1# coding: utf-8
2
3"""
4ASN.1 type classes for certificate signing requests (CSR). Exports the
5following items:
6
7 - CertificatationRequest()
8
9Other type classes are defined that help compose the types listed above.
10"""
11
12from __future__ import unicode_literals, division, absolute_import, print_function
13
14from .algos import SignedDigestAlgorithm
15from .core import (
16    Any,
17    Integer,
18    ObjectIdentifier,
19    OctetBitString,
20    Sequence,
21    SetOf,
22)
23from .keys import PublicKeyInfo
24from .x509 import DirectoryString, Extensions, Name
25
26
27# The structures in this file are taken from https://tools.ietf.org/html/rfc2986
28# and https://tools.ietf.org/html/rfc2985
29
30
31class Version(Integer):
32    _map = {
33        0: 'v1',
34    }
35
36
37class CSRAttributeType(ObjectIdentifier):
38    _map = {
39        '1.2.840.113549.1.9.7': 'challenge_password',
40        '1.2.840.113549.1.9.9': 'extended_certificate_attributes',
41        '1.2.840.113549.1.9.14': 'extension_request',
42    }
43
44
45class SetOfDirectoryString(SetOf):
46    _child_spec = DirectoryString
47
48
49class Attribute(Sequence):
50    _fields = [
51        ('type', ObjectIdentifier),
52        ('values', SetOf, {'spec': Any}),
53    ]
54
55
56class SetOfAttributes(SetOf):
57    _child_spec = Attribute
58
59
60class SetOfExtensions(SetOf):
61    _child_spec = Extensions
62
63
64class CRIAttribute(Sequence):
65    _fields = [
66        ('type', CSRAttributeType),
67        ('values', Any),
68    ]
69
70    _oid_pair = ('type', 'values')
71    _oid_specs = {
72        'challenge_password': SetOfDirectoryString,
73        'extended_certificate_attributes': SetOfAttributes,
74        'extension_request': SetOfExtensions,
75    }
76
77
78class CRIAttributes(SetOf):
79    _child_spec = CRIAttribute
80
81
82class CertificationRequestInfo(Sequence):
83    _fields = [
84        ('version', Version),
85        ('subject', Name),
86        ('subject_pk_info', PublicKeyInfo),
87        ('attributes', CRIAttributes, {'implicit': 0, 'optional': True}),
88    ]
89
90
91class CertificationRequest(Sequence):
92    _fields = [
93        ('certification_request_info', CertificationRequestInfo),
94        ('signature_algorithm', SignedDigestAlgorithm),
95        ('signature', OctetBitString),
96    ]
97