request.message_responder.cmp¶

CMP-specific message responder classes.

Attributes¶

`CMP_MESSAGE_VERSION`
`SENDER_NONCE_LENGTH`

Classes¶

`CmpMessageResponder`	Builds response to CMP requests.
`CmpInitializationResponder`	Respond to a CMP initialization request (IR) with the issued certificate (IP).
`CmpCertificationResponder`	Respond to a CMP certification request (CR) with the issued certificate (CP).
`CmpErrorMessageResponder`	Respond to a CMP message with an error.

Module Contents¶

request.message_responder.cmp.CMP_MESSAGE_VERSION = 2[source]¶

request.message_responder.cmp.SENDER_NONCE_LENGTH = 16[source]¶

class request.message_responder.cmp.CmpMessageResponder[source]¶

Bases: request.message_responder.base.AbstractMessageResponder

Builds response to CMP requests.

static build_response(context)[source]¶

Respond to a CMP message.

Parameters:: context (request.request_context.BaseRequestContext)
Return type:: None

static _get_encoded_protected_part(cmp_message)[source]¶

Encode the protected part of the CMP message.

Parameters:: cmp_message (pyasn1_modules.rfc4210.PKIMessage)
Return type:: bytes

static _build_response_message_header(serialized_pyasn1_message, sender_kid, issuer_cert)[source]¶

Builds the PKI response message header for the IP and CP response messages.

Parameters:

serialized_pyasn1_message (pyasn1_modules.rfc4210.PKIMessage)
sender_kid (pyasn1_modules.rfc2459.KeyIdentifier)
issuer_cert (cryptography.x509.Certificate)

Return type:

pyasn1_modules.rfc4210.PKIHeader

static _add_protection_shared_secret(pki_message, context)[source]¶

Adds HMAC-based shared-secret protection to the base PKI message.

Parameters:

pki_message (pyasn1_modules.rfc4210.PKIMessage)
context (request.request_context.CmpBaseRequestContext)

Return type:

pyasn1_modules.rfc4210.PKIMessage

static _sign_pki_message(pki_message, context)[source]¶

Applies signature-based protection to the base PKI message.

Parameters:

pki_message (pyasn1_modules.rfc4210.PKIMessage)
context (request.request_context.CmpBaseRequestContext)

Return type:

pyasn1_modules.rfc4210.PKIMessage

class request.message_responder.cmp.CmpInitializationResponder[source]¶

Bases: CmpMessageResponder

Respond to a CMP initialization request (IR) with the issued certificate (IP).

static _build_base_ip_message(parsed_message, issued_cert, issuer_credential, sender_kid, signer_credential=None)[source]¶

Builds the IP response message (without the protection).

Parameters:

parsed_message (pyasn1_modules.rfc4210.PKIMessage)
issued_cert (cryptography.x509.Certificate)
issuer_credential (pki.models.CredentialModel)
sender_kid (pyasn1_modules.rfc2459.KeyIdentifier)
signer_credential (pki.models.CredentialModel | None)

Return type:

pyasn1_modules.rfc4210.PKIMessage

static build_response(context)[source]¶

Respond to a CMP initialization message with the issued certificate.

Parameters:: context (request.request_context.BaseRequestContext)
Return type:: None

class request.message_responder.cmp.CmpCertificationResponder[source]¶

Bases: CmpMessageResponder

Respond to a CMP certification request (CR) with the issued certificate (CP).

static _build_base_cp_message(parsed_message, issued_cert, issuer_credential, sender_kid)[source]¶

Builds the CR response message (without the protection).

Parameters:

parsed_message (pyasn1_modules.rfc4210.PKIMessage)
issued_cert (cryptography.x509.Certificate)
issuer_credential (pki.models.CredentialModel)
sender_kid (pyasn1_modules.rfc2459.KeyIdentifier)

Return type:

pyasn1_modules.rfc4210.PKIMessage

static build_response(context)[source]¶

Respond to a CMP certification message with the issued certificate.

Parameters:: context (request.request_context.BaseRequestContext)
Return type:: None

class request.message_responder.cmp.CmpErrorMessageResponder[source]¶

Bases: CmpMessageResponder

Respond to a CMP message with an error.

static build_response(context)[source]¶

Respond to a CMP message with an error.

Parameters:: context (request.request_context.BaseRequestContext)
Return type:: None