1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
## This file is part of Scapy
## See http://www.secdev.org/projects/scapy for more informations
## Copyright (C) Philippe Biondi <phil@secdev.org>
## This program is published under a GPLv2 license
"""
X.509 certificates.
"""
from scapy.asn1packet import *
from scapy.asn1fields import *
##########
## X509 ##
##########
######[ ASN1 class ]######
class ASN1_Class_X509(ASN1_Class_UNIVERSAL):
name="X509"
CONT0 = 0xa0
CONT1 = 0xa1
CONT2 = 0xa2
CONT3 = 0xa3
class ASN1_X509_CONT0(ASN1_SEQUENCE):
tag = ASN1_Class_X509.CONT0
class ASN1_X509_CONT1(ASN1_SEQUENCE):
tag = ASN1_Class_X509.CONT1
class ASN1_X509_CONT2(ASN1_SEQUENCE):
tag = ASN1_Class_X509.CONT2
class ASN1_X509_CONT3(ASN1_SEQUENCE):
tag = ASN1_Class_X509.CONT3
######[ BER codecs ]#######
class BERcodec_X509_CONT0(BERcodec_SEQUENCE):
tag = ASN1_Class_X509.CONT0
class BERcodec_X509_CONT1(BERcodec_SEQUENCE):
tag = ASN1_Class_X509.CONT1
class BERcodec_X509_CONT2(BERcodec_SEQUENCE):
tag = ASN1_Class_X509.CONT2
class BERcodec_X509_CONT3(BERcodec_SEQUENCE):
tag = ASN1_Class_X509.CONT3
######[ ASN1 fields ]######
class ASN1F_X509_CONT0(ASN1F_SEQUENCE):
ASN1_tag = ASN1_Class_X509.CONT0
class ASN1F_X509_CONT1(ASN1F_SEQUENCE):
ASN1_tag = ASN1_Class_X509.CONT1
class ASN1F_X509_CONT2(ASN1F_SEQUENCE):
ASN1_tag = ASN1_Class_X509.CONT2
class ASN1F_X509_CONT3(ASN1F_SEQUENCE):
ASN1_tag = ASN1_Class_X509.CONT3
######[ X509 packets ]######
class X509RDN(ASN1_Packet):
ASN1_codec = ASN1_Codecs.BER
ASN1_root = ASN1F_SET(
ASN1F_SEQUENCE( ASN1F_OID("oid","2.5.4.6"),
ASN1F_PRINTABLE_STRING("value","")
)
)
class X509v3Ext(ASN1_Packet):
ASN1_codec = ASN1_Codecs.BER
ASN1_root = ASN1F_field("val",ASN1_NULL(0))
class X509Cert(ASN1_Packet):
ASN1_codec = ASN1_Codecs.BER
ASN1_root = ASN1F_SEQUENCE(
ASN1F_SEQUENCE(
ASN1F_optionnal(ASN1F_X509_CONT0(ASN1F_INTEGER("version",3))),
ASN1F_INTEGER("sn",1),
ASN1F_SEQUENCE(ASN1F_OID("sign_algo","1.2.840.113549.1.1.5"),
ASN1F_field("sa_value",ASN1_NULL(0))),
ASN1F_SEQUENCE_OF("issuer",[],X509RDN),
ASN1F_SEQUENCE(ASN1F_UTC_TIME("not_before",ZuluTime(-600)), # ten minutes ago
ASN1F_UTC_TIME("not_after",ZuluTime(+86400))), # for 24h
ASN1F_SEQUENCE_OF("subject",[],X509RDN),
ASN1F_SEQUENCE(
ASN1F_SEQUENCE(ASN1F_OID("pubkey_algo","1.2.840.113549.1.1.1"),
ASN1F_field("pk_value",ASN1_NULL(0))),
ASN1F_BIT_STRING("pubkey","")
),
ASN1F_optionnal(ASN1F_X509_CONT3(ASN1F_SEQUENCE_OF("x509v3ext",[],X509v3Ext))),
),
ASN1F_SEQUENCE(ASN1F_OID("sign_algo2","1.2.840.113549.1.1.5"),
ASN1F_field("sa2_value",ASN1_NULL(0))),
ASN1F_BIT_STRING("signature","")
)
|