1# 2# This file is part of pyasn1-modules software. 3# 4# Created by Russ Housley. 5# 6# Copyright (c) 2019, Vigil Security, LLC 7# License: http://snmplabs.com/pyasn1/license.html 8# 9# NSA's CMS Key Management Attributes 10# 11# ASN.1 source from: 12# https://www.rfc-editor.org/rfc/rfc7906.txt 13# https://www.rfc-editor.org/errata/eid5850 14# 15 16from pyasn1.type import char 17from pyasn1.type import constraint 18from pyasn1.type import namedtype 19from pyasn1.type import namedval 20from pyasn1.type import tag 21from pyasn1.type import univ 22 23from pyasn1_modules import rfc2634 24from pyasn1_modules import rfc4108 25from pyasn1_modules import rfc5280 26from pyasn1_modules import rfc5652 27from pyasn1_modules import rfc6010 28from pyasn1_modules import rfc6019 29from pyasn1_modules import rfc7191 30 31MAX = float('inf') 32 33 34# Imports From RFC 2634 35 36id_aa_contentHint = rfc2634.id_aa_contentHint 37 38ContentHints = rfc2634.ContentHints 39 40id_aa_securityLabel = rfc2634.id_aa_securityLabel 41 42SecurityPolicyIdentifier = rfc2634.SecurityPolicyIdentifier 43 44SecurityClassification = rfc2634.SecurityClassification 45 46ESSPrivacyMark = rfc2634.ESSPrivacyMark 47 48SecurityCategories= rfc2634.SecurityCategories 49 50ESSSecurityLabel = rfc2634.ESSSecurityLabel 51 52 53# Imports From RFC 4108 54 55id_aa_communityIdentifiers = rfc4108.id_aa_communityIdentifiers 56 57CommunityIdentifier = rfc4108.CommunityIdentifier 58 59CommunityIdentifiers = rfc4108.CommunityIdentifiers 60 61 62# Imports From RFC 5280 63 64AlgorithmIdentifier = rfc5280.AlgorithmIdentifier 65 66Name = rfc5280.Name 67 68Certificate = rfc5280.Certificate 69 70GeneralNames = rfc5280.GeneralNames 71 72GeneralName = rfc5280.GeneralName 73 74 75SubjectInfoAccessSyntax = rfc5280.SubjectInfoAccessSyntax 76 77id_pkix = rfc5280.id_pkix 78 79id_pe = rfc5280.id_pe 80 81id_pe_subjectInfoAccess = rfc5280.id_pe_subjectInfoAccess 82 83 84# Imports From RFC 6010 85 86CMSContentConstraints = rfc6010.CMSContentConstraints 87 88 89# Imports From RFC 6019 90 91BinaryTime = rfc6019.BinaryTime 92 93id_aa_binarySigningTime = rfc6019.id_aa_binarySigningTime 94 95BinarySigningTime = rfc6019.BinarySigningTime 96 97 98# Imports From RFC 5652 99 100Attribute = rfc5652.Attribute 101 102CertificateSet = rfc5652.CertificateSet 103 104CertificateChoices = rfc5652.CertificateChoices 105 106id_contentType = rfc5652.id_contentType 107 108ContentType = rfc5652.ContentType 109 110id_messageDigest = rfc5652.id_messageDigest 111 112MessageDigest = rfc5652.MessageDigest 113 114 115# Imports From RFC 7191 116 117SIREntityName = rfc7191.SIREntityName 118 119id_aa_KP_keyPkgIdAndReceiptReq = rfc7191.id_aa_KP_keyPkgIdAndReceiptReq 120 121KeyPkgIdentifierAndReceiptReq = rfc7191.KeyPkgIdentifierAndReceiptReq 122 123 124# Key Province Attribute 125 126id_aa_KP_keyProvinceV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.71') 127 128 129class KeyProvinceV2(univ.ObjectIdentifier): 130 pass 131 132 133aa_keyProvince_v2 = Attribute() 134aa_keyProvince_v2['attrType'] = id_aa_KP_keyProvinceV2 135aa_keyProvince_v2['attrValues'][0] = KeyProvinceV2() 136 137 138# Manifest Attribute 139 140id_aa_KP_manifest = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.72') 141 142 143class ShortTitle(char.PrintableString): 144 pass 145 146 147class Manifest(univ.SequenceOf): 148 pass 149 150Manifest.componentType = ShortTitle() 151Manifest.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) 152 153 154aa_manifest = Attribute() 155aa_manifest['attrType'] = id_aa_KP_manifest 156aa_manifest['attrValues'][0] = Manifest() 157 158 159# Key Algorithm Attribute 160 161id_kma_keyAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.1') 162 163 164class KeyAlgorithm(univ.Sequence): 165 pass 166 167KeyAlgorithm.componentType = namedtype.NamedTypes( 168 namedtype.NamedType('keyAlg', univ.ObjectIdentifier()), 169 namedtype.OptionalNamedType('checkWordAlg', univ.ObjectIdentifier().subtype( 170 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 171 namedtype.OptionalNamedType('crcAlg', univ.ObjectIdentifier().subtype( 172 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))) 173) 174 175 176aa_keyAlgorithm = Attribute() 177aa_keyAlgorithm['attrType'] = id_kma_keyAlgorithm 178aa_keyAlgorithm['attrValues'][0] = KeyAlgorithm() 179 180 181# User Certificate Attribute 182 183id_at_userCertificate = univ.ObjectIdentifier('2.5.4.36') 184 185 186aa_userCertificate = Attribute() 187aa_userCertificate['attrType'] = id_at_userCertificate 188aa_userCertificate['attrValues'][0] = Certificate() 189 190 191# Key Package Receivers Attribute 192 193id_kma_keyPkgReceiversV2 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.16') 194 195 196class KeyPkgReceiver(univ.Choice): 197 pass 198 199KeyPkgReceiver.componentType = namedtype.NamedTypes( 200 namedtype.NamedType('sirEntity', SIREntityName().subtype( 201 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 202 namedtype.NamedType('community', CommunityIdentifier().subtype( 203 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))) 204) 205 206 207class KeyPkgReceiversV2(univ.SequenceOf): 208 pass 209 210KeyPkgReceiversV2.componentType = KeyPkgReceiver() 211KeyPkgReceiversV2.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) 212 213 214aa_keyPackageReceivers_v2 = Attribute() 215aa_keyPackageReceivers_v2['attrType'] = id_kma_keyPkgReceiversV2 216aa_keyPackageReceivers_v2['attrValues'][0] = KeyPkgReceiversV2() 217 218 219# TSEC Nomenclature Attribute 220 221id_kma_TSECNomenclature = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.3') 222 223 224class CharEdition(char.PrintableString): 225 pass 226 227 228class CharEditionRange(univ.Sequence): 229 pass 230 231CharEditionRange.componentType = namedtype.NamedTypes( 232 namedtype.NamedType('firstCharEdition', CharEdition()), 233 namedtype.NamedType('lastCharEdition', CharEdition()) 234) 235 236 237class NumEdition(univ.Integer): 238 pass 239 240NumEdition.subtypeSpec = constraint.ValueRangeConstraint(0, 308915776) 241 242 243class NumEditionRange(univ.Sequence): 244 pass 245 246NumEditionRange.componentType = namedtype.NamedTypes( 247 namedtype.NamedType('firstNumEdition', NumEdition()), 248 namedtype.NamedType('lastNumEdition', NumEdition()) 249) 250 251 252class EditionID(univ.Choice): 253 pass 254 255EditionID.componentType = namedtype.NamedTypes( 256 namedtype.NamedType('char', univ.Choice(componentType=namedtype.NamedTypes( 257 namedtype.NamedType('charEdition', CharEdition().subtype( 258 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 259 namedtype.NamedType('charEditionRange', CharEditionRange().subtype( 260 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 2))) 261 )) 262 ), 263 namedtype.NamedType('num', univ.Choice(componentType=namedtype.NamedTypes( 264 namedtype.NamedType('numEdition', NumEdition().subtype( 265 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))), 266 namedtype.NamedType('numEditionRange', NumEditionRange().subtype( 267 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 4))) 268 )) 269 ) 270) 271 272 273class Register(univ.Integer): 274 pass 275 276Register.subtypeSpec = constraint.ValueRangeConstraint(0, 2147483647) 277 278 279class RegisterRange(univ.Sequence): 280 pass 281 282RegisterRange.componentType = namedtype.NamedTypes( 283 namedtype.NamedType('firstRegister', Register()), 284 namedtype.NamedType('lastRegister', Register()) 285) 286 287 288class RegisterID(univ.Choice): 289 pass 290 291RegisterID.componentType = namedtype.NamedTypes( 292 namedtype.NamedType('register', Register().subtype( 293 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 5))), 294 namedtype.NamedType('registerRange', RegisterRange().subtype( 295 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 6))) 296) 297 298 299class SegmentNumber(univ.Integer): 300 pass 301 302SegmentNumber.subtypeSpec = constraint.ValueRangeConstraint(1, 127) 303 304 305class SegmentRange(univ.Sequence): 306 pass 307 308SegmentRange.componentType = namedtype.NamedTypes( 309 namedtype.NamedType('firstSegment', SegmentNumber()), 310 namedtype.NamedType('lastSegment', SegmentNumber()) 311) 312 313 314class SegmentID(univ.Choice): 315 pass 316 317SegmentID.componentType = namedtype.NamedTypes( 318 namedtype.NamedType('segmentNumber', SegmentNumber().subtype( 319 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 7))), 320 namedtype.NamedType('segmentRange', SegmentRange().subtype( 321 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatConstructed, 8))) 322) 323 324 325class TSECNomenclature(univ.Sequence): 326 pass 327 328TSECNomenclature.componentType = namedtype.NamedTypes( 329 namedtype.NamedType('shortTitle', ShortTitle()), 330 namedtype.OptionalNamedType('editionID', EditionID()), 331 namedtype.OptionalNamedType('registerID', RegisterID()), 332 namedtype.OptionalNamedType('segmentID', SegmentID()) 333) 334 335 336aa_tsecNomenclature = Attribute() 337aa_tsecNomenclature['attrType'] = id_kma_TSECNomenclature 338aa_tsecNomenclature['attrValues'][0] = TSECNomenclature() 339 340 341# Key Purpose Attribute 342 343id_kma_keyPurpose = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.13') 344 345 346class KeyPurpose(univ.Enumerated): 347 pass 348 349KeyPurpose.namedValues = namedval.NamedValues( 350 ('n-a', 0), 351 ('a', 65), 352 ('b', 66), 353 ('l', 76), 354 ('m', 77), 355 ('r', 82), 356 ('s', 83), 357 ('t', 84), 358 ('v', 86), 359 ('x', 88), 360 ('z', 90) 361) 362 363 364aa_keyPurpose = Attribute() 365aa_keyPurpose['attrType'] = id_kma_keyPurpose 366aa_keyPurpose['attrValues'][0] = KeyPurpose() 367 368 369# Key Use Attribute 370 371id_kma_keyUse = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.14') 372 373 374class KeyUse(univ.Enumerated): 375 pass 376 377KeyUse.namedValues = namedval.NamedValues( 378 ('n-a', 0), 379 ('ffk', 1), 380 ('kek', 2), 381 ('kpk', 3), 382 ('msk', 4), 383 ('qkek', 5), 384 ('tek', 6), 385 ('tsk', 7), 386 ('trkek', 8), 387 ('nfk', 9), 388 ('effk', 10), 389 ('ebfk', 11), 390 ('aek', 12), 391 ('wod', 13), 392 ('kesk', 246), 393 ('eik', 247), 394 ('ask', 248), 395 ('kmk', 249), 396 ('rsk', 250), 397 ('csk', 251), 398 ('sak', 252), 399 ('rgk', 253), 400 ('cek', 254), 401 ('exk', 255) 402) 403 404 405aa_keyUse = Attribute() 406aa_keyPurpose['attrType'] = id_kma_keyUse 407aa_keyPurpose['attrValues'][0] = KeyUse() 408 409 410# Transport Key Attribute 411 412id_kma_transportKey = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.15') 413 414 415class TransOp(univ.Enumerated): 416 pass 417 418TransOp.namedValues = namedval.NamedValues( 419 ('transport', 1), 420 ('operational', 2) 421) 422 423 424aa_transportKey = Attribute() 425aa_transportKey['attrType'] = id_kma_transportKey 426aa_transportKey['attrValues'][0] = TransOp() 427 428 429# Key Distribution Period Attribute 430 431id_kma_keyDistPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.5') 432 433 434class KeyDistPeriod(univ.Sequence): 435 pass 436 437KeyDistPeriod.componentType = namedtype.NamedTypes( 438 namedtype.OptionalNamedType('doNotDistBefore', BinaryTime().subtype( 439 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 440 namedtype.NamedType('doNotDistAfter', BinaryTime()) 441) 442 443 444aa_keyDistributionPeriod = Attribute() 445aa_keyDistributionPeriod['attrType'] = id_kma_keyDistPeriod 446aa_keyDistributionPeriod['attrValues'][0] = KeyDistPeriod() 447 448 449# Key Validity Period Attribute 450 451id_kma_keyValidityPeriod = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.6') 452 453 454class KeyValidityPeriod(univ.Sequence): 455 pass 456 457KeyValidityPeriod.componentType = namedtype.NamedTypes( 458 namedtype.NamedType('doNotUseBefore', BinaryTime()), 459 namedtype.OptionalNamedType('doNotUseAfter', BinaryTime()) 460) 461 462 463aa_keyValidityPeriod = Attribute() 464aa_keyValidityPeriod['attrType'] = id_kma_keyValidityPeriod 465aa_keyValidityPeriod['attrValues'][0] = KeyValidityPeriod() 466 467 468# Key Duration Attribute 469 470id_kma_keyDuration = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.7') 471 472 473ub_KeyDuration_months = univ.Integer(72) 474 475ub_KeyDuration_hours = univ.Integer(96) 476 477ub_KeyDuration_days = univ.Integer(732) 478 479ub_KeyDuration_weeks = univ.Integer(104) 480 481ub_KeyDuration_years = univ.Integer(100) 482 483 484class KeyDuration(univ.Choice): 485 pass 486 487KeyDuration.componentType = namedtype.NamedTypes( 488 namedtype.NamedType('hours', univ.Integer().subtype( 489 subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_hours)).subtype( 490 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 0))), 491 namedtype.NamedType('days', univ.Integer().subtype( 492 subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_days))), 493 namedtype.NamedType('weeks', univ.Integer().subtype( 494 subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_weeks)).subtype( 495 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 1))), 496 namedtype.NamedType('months', univ.Integer().subtype( 497 subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_months)).subtype( 498 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 2))), 499 namedtype.NamedType('years', univ.Integer().subtype( 500 subtypeSpec=constraint.ValueRangeConstraint(1, ub_KeyDuration_years)).subtype( 501 implicitTag=tag.Tag(tag.tagClassContext, tag.tagFormatSimple, 3))) 502) 503 504 505aa_keyDurationPeriod = Attribute() 506aa_keyDurationPeriod['attrType'] = id_kma_keyDuration 507aa_keyDurationPeriod['attrValues'][0] = KeyDuration() 508 509 510# Classification Attribute 511 512id_aa_KP_classification = univ.ObjectIdentifier(id_aa_securityLabel) 513 514 515id_enumeratedPermissiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.1') 516 517id_enumeratedRestrictiveAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.4') 518 519id_informativeAttributes = univ.ObjectIdentifier('2.16.840.1.101.2.1.8.3.3') 520 521 522class SecurityAttribute(univ.Integer): 523 pass 524 525SecurityAttribute.subtypeSpec = constraint.ValueRangeConstraint(0, MAX) 526 527 528class EnumeratedTag(univ.Sequence): 529 pass 530 531EnumeratedTag.componentType = namedtype.NamedTypes( 532 namedtype.NamedType('tagName', univ.ObjectIdentifier()), 533 namedtype.NamedType('attributeList', univ.SetOf(componentType=SecurityAttribute())) 534) 535 536 537class FreeFormField(univ.Choice): 538 pass 539 540FreeFormField.componentType = namedtype.NamedTypes( 541 namedtype.NamedType('bitSetAttributes', univ.BitString()), # Not permitted in RFC 7906 542 namedtype.NamedType('securityAttributes', univ.SetOf(componentType=SecurityAttribute())) 543) 544 545 546class InformativeTag(univ.Sequence): 547 pass 548 549InformativeTag.componentType = namedtype.NamedTypes( 550 namedtype.NamedType('tagName', univ.ObjectIdentifier()), 551 namedtype.NamedType('attributes', FreeFormField()) 552) 553 554 555class Classification(ESSSecurityLabel): 556 pass 557 558 559aa_classification = Attribute() 560aa_classification['attrType'] = id_aa_KP_classification 561aa_classification['attrValues'][0] = Classification() 562 563 564# Split Identifier Attribute 565 566id_kma_splitID = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.11') 567 568 569class SplitID(univ.Sequence): 570 pass 571 572SplitID.componentType = namedtype.NamedTypes( 573 namedtype.NamedType('half', univ.Enumerated( 574 namedValues=namedval.NamedValues(('a', 0), ('b', 1)))), 575 namedtype.OptionalNamedType('combineAlg', AlgorithmIdentifier()) 576) 577 578 579aa_splitIdentifier = Attribute() 580aa_splitIdentifier['attrType'] = id_kma_splitID 581aa_splitIdentifier['attrValues'][0] = SplitID() 582 583 584# Key Package Type Attribute 585 586id_kma_keyPkgType = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.12') 587 588 589class KeyPkgType(univ.ObjectIdentifier): 590 pass 591 592 593aa_keyPackageType = Attribute() 594aa_keyPackageType['attrType'] = id_kma_keyPkgType 595aa_keyPackageType['attrValues'][0] = KeyPkgType() 596 597 598# Signature Usage Attribute 599 600id_kma_sigUsageV3 = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.22') 601 602 603class SignatureUsage(CMSContentConstraints): 604 pass 605 606 607aa_signatureUsage_v3 = Attribute() 608aa_signatureUsage_v3['attrType'] = id_kma_sigUsageV3 609aa_signatureUsage_v3['attrValues'][0] = SignatureUsage() 610 611 612# Other Certificate Format Attribute 613 614id_kma_otherCertFormats = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.19') 615 616 617aa_otherCertificateFormats = Attribute() 618aa_signatureUsage_v3['attrType'] = id_kma_otherCertFormats 619aa_signatureUsage_v3['attrValues'][0] = CertificateChoices() 620 621 622# PKI Path Attribute 623 624id_at_pkiPath = univ.ObjectIdentifier('2.5.4.70') 625 626 627class PkiPath(univ.SequenceOf): 628 pass 629 630PkiPath.componentType = Certificate() 631PkiPath.subtypeSpec=constraint.ValueSizeConstraint(1, MAX) 632 633 634aa_pkiPath = Attribute() 635aa_pkiPath['attrType'] = id_at_pkiPath 636aa_pkiPath['attrValues'][0] = PkiPath() 637 638 639# Useful Certificates Attribute 640 641id_kma_usefulCerts = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.20') 642 643 644aa_usefulCertificates = Attribute() 645aa_usefulCertificates['attrType'] = id_kma_usefulCerts 646aa_usefulCertificates['attrValues'][0] = CertificateSet() 647 648 649# Key Wrap Attribute 650 651id_kma_keyWrapAlgorithm = univ.ObjectIdentifier('2.16.840.1.101.2.1.13.21') 652 653 654aa_keyWrapAlgorithm = Attribute() 655aa_keyWrapAlgorithm['attrType'] = id_kma_keyWrapAlgorithm 656aa_keyWrapAlgorithm['attrValues'][0] = AlgorithmIdentifier() 657 658 659# Content Decryption Key Identifier Attribute 660 661id_aa_KP_contentDecryptKeyID = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.66') 662 663 664class ContentDecryptKeyID(univ.OctetString): 665 pass 666 667 668aa_contentDecryptKeyIdentifier = Attribute() 669aa_contentDecryptKeyIdentifier['attrType'] = id_aa_KP_contentDecryptKeyID 670aa_contentDecryptKeyIdentifier['attrValues'][0] = ContentDecryptKeyID() 671 672 673# Certificate Pointers Attribute 674 675aa_certificatePointers = Attribute() 676aa_certificatePointers['attrType'] = id_pe_subjectInfoAccess 677aa_certificatePointers['attrValues'][0] = SubjectInfoAccessSyntax() 678 679 680# CRL Pointers Attribute 681 682id_aa_KP_crlPointers = univ.ObjectIdentifier('2.16.840.1.101.2.1.5.70') 683 684 685aa_cRLDistributionPoints = Attribute() 686aa_cRLDistributionPoints['attrType'] = id_aa_KP_crlPointers 687aa_cRLDistributionPoints['attrValues'][0] = GeneralNames() 688 689 690# Extended Error Codes 691 692id_errorCodes = univ.ObjectIdentifier('2.16.840.1.101.2.1.22') 693 694id_missingKeyType = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.1') 695 696id_privacyMarkTooLong = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.2') 697 698id_unrecognizedSecurityPolicy = univ.ObjectIdentifier('2.16.840.1.101.2.1.22.3') 699 700 701# Map of Attribute Type OIDs to Attributes added to the 702# ones that are in rfc5652.py 703 704_cmsAttributesMapUpdate = { 705 id_aa_contentHint: ContentHints(), 706 id_aa_communityIdentifiers: CommunityIdentifiers(), 707 id_aa_binarySigningTime: BinarySigningTime(), 708 id_contentType: ContentType(), 709 id_messageDigest: MessageDigest(), 710 id_aa_KP_keyPkgIdAndReceiptReq: KeyPkgIdentifierAndReceiptReq(), 711 id_aa_KP_keyProvinceV2: KeyProvinceV2(), 712 id_aa_KP_manifest: Manifest(), 713 id_kma_keyAlgorithm: KeyAlgorithm(), 714 id_at_userCertificate: Certificate(), 715 id_kma_keyPkgReceiversV2: KeyPkgReceiversV2(), 716 id_kma_TSECNomenclature: TSECNomenclature(), 717 id_kma_keyPurpose: KeyPurpose(), 718 id_kma_keyUse: KeyUse(), 719 id_kma_transportKey: TransOp(), 720 id_kma_keyDistPeriod: KeyDistPeriod(), 721 id_kma_keyValidityPeriod: KeyValidityPeriod(), 722 id_kma_keyDuration: KeyDuration(), 723 id_aa_KP_classification: Classification(), 724 id_kma_splitID: SplitID(), 725 id_kma_keyPkgType: KeyPkgType(), 726 id_kma_sigUsageV3: SignatureUsage(), 727 id_kma_otherCertFormats: CertificateChoices(), 728 id_at_pkiPath: PkiPath(), 729 id_kma_usefulCerts: CertificateSet(), 730 id_kma_keyWrapAlgorithm: AlgorithmIdentifier(), 731 id_aa_KP_contentDecryptKeyID: ContentDecryptKeyID(), 732 id_pe_subjectInfoAccess: SubjectInfoAccessSyntax(), 733 id_aa_KP_crlPointers: GeneralNames(), 734} 735 736rfc5652.cmsAttributesMap.update(_cmsAttributesMapUpdate) 737