateV1(univ.Sequence):
510    pass
511
512
513AttributeCertificateV1.componentType = namedtype.NamedTypes(
514    namedtype.NamedType('acInfo', AttributeCertificateInfoV1()),
515    namedtype.NamedType('signatureAlgorithm', rfc3280.AlgorithmIdentifier()),
516    namedtype.NamedType('signature', univ.BitString())
517)
518
519
520class CertificateChoices(univ.Choice):
521    pass
522
523
524CertificateChoices.componentType = namedtype.NamedTypes(
525    namedtype.NamedType('certificate', rfc3280.Certificate()),
526    namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
527        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
528    namedtype.NamedType('v1AttrCert', AttributeCertificateV1().subtype(
529        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
530    namedtype.NamedType('v2AttrCert', AttributeCertificateV2().subtype(
531        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
532    namedtype.NamedType('other', OtherCertificateFormat().subtype(
533        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 3)))
534)
535
536
537class CertificateSet(univ.SetOf):
538    pass
539
540
541CertificateSet.componentType = CertificateChoices()
542
543
544class MessageAuthenticationCode(univ.OctetString):
545    pass
546
547
548class UnsignedAttributes(univ.SetOf):
549    pass
550
551
552UnsignedAttributes.componentType = Attribute()
553UnsignedAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
554
555
556class SignatureValue(univ.OctetString):
557    pass
558
559
560class SignerInfo(univ.Sequence):
561    pass
562
563
564SignerInfo.componentType = namedtype.NamedTypes(
565    namedtype.NamedType('version', CMSVersion()),
566    namedtype.NamedType('sid', SignerIdentifier()),
567    namedtype.NamedType('digestAlgorithm', DigestAlgorithmIdentifier()),
568    namedtype.OptionalNamedType('signedAttrs', SignedAttributes().subtype(
569        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
570    namedtype.NamedType('signatureAlgorithm', SignatureAlgorithmIdentifier()),
571    namedtype.NamedType('signature', SignatureValue()),
572    namedtype.OptionalNamedType('unsignedAttrs', UnsignedAttributes().subtype(
573        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
574)
575
576
577class SignerInfos(univ.SetOf):
578    pass
579
580
581SignerInfos.componentType = SignerInfo()
582
583
584class SignedData(univ.Sequence):
585    pass
586
587
588SignedData.componentType = namedtype.NamedTypes(
589    namedtype.NamedType('version', CMSVersion()),
590    namedtype.NamedType('digestAlgorithms', DigestAlgorithmIdentifiers()),
591    namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
592    namedtype.OptionalNamedType('certificates', CertificateSet().subtype(
593        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
594    namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
595        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
596    namedtype.NamedType('signerInfos', SignerInfos())
597)
598
599
600class MessageAuthenticationCodeAlgorithm(rfc3280.AlgorithmIdentifier):
601    pass
602
603
604class MessageDigest(univ.OctetString):
605    pass
606
607
608class Time(univ.Choice):
609    pass
610
611
612Time.componentType = namedtype.NamedTypes(
613    namedtype.NamedType('utcTime', useful.UTCTime()),
614    namedtype.NamedType('generalTime', useful.GeneralizedTime())
615)
616
617
618class OriginatorInfo(univ.Sequence):
619    pass
620
621
622OriginatorInfo.componentType = namedtype.NamedTypes(
623    namedtype.OptionalNamedType('certs', CertificateSet().subtype(
624        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))),
625    namedtype.OptionalNamedType('crls', RevocationInfoChoices().subtype(
626        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
627)
628
629
630class AuthAttributes(univ.SetOf):
631    pass
632
633
634AuthAttributes.componentType = Attribute()
635AuthAttributes.sizeSpec = constraint.ValueSizeConstraint(1, MAX)
636
637
638class AuthenticatedData(univ.Sequence):
639    pass
640
641
642AuthenticatedData.componentType = namedtype.NamedTypes(
643    namedtype.NamedType('version', CMSVersion()),
644    namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
645        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
646    namedtype.NamedType('recipientInfos', RecipientInfos()),
647    namedtype.NamedType('macAlgorithm', MessageAuthenticationCodeAlgorithm()),
648    namedtype.OptionalNamedType('digestAlgorithm', DigestAlgorithmIdentifier().subtype(
649        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))),
650    namedtype.NamedType('encapContentInfo', EncapsulatedContentInfo()),
651    namedtype.OptionalNamedType('authAttrs', AuthAttributes().subtype(
652        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))),
653    namedtype.NamedType('mac', MessageAuthenticationCode()),
654    namedtype.OptionalNamedType('unauthAttrs', UnauthAttributes().subtype(
655        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3)))
656)
657
658id_ct_contentInfo = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 6)
659
660id_envelopedData = _buildOid(1, 2, 840, 113549, 1, 7, 3)
661
662
663class EnvelopedData(univ.Sequence):
664    pass
665
666
667EnvelopedData.componentType = namedtype.NamedTypes(
668    namedtype.NamedType('version', CMSVersion()),
669    namedtype.OptionalNamedType('originatorInfo', OriginatorInfo().subtype(
670        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0))),
671    namedtype.NamedType('recipientInfos', RecipientInfos()),
672    namedtype.NamedType('encryptedContentInfo', EncryptedContentInfo()),
673    namedtype.OptionalNamedType('unprotectedAttrs', UnprotectedAttributes().subtype(
674        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1)))
675)
676
677
678class Countersignature(SignerInfo):
679    pass
680
681
682id_digestedData = _buildOid(1, 2, 840, 113549, 1, 7, 5)
683
684id_signingTime = _buildOid(1, 2, 840, 113549, 1, 9, 5)
685
686
687class ExtendedCertificateOrCertificate(univ.Choice):
688    pass
689
690
691ExtendedCertificateOrCertificate.componentType = namedtype.NamedTypes(
692    namedtype.NamedType('certificate', rfc3280.Certificate()),
693    namedtype.NamedType('extendedCertificate', ExtendedCertificate().subtype(
694        implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 0)))
695)
696
697id_encryptedData = _buildOid(1, 2, 840, 113549, 1, 7, 6)
698
699id_ct_authData = _buildOid(1, 2, 840, 113549, 1, 9, 16, 1, 2)
700
701
702class SigningTime(Time):
703    pass
704
705
706id_countersignature = _buildOid(1, 2, 840, 113549, 1, 9, 6)
707