Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 45e507f1349a0a7630408841b5470f36b2081925 / . / src / cryptography / x509 / oid.py
blob: 329eba9f2489f2f4b5b59c4b275e6719025e9701 [file] [log] [blame]
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
4
5from __future__ import absolute_import, division, print_function
6
7from cryptography import utils
8from cryptography.hazmat.primitives import hashes
9
10
11class ObjectIdentifier(object):
12 def __init__(self, dotted_string):
13 self._dotted_string = dotted_string
14
15 def __eq__(self, other):
16 if not isinstance(other, ObjectIdentifier):
17 return NotImplemented
18
Alex Gaynor7f57e9b2015-08-09 17:05:46 -0400[diff] [blame]19 return self.dotted_string == other.dotted_string
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]20
21 def __ne__(self, other):
22 return not self == other
23
24 def __repr__(self):
25 return "<ObjectIdentifier(oid={0}, name={1})>".format(
Alex Gaynor7f57e9b2015-08-09 17:05:46 -0400[diff] [blame]26 self.dotted_string,
Brendan McCollam1b3b3ce2015-08-25 10:55:44 -0500[diff] [blame]27 self._name
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]28 )
29
30 def __hash__(self):
31 return hash(self.dotted_string)
32
Brendan McCollam1b3b3ce2015-08-25 10:55:44 -0500[diff] [blame]33 @property
34 def _name(self):
35 return _OID_NAMES.get(self, "Unknown OID")
36
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]37 dotted_string = utils.read_only_property("_dotted_string")
38
39
Paul Kehrerc315c892015-08-09 21:16:02 -0500[diff] [blame]40class ExtensionOID(object):
41 SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
42 SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
43 KEY_USAGE = ObjectIdentifier("2.5.29.15")
44 SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
45 ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
46 BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
47 NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
48 CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
49 CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
50 POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
51 AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
52 POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
53 EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
54 FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
55 INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
56 AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
57 SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
58 OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
59
60
Paul Kehrer273e8f72015-08-09 23:38:11 -0500[diff] [blame]61class CRLExtensionOID(object):
62 CERTIFICATE_ISSUER = ObjectIdentifier("2.5.29.29")
63 CRL_REASON = ObjectIdentifier("2.5.29.21")
64 INVALIDITY_DATE = ObjectIdentifier("2.5.29.24")
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]65
Paul Kehrer7fef5342015-08-09 23:10:43 -0500[diff] [blame]66
67class NameOID(object):
68 COMMON_NAME = ObjectIdentifier("2.5.4.3")
69 COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
70 LOCALITY_NAME = ObjectIdentifier("2.5.4.7")
71 STATE_OR_PROVINCE_NAME = ObjectIdentifier("2.5.4.8")
72 ORGANIZATION_NAME = ObjectIdentifier("2.5.4.10")
73 ORGANIZATIONAL_UNIT_NAME = ObjectIdentifier("2.5.4.11")
74 SERIAL_NUMBER = ObjectIdentifier("2.5.4.5")
75 SURNAME = ObjectIdentifier("2.5.4.4")
76 GIVEN_NAME = ObjectIdentifier("2.5.4.42")
77 TITLE = ObjectIdentifier("2.5.4.12")
78 GENERATION_QUALIFIER = ObjectIdentifier("2.5.4.44")
79 DN_QUALIFIER = ObjectIdentifier("2.5.4.46")
80 PSEUDONYM = ObjectIdentifier("2.5.4.65")
81 DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
82 EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
Alex Gaynor1d3f2bf2015-12-19 12:15:09 -0500[diff] [blame]83 JURISDICTION_COUNTRY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.3")
Alex Gaynor45e507f2015-12-19 13:44:23 -0500[diff] [blame^]84 JURISDICTION_LOCALITY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.1")
85 JURISDICTION_STATE_OR_PROVINCE_NAME = ObjectIdentifier(
86 "1.3.6.1.4.1.311.60.2.1.2"
87 )
88
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]89
Paul Kehrer02f87332015-08-09 22:32:55 -0500[diff] [blame]90
91class SignatureAlgorithmOID(object):
92 RSA_WITH_MD5 = ObjectIdentifier("1.2.840.113549.1.1.4")
93 RSA_WITH_SHA1 = ObjectIdentifier("1.2.840.113549.1.1.5")
94 RSA_WITH_SHA224 = ObjectIdentifier("1.2.840.113549.1.1.14")
95 RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11")
96 RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12")
97 RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13")
98 ECDSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10045.4.1")
99 ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
100 ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
101 ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
102 ECDSA_WITH_SHA512 = ObjectIdentifier("1.2.840.10045.4.3.4")
103 DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
104 DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
105 DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]106
107_SIG_OIDS_TO_HASH = {
Paul Kehrer02f87332015-08-09 22:32:55 -0500[diff] [blame]108 SignatureAlgorithmOID.RSA_WITH_MD5.dotted_string: hashes.MD5(),
109 SignatureAlgorithmOID.RSA_WITH_SHA1.dotted_string: hashes.SHA1(),
110 SignatureAlgorithmOID.RSA_WITH_SHA224.dotted_string: hashes.SHA224(),
111 SignatureAlgorithmOID.RSA_WITH_SHA256.dotted_string: hashes.SHA256(),
112 SignatureAlgorithmOID.RSA_WITH_SHA384.dotted_string: hashes.SHA384(),
113 SignatureAlgorithmOID.RSA_WITH_SHA512.dotted_string: hashes.SHA512(),
114 SignatureAlgorithmOID.ECDSA_WITH_SHA1.dotted_string: hashes.SHA1(),
115 SignatureAlgorithmOID.ECDSA_WITH_SHA224.dotted_string: hashes.SHA224(),
116 SignatureAlgorithmOID.ECDSA_WITH_SHA256.dotted_string: hashes.SHA256(),
117 SignatureAlgorithmOID.ECDSA_WITH_SHA384.dotted_string: hashes.SHA384(),
118 SignatureAlgorithmOID.ECDSA_WITH_SHA512.dotted_string: hashes.SHA512(),
119 SignatureAlgorithmOID.DSA_WITH_SHA1.dotted_string: hashes.SHA1(),
120 SignatureAlgorithmOID.DSA_WITH_SHA224.dotted_string: hashes.SHA224(),
121 SignatureAlgorithmOID.DSA_WITH_SHA256.dotted_string: hashes.SHA256()
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]122}
123
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]124
Paul Kehrer273e8f72015-08-09 23:38:11 -0500[diff] [blame]125class ExtendedKeyUsageOID(object):
126 SERVER_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.1")
127 CLIENT_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.2")
128 CODE_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.3")
129 EMAIL_PROTECTION = ObjectIdentifier("1.3.6.1.5.5.7.3.4")
130 TIME_STAMPING = ObjectIdentifier("1.3.6.1.5.5.7.3.8")
131 OCSP_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.9")
Paul Kehrer64431d02015-08-09 13:55:59 -0500[diff] [blame]132
Paul Kehrer273e8f72015-08-09 23:38:11 -0500[diff] [blame]133
134class AuthorityInformationAccessOID(object):
135 CA_ISSUERS = ObjectIdentifier("1.3.6.1.5.5.7.48.2")
136 OCSP = ObjectIdentifier("1.3.6.1.5.5.7.48.1")
137
138
139class CertificatePoliciesOID(object):
140 CPS_QUALIFIER = ObjectIdentifier("1.3.6.1.5.5.7.2.1")
141 CPS_USER_NOTICE = ObjectIdentifier("1.3.6.1.5.5.7.2.2")
142 ANY_POLICY = ObjectIdentifier("2.5.29.32.0")
Alex Gaynor7f57e9b2015-08-09 17:05:46 -0400[diff] [blame]143
144_OID_NAMES = {
Paul Kehrer7fef5342015-08-09 23:10:43 -0500[diff] [blame]145 NameOID.COMMON_NAME: "commonName",
146 NameOID.COUNTRY_NAME: "countryName",
147 NameOID.LOCALITY_NAME: "localityName",
148 NameOID.STATE_OR_PROVINCE_NAME: "stateOrProvinceName",
149 NameOID.ORGANIZATION_NAME: "organizationName",
150 NameOID.ORGANIZATIONAL_UNIT_NAME: "organizationalUnitName",
151 NameOID.SERIAL_NUMBER: "serialNumber",
152 NameOID.SURNAME: "surname",
153 NameOID.GIVEN_NAME: "givenName",
154 NameOID.TITLE: "title",
155 NameOID.GENERATION_QUALIFIER: "generationQualifier",
156 NameOID.DN_QUALIFIER: "dnQualifier",
157 NameOID.PSEUDONYM: "pseudonym",
158 NameOID.DOMAIN_COMPONENT: "domainComponent",
159 NameOID.EMAIL_ADDRESS: "emailAddress",
Paul Kehrer02f87332015-08-09 22:32:55 -0500[diff] [blame]160 SignatureAlgorithmOID.RSA_WITH_MD5: "md5WithRSAEncryption",
161 SignatureAlgorithmOID.RSA_WITH_SHA1: "sha1WithRSAEncryption",
162 SignatureAlgorithmOID.RSA_WITH_SHA224: "sha224WithRSAEncryption",
163 SignatureAlgorithmOID.RSA_WITH_SHA256: "sha256WithRSAEncryption",
164 SignatureAlgorithmOID.RSA_WITH_SHA384: "sha384WithRSAEncryption",
165 SignatureAlgorithmOID.RSA_WITH_SHA512: "sha512WithRSAEncryption",
166 SignatureAlgorithmOID.ECDSA_WITH_SHA1: "ecdsa-with-SHA1",
167 SignatureAlgorithmOID.ECDSA_WITH_SHA224: "ecdsa-with-SHA224",
168 SignatureAlgorithmOID.ECDSA_WITH_SHA256: "ecdsa-with-SHA256",
169 SignatureAlgorithmOID.ECDSA_WITH_SHA384: "ecdsa-with-SHA384",
170 SignatureAlgorithmOID.ECDSA_WITH_SHA512: "ecdsa-with-SHA512",
171 SignatureAlgorithmOID.DSA_WITH_SHA1: "dsa-with-sha1",
172 SignatureAlgorithmOID.DSA_WITH_SHA224: "dsa-with-sha224",
173 SignatureAlgorithmOID.DSA_WITH_SHA256: "dsa-with-sha256",
Paul Kehrer273e8f72015-08-09 23:38:11 -0500[diff] [blame]174 ExtendedKeyUsageOID.SERVER_AUTH: "serverAuth",
175 ExtendedKeyUsageOID.CLIENT_AUTH: "clientAuth",
176 ExtendedKeyUsageOID.CODE_SIGNING: "codeSigning",
177 ExtendedKeyUsageOID.EMAIL_PROTECTION: "emailProtection",
178 ExtendedKeyUsageOID.TIME_STAMPING: "timeStamping",
179 ExtendedKeyUsageOID.OCSP_SIGNING: "OCSPSigning",
Paul Kehrerc315c892015-08-09 21:16:02 -0500[diff] [blame]180 ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
181 ExtensionOID.SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
182 ExtensionOID.KEY_USAGE: "keyUsage",
183 ExtensionOID.SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
184 ExtensionOID.ISSUER_ALTERNATIVE_NAME: "issuerAltName",
185 ExtensionOID.BASIC_CONSTRAINTS: "basicConstraints",
Paul Kehrer273e8f72015-08-09 23:38:11 -0500[diff] [blame]186 CRLExtensionOID.CRL_REASON: "cRLReason",
187 CRLExtensionOID.INVALIDITY_DATE: "invalidityDate",
188 CRLExtensionOID.CERTIFICATE_ISSUER: "certificateIssuer",
Paul Kehrerc315c892015-08-09 21:16:02 -0500[diff] [blame]189 ExtensionOID.NAME_CONSTRAINTS: "nameConstraints",
190 ExtensionOID.CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
191 ExtensionOID.CERTIFICATE_POLICIES: "certificatePolicies",
192 ExtensionOID.POLICY_MAPPINGS: "policyMappings",
193 ExtensionOID.AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
194 ExtensionOID.POLICY_CONSTRAINTS: "policyConstraints",
195 ExtensionOID.EXTENDED_KEY_USAGE: "extendedKeyUsage",
196 ExtensionOID.FRESHEST_CRL: "freshestCRL",
197 ExtensionOID.INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
198 ExtensionOID.AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
199 ExtensionOID.SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
200 ExtensionOID.OCSP_NO_CHECK: "OCSPNoCheck",
Paul Kehrer273e8f72015-08-09 23:38:11 -0500[diff] [blame]201 AuthorityInformationAccessOID.OCSP: "OCSP",
202 AuthorityInformationAccessOID.CA_ISSUERS: "caIssuers",
203 CertificatePoliciesOID.CPS_QUALIFIER: "id-qt-cps",
204 CertificatePoliciesOID.CPS_USER_NOTICE: "id-qt-unotice",
Alex Gaynor7f57e9b2015-08-09 17:05:46 -0400[diff] [blame]205}