From 41c3f201468aec28bc8271920416a47911e95866 Mon Sep 17 00:00:00 2001 From: LazyDeus Date: Thu, 2 Jan 2025 19:27:45 +0800 Subject: [PATCH 1/5] Add Public keys OIDs for GOST 2001-2012 --- asn1crypto/keys.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/asn1crypto/keys.py b/asn1crypto/keys.py index b4a87ae..c21499f 100644 --- a/asn1crypto/keys.py +++ b/asn1crypto/keys.py @@ -1033,6 +1033,9 @@ class PublicKeyAlgorithmId(ObjectIdentifier): '1.3.101.111': 'x448', '1.3.101.112': 'ed25519', '1.3.101.113': 'ed448', + '1.2.643.2.2.19': 'gost2001', + '1.2.643.7.1.1.1.1': 'gost2012_256', + '1.2.643.7.1.1.1.2': 'gost2012_512', } @@ -1085,6 +1088,9 @@ def _public_key_spec(self): 'x448': (OctetBitString, None), 'ed25519': (OctetBitString, None), 'ed448': (OctetBitString, None), + 'gost2001': (OctetBitString, None), + 'gost2012_256': (OctetBitString, None), + 'gost2012_512': (OctetBitString, None), }[algorithm] _spec_callbacks = { From 5e36a98a962e7f8d120f691c1db0256f585b4939 Mon Sep 17 00:00:00 2001 From: LazyDeus Date: Fri, 3 Jan 2025 00:00:22 +0800 Subject: [PATCH 2/5] Add HashAlgorithm OIDs for GOST 2001-2012 --- asn1crypto/algos.py | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/asn1crypto/algos.py b/asn1crypto/algos.py index ff05626..70fd034 100644 --- a/asn1crypto/algos.py +++ b/asn1crypto/algos.py @@ -285,6 +285,10 @@ class SignedDigestAlgorithmId(ObjectIdentifier): '0.4.0.127.0.7.1.1.4.1.9': 'sha3_256_ecdsa_plain', '0.4.0.127.0.7.1.1.4.1.10': 'sha3_384_ecdsa_plain', '0.4.0.127.0.7.1.1.4.1.11': 'sha3_512_ecdsa_plain', + # GOST + '1.2.643.2.2.3': 'gost2001', + '1.2.643.7.1.1.3.2': 'gost2012_256', + '1.2.643.7.1.1.3.3': 'gost2012_512', } _reverse_map = { @@ -333,6 +337,10 @@ class SignedDigestAlgorithmId(ObjectIdentifier): 'sha3_256_ecdsa_plain': '0.4.0.127.0.7.1.1.4.1.9', 'sha3_384_ecdsa_plain': '0.4.0.127.0.7.1.1.4.1.10', 'sha3_512_ecdsa_plain': '0.4.0.127.0.7.1.1.4.1.11', + # GOST + 'gost2001': '1.2.643.2.2.3', + 'gost2012_256': '1.2.643.7.1.1.3.2', + 'gost2012_512': '1.2.643.7.1.1.3.3', } @@ -386,6 +394,10 @@ class SignedDigestAlgorithm(_ForceNullParameters, Sequence): 'sha3_256_rsa': 'sha3_256', 'sha3_384_rsa': 'sha3_384', 'sha3_512_rsa': 'sha3_512', + # GOST + 'gost2001': 'ГОСТ Р 34.11-94/34.10-2001 256 бит', + 'gost2012_256': 'ГОСТ Р 34.11-2012/34.10-2012 256 бит', + 'gost2012_512': 'ГОСТ Р 34.11-2012/34.10-2012 512 бит', } @property @@ -443,6 +455,10 @@ def signature_algo(self): 'ecdsa': 'ecdsa', 'ed25519': 'ed25519', 'ed448': 'ed448', + # GOST + 'gost2001': 'ГОСТ Р 34.11-94/34.10-2001 256 бит', + 'gost2012_256': 'ГОСТ Р 34.11-2012/34.10-2012 256 бит', + 'gost2012_512': 'ГОСТ Р 34.11-2012/34.10-2012 512 бит', } if algorithm in algo_map: return algo_map[algorithm] From f86ad8ca7b4f4e117fd4d7bfd1f42c227d8abf05 Mon Sep 17 00:00:00 2001 From: LazyDeus Date: Fri, 3 Jan 2025 01:24:29 +0800 Subject: [PATCH 3/5] Add Nick for GOST OIDs --- asn1crypto/x509.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/asn1crypto/x509.py b/asn1crypto/x509.py index 38aa770..ffa2c21 100644 --- a/asn1crypto/x509.py +++ b/asn1crypto/x509.py @@ -543,6 +543,11 @@ class NameType(ObjectIdentifier): '0.9.2342.19200300.100.1.25': 'domain_component', # http://www.alvestrand.no/objectid/0.2.262.1.10.7.20.html '0.2.262.1.10.7.20': 'name_distinguisher', + # GOST + '1.2.643.100.1': 'ogrn', + '1.2.643.100.5': 'ogrnip', + '1.2.643.3.131.1.1': 'inn', + '1.2.643.100.3': 'snils', } # This order is largely based on observed order seen in EV certs from @@ -582,6 +587,10 @@ class NameType(ObjectIdentifier): 'platform_manufacturer', 'platform_model', 'platform_version', + 'ogrn', + 'ogrnip', + 'inn', + 'snils', ] @classmethod @@ -646,6 +655,11 @@ def human_friendly(self): 'platform_model': 'Platform Model', 'platform_version': 'Platform Version', 'user_id': 'User ID', + # GOST + 'ogrn': 'ОГРН', + 'ogrnip': 'ОГРНИП', + 'inn': 'ИНН', + 'snils': 'СНИЛС', }.get(self.native, self.native) @@ -693,6 +707,11 @@ class NameTypeAndValue(Sequence): 'platform_model': UTF8String, 'platform_version': UTF8String, 'user_id': DirectoryString, + # GOST + 'ogrn': NumericString, + 'ogrnip': NumericString, + 'inn': NumericString, + 'snils': NumericString, } _prepped = None From 7176ad34b35cf32883ad740db932a1d2c31480c1 Mon Sep 17 00:00:00 2001 From: LazyDeus Date: Fri, 3 Jan 2025 01:41:31 +0800 Subject: [PATCH 4/5] Rename GOST hash_algo names --- asn1crypto/algos.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/asn1crypto/algos.py b/asn1crypto/algos.py index 70fd034..f77f042 100644 --- a/asn1crypto/algos.py +++ b/asn1crypto/algos.py @@ -395,9 +395,9 @@ class SignedDigestAlgorithm(_ForceNullParameters, Sequence): 'sha3_384_rsa': 'sha3_384', 'sha3_512_rsa': 'sha3_512', # GOST - 'gost2001': 'ГОСТ Р 34.11-94/34.10-2001 256 бит', - 'gost2012_256': 'ГОСТ Р 34.11-2012/34.10-2012 256 бит', - 'gost2012_512': 'ГОСТ Р 34.11-2012/34.10-2012 512 бит', + 'gost2001': 'ГОСТ Р 34.11-94 256 бит', + 'gost2012_256': 'ГОСТ Р 34.11-2012 256 бит', + 'gost2012_512': 'ГОСТ Р 34.11-2012 512 бит', } @property From 12627bdd16c975e8a1c625a94e0adbf59ca05e38 Mon Sep 17 00:00:00 2001 From: LazyDeus Date: Fri, 3 Jan 2025 20:05:08 +0800 Subject: [PATCH 5/5] Add OID for innle nick --- asn1crypto/x509.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/asn1crypto/x509.py b/asn1crypto/x509.py index ffa2c21..99af152 100644 --- a/asn1crypto/x509.py +++ b/asn1crypto/x509.py @@ -545,9 +545,10 @@ class NameType(ObjectIdentifier): '0.2.262.1.10.7.20': 'name_distinguisher', # GOST '1.2.643.100.1': 'ogrn', + '1.2.643.100.3': 'snils', + '1.2.643.100.4': 'innle', '1.2.643.100.5': 'ogrnip', '1.2.643.3.131.1.1': 'inn', - '1.2.643.100.3': 'snils', } # This order is largely based on observed order seen in EV certs from @@ -590,6 +591,7 @@ class NameType(ObjectIdentifier): 'ogrn', 'ogrnip', 'inn', + 'innle', 'snils', ] @@ -659,6 +661,7 @@ def human_friendly(self): 'ogrn': 'ОГРН', 'ogrnip': 'ОГРНИП', 'inn': 'ИНН', + 'innle': 'ИНН ЮЛ', 'snils': 'СНИЛС', }.get(self.native, self.native) @@ -711,6 +714,7 @@ class NameTypeAndValue(Sequence): 'ogrn': NumericString, 'ogrnip': NumericString, 'inn': NumericString, + 'innle': NumericString, 'snils': NumericString, }