Skip to content

Commit

Permalink
Add support for RFC 3114, RFC 5755, RFC 5913, and RFC 5917 (#103)
Browse files Browse the repository at this point in the history 
Adds support for RFC 3114, RFC 5755, RFC 5913, and RFC 5917
  • Loading branch information
@russhousley @etingof
russhousley authored and etingof committed Nov 10, 2019
1 parent 745eed0 commit 5032fad
Show file tree
Hide file tree
Showing 10 changed files with 1,234 additions and 0 deletions.
5 changes: 5 additions & 0 deletions CHANGES.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,11 @@ Revision 0.2.8, released XX-XX-2019
- Update RFC8226 to use ComponentPresentConstraint() instead of the
previous work around
- Add RFC2631 providing OtherInfo for Diffie-Hellman Key Agreement
- Add RFC3114 providing test values for the S/MIME Security Label
- Add RFC5755 providing Attribute Certificate Profile for Authorization
- Add RFC5913 providing Clearance Attribute and Authority Clearance
Constraints Certificate Extension
- Add RFC5917 providing Clearance Sponsor Attribute

Revision 0.2.7, released 09-10-2019
-----------------------------------
Expand Down
77 changes: 77 additions & 0 deletions pyasn1_modules/rfc3114.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
#
# This file is part of pyasn1-modules software.
#
# Created by Russ Housley with assistance from asn1ate v.0.6.0.
#
# Copyright (c) 2019, Vigil Security, LLC
# License: http://snmplabs.com/pyasn1/license.html
#
# TEST Company Classification Policies
#
# ASN.1 source from:
# https://www.rfc-editor.org/rfc/rfc3114.txt
#

from pyasn1.type import char
from pyasn1.type import namedval
from pyasn1.type import univ

from pyasn1_modules import rfc5755


id_smime = univ.ObjectIdentifier((1, 2, 840, 113549, 1, 9, 16, ))

id_tsp = id_smime + (7, )

id_tsp_TEST_Amoco = id_tsp + (1, )

class Amoco_SecurityClassification(univ.Integer):
namedValues = namedval.NamedValues(
('amoco-general', 6),
('amoco-confidential', 7),
('amoco-highly-confidential', 8)
)


id_tsp_TEST_Caterpillar = id_tsp + (2, )

class Caterpillar_SecurityClassification(univ.Integer):
namedValues = namedval.NamedValues(
('caterpillar-public', 6),
('caterpillar-green', 7),
('caterpillar-yellow', 8),
('caterpillar-red', 9)
)


id_tsp_TEST_Whirlpool = id_tsp + (3, )

class Whirlpool_SecurityClassification(univ.Integer):
namedValues = namedval.NamedValues(
('whirlpool-public', 6),
('whirlpool-internal', 7),
('whirlpool-confidential', 8)
)


id_tsp_TEST_Whirlpool_Categories = id_tsp + (4, )

class SecurityCategoryValues(univ.SequenceOf):
componentType = char.UTF8String()

# Example SecurityCategoryValues: "LAW DEPARTMENT USE ONLY"
# Example SecurityCategoryValues: "HUMAN RESOURCES USE ONLY"


# Also, the privacy mark in the security label can contain a string,
# such as: "ATTORNEY-CLIENT PRIVILEGED INFORMATION"


# Map of security category type OIDs to security category added
# to the ones that are in rfc5755.py

_securityCategoryMapUpdate = {
id_tsp_TEST_Whirlpool_Categories: SecurityCategoryValues(),
}

rfc5755.securityCategoryMap.update(_securityCategoryMapUpdate)

0 comments on commit 5032fad

Please sign in to comment.