From 2dd3d405f61155f9030a40466c0a95acb19be8d8 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Fri, 10 Aug 2007 18:24:40 +0000
Subject: Checkpoint

svn path=/pow/POW-0.7/lib/pkix.py; revision=857
---
 pow/POW-0.7/lib/pkix.py | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

(limited to 'pow/POW-0.7/lib/pkix.py')

diff --git a/pow/POW-0.7/lib/pkix.py b/pow/POW-0.7/lib/pkix.py
index eb2b513d..86d49f2c 100755
--- a/pow/POW-0.7/lib/pkix.py
+++ b/pow/POW-0.7/lib/pkix.py
@@ -1114,25 +1114,27 @@ class CertificateList(Sequence):
 #---------- CRL ----------#
 #---------- PKCS10 ----------#
 
-# My ASN.1 foo isn't quite up to X.501 or PKCS #10, so this is partly
-# based on a dump of what OpenSSL generates.  Seems to work, but I
-# could be wrong.  I'm fairly certain that I don't really understand
-# the X.501 Attribute definition.
+# My ASN.1-foo (and perhaps this ASN.1 implementation) isn't quite up
+# to X.501 or PKCS #10, so this is partly based on a dump of what
+# OpenSSL generates, and doesn't handle attributes other than X.509v3
+# extensions.
 
 class PKCS10AttributeSet(SetOf):
    def __init__(self, optional=0, default=''):
       SetOf.__init__(self, Extensions, optional, default)
 
-class PKCS10Attribute(Sequence):
+class PKCS10AttributeChoice(Choice):
    def __init__(self, optional=0, default=''):
-      self.oid = Oid()
-      self.value = PKCS10AttributeSet()
-      contents = [ self.oid, self.value ]
-      Sequence.__init__(self, contents, optional, default)
+      choices = { 'single' : Extensions(),
+                  'set'    : PKCS10AttributeSet() }
+      Choice.__init__(self, choices, optional, default)
 
-class PKCS10Attributes(SetOf):
+class PKCS10Attributes(Sequence):
    def __init__(self, optional=0, default=''):
-      SetOf.__init__(self, PKCS10Attribute, optional, default)
+      self.oid = Oid()
+      self.val = PKCS10AttributeChoice()
+      contents = [ self.oid, self.val ]
+      Sequence.__init__(self, contents, optional, default)
 
 class CertificationRequestInfo(Sequence):
    def __init__(self, optional=0, default=''):
@@ -1140,8 +1142,8 @@ class CertificationRequestInfo(Sequence):
       self.subject = Name()
       self.subjectPublicKeyInfo = SubjectPublicKeyInfo()
       self.attributes = PKCS10Attributes()
-      self.attributes.implied( CLASS_CONTEXT, FORM_CONSTRUCTED, 0 )
-      contents = [ self.version, self.subject, self.subjectPublicKeyInfo, self.attributes ]
+      self.explicitAttributes = Explicit(CLASS_CONTEXT, FORM_CONSTRUCTED, 0, self.attributes)
+      contents = [ self.version, self.subject, self.subjectPublicKeyInfo, self.explicitAttributes ]
       Sequence.__init__(self, contents, optional, default)
 
 class CertificationRequest(Sequence):
-- 
cgit v1.2.3