B `@sddlZddlZddlZddlZddlZddlmZddlmZddl m Z m Z m Z m Z ddlmZddlmZmZddlmZddlmZdd lmZdd lmZmZmZdd lmZdd lm Z m!Z!m"Z"m#Z#ee$d ddZ%ddZ&Gddde'Z(Gddde'Z)Gdddej*dZ+Gddde,Z-Gddde+Z.Gddde+Z/Gdd d e+Z0Gd!d"d"e+Z1Gd#d$d$e+Z2Gd%d&d&e,Z3Gd'd(d(e+Z4Gd)d*d*e+Z5Gd+d,d,e+Z6Gd-d.d.e+Z7Gd/d0d0e,Z8Gd1d2d2eZ9Gd3d4d4e+Z:Gd5d6d6e+Z;Gd7d8d8e,ZGd=d>d>e+Z?Gd?d@d@e+Z@GdAdBdBe+ZAGdCdDdDe+ZBGdEdFdFeZCdGdHeCDZDGdIdJdJe+ZEGdKdLdLe+ZFGdMdNdNe+ZGGdOdPdPe,ZHGdQdRdRe,ZIGdSdTdTe+ZJGdUdVdVe+ZKGdWdXdXe+ZLGdYdZdZe+ZMGd[d\d\e+ZNGd]d^d^e+ZOGd_d`d`e+ZPGdadbdbe+ZQGdcdddde+ZRGdedfdfe+ZSdS)gN)Enum)utils) BIT_STRING DERReaderOBJECT_IDENTIFIERSEQUENCE)_PUBLIC_KEY_TYPES) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)SignedCertificateTimestamp) GeneralName IPAddress OtherName)RelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifier) public_keyreturnc Cst|tr |tjjtjj}nt|tr@|tjj tjj }n|tjjtjj }t |}| t}|t}|t}WdQRX| |t|s|WdQRX|dkrtd|j}t|S)NrzInvalid public key encoding) isinstancer Z public_bytesr EncodingZDERZ PublicFormatZPKCS1r ZX962ZUncompressedPointZSubjectPublicKeyInforZread_single_elementrZ read_elementrrZis_emptyZread_any_elementZ read_byte ValueErrordatahashlibsha1digest)rrZ serializedreaderZpublic_key_info algorithmZpublic_key_datar!K/home/dcms/DCMS/lib/python3.7/site-packages/cryptography/x509/extensions.py_key_identifier_from_public_key%s.         r#cs.fdd}fdd}fdd}|||fS)Ncstt|S)N)lengetattr)self) field_namer!r" len_methodNsz*_make_sequence_methods..len_methodcstt|S)N)iterr%)r&)r'r!r" iter_methodQsz+_make_sequence_methods..iter_methodcst||S)N)r%)r&idx)r'r!r"getitem_methodTsz._make_sequence_methods..getitem_methodr!)r'r(r*r,r!)r'r"_make_sequence_methodsMs   r-cs$eZdZeedfdd ZZS)DuplicateExtension)msgoidcstt||||_dS)N)superr.__init__r0)r&r/r0) __class__r!r"r2[szDuplicateExtension.__init__)__name__ __module__ __qualname__strrr2 __classcell__r!r!)r3r"r.Zsr.cs$eZdZeedfdd ZZS)ExtensionNotFound)r/r0cstt||||_dS)N)r1r9r2r0)r&r/r0)r3r!r"r2aszExtensionNotFound.__init__)r4r5r6r7rr2r8r!r!)r3r"r9`sr9c@s eZdZejedddZdS) ExtensionType)rcCsdS)zK Returns the oid associated with the given extension type. Nr!)r&r!r!r"r0gszExtensionType.oidN)r4r5r6abcabstractpropertyrr0r!r!r!r"r:fsr:) metaclassc@sTeZdZejddddZeddddZddd d Ze d \Z Z Z d d Z dS) Extensions Extension) extensionscCs ||_dS)N) _extensions)r&r@r!r!r"r2oszExtensions.__init__)r0rcCs0x|D]}|j|kr|SqWtd||dS)NzNo {} extension was found)r0r9format)r&r0extr!r!r"get_extension_for_oidrs  z Extensions.get_extension_for_oid)rcCsD|tkrtdx|D]}t|j|r|SqWtd||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.zNo {} extension was found)UnrecognizedExtension TypeErrorrvaluer9rBr0)r&ZextclassrCr!r!r"get_extension_for_classys  z"Extensions.get_extension_for_classrAcCs d|jS)Nz)rBrA)r&r!r!r"__repr__szExtensions.__repr__N)r4r5r6typingListr2rrDrHr-__len____iter__ __getitem__rIr!r!r!r"r>ns r>c@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S) CRLNumber) crl_numbercCst|tstd||_dS)Nzcrl_number must be an integer)rintrF _crl_number)r&rPr!r!r"r2s zCRLNumber.__init__cCst|tstS|j|jkS)N)rrONotImplementedrP)r&otherr!r!r"__eq__s zCRLNumber.__eq__cCs ||k S)Nr!)r&rTr!r!r"__ne__szCRLNumber.__ne__cCs t|jS)N)hashrP)r&r!r!r"__hash__szCRLNumber.__hash__cCs d|jS)Nz)rBrP)r&r!r!r"rIszCRLNumber.__repr__rRN)r4r5r6rZ CRL_NUMBERr0rQr2rUrVrXrIrread_only_propertyrPr!r!r!r"rOsrOc@seZdZejZejeejej e eje dddZ e eddddZe dddd d Zd d Zd dZddZddZedZedZedZdS)AuthorityKeyIdentifier)key_identifierauthority_cert_issuerauthority_cert_serial_numbercCsr|dk|dkkrtd|dk rBt|}tdd|DsBtd|dk r\t|ts\td||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdS)N)rr).0xr!r!r" sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) rlistallrFrrQ_key_identifier_authority_cert_issuer_authority_cert_serial_number)r&r[r\r]r!r!r"r2s   zAuthorityKeyIdentifier.__init__)rrcCst|}||dddS)N)r[r\r])r#)clsrrr!r!r"from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keySubjectKeyIdentifier)skircCs||jdddS)N)r[r\r])r)rfrir!r!r""from_issuer_subject_key_identifiersz9AuthorityKeyIdentifier.from_issuer_subject_key_identifiercCs d|S)Nz)rB)r&r!r!r"rIszAuthorityKeyIdentifier.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkS)N)rrZrSr[r\r])r&rTr!r!r"rUs    zAuthorityKeyIdentifier.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszAuthorityKeyIdentifier.__ne__cCs,|jdkrd}n t|j}t|j||jfS)N)r\tuplerWr[r])r&Zacir!r!r"rXs   zAuthorityKeyIdentifier.__hash__rcrdreN)r4r5r6rZAUTHORITY_KEY_IDENTIFIERr0rJOptionalbytesIterablerrQr2 classmethodrrgrjrIrUrVrXrrYr[r\r]r!r!r!r"rZs$   rZc@s^eZdZejZedddZee ddddZ e dZ dd Zd d Zd d ZddZdS)rh)rcCs ||_dS)N)_digest)r&rr!r!r"r2 szSubjectKeyIdentifier.__init__)rrcCs |t|S)N)r#)rfrr!r!r"from_public_keysz$SubjectKeyIdentifier.from_public_keyrpcCs d|jS)Nz$)rBr)r&r!r!r"rIszSubjectKeyIdentifier.__repr__cCst|tstSt|j|jS)N)rrhrSr Zbytes_eqr)r&rTr!r!r"rUs zSubjectKeyIdentifier.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV szSubjectKeyIdentifier.__ne__cCs t|jS)N)rWr)r&r!r!r"rX#szSubjectKeyIdentifier.__hash__N)r4r5r6rZSUBJECT_KEY_IDENTIFIERr0rmr2rorrqrrYrrIrUrVrXr!r!r!r"rh s rhc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)AuthorityInformationAccessAccessDescription) descriptionscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rrs)r^r_r!r!r"r`,sz6AuthorityInformationAccess.__init__..z@Every item in the descriptions list must be an AccessDescription)rarbrF _descriptions)r&rtr!r!r"r2*s z#AuthorityInformationAccess.__init__rucCs d|jS)Nz )rBru)r&r!r!r"rI6sz#AuthorityInformationAccess.__repr__cCst|tstS|j|jkS)N)rrrrSru)r&rTr!r!r"rU9s z!AuthorityInformationAccess.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV?sz!AuthorityInformationAccess.__ne__cCstt|jS)N)rWrkru)r&r!r!r"rXBsz#AuthorityInformationAccess.__hash__N)r4r5r6rZAUTHORITY_INFORMATION_ACCESSr0rJrnr2r-rLrMrNrIrUrVrXr!r!r!r"rr's rrc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)SubjectInformationAccessrs)rtcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rrs)r^r_r!r!r"r`Ksz4SubjectInformationAccess.__init__..z@Every item in the descriptions list must be an AccessDescription)rarbrFru)r&rtr!r!r"r2Is z!SubjectInformationAccess.__init__rucCs d|jS)Nz)rBru)r&r!r!r"rIUsz!SubjectInformationAccess.__repr__cCst|tstS|j|jkS)N)rrvrSru)r&rTr!r!r"rUXs zSubjectInformationAccess.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV^szSubjectInformationAccess.__ne__cCstt|jS)N)rWrkru)r&r!r!r"rXasz!SubjectInformationAccess.__hash__N)r4r5r6rZSUBJECT_INFORMATION_ACCESSr0rJrnr2r-rLrMrNrIrUrVrXr!r!r!r"rvFs rvc@sPeZdZeedddZddZddZdd Zd d Z e d Z e d Z dS)rs) access_methodaccess_locationcCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)rrrFr_access_method_access_location)r&rwrxr!r!r"r2fs   zAccessDescription.__init__cCs d|S)NzY)rB)r&r!r!r"rIrszAccessDescription.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrsrSrwrx)r&rTr!r!r"rUxs  zAccessDescription.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszAccessDescription.__ne__cCst|j|jfS)N)rWrwrx)r&r!r!r"rXszAccessDescription.__hash__ryrzN)r4r5r6rrr2rIrUrVrXrrYrwrxr!r!r!r"rses   rsc@s\eZdZejZeeje dddZ e dZ e dZddZdd Zd d Zd d ZdS)BasicConstraints)ca path_lengthcCsXt|tstd|dk r&|s&td|dk rHt|tr@|dkrHtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)rboolrFrrQ_ca _path_length)r&r|r}r!r!r"r2s  zBasicConstraints.__init__rrcCs d|S)Nz:)rB)r&r!r!r"rIszBasicConstraints.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rr{rSr|r})r&rTr!r!r"rUs zBasicConstraints.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszBasicConstraints.__ne__cCst|j|jfS)N)rWr|r})r&r!r!r"rXszBasicConstraints.__hash__N)r4r5r6rZBASIC_CONSTRAINTSr0r~rJrlrQr2rrYr|r}rIrUrVrXr!r!r!r"r{s  r{c@sJeZdZejZedddZe dZ ddZ ddZ d d Z d d Zd S)DeltaCRLIndicator)rPcCst|tstd||_dS)Nzcrl_number must be an integer)rrQrFrR)r&rPr!r!r"r2s zDeltaCRLIndicator.__init__rRcCst|tstS|j|jkS)N)rrrSrP)r&rTr!r!r"rUs zDeltaCRLIndicator.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszDeltaCRLIndicator.__ne__cCs t|jS)N)rWrP)r&r!r!r"rXszDeltaCRLIndicator.__hash__cCs d|S)Nz.)rB)r&r!r!r"rIszDeltaCRLIndicator.__repr__N)r4r5r6rZDELTA_CRL_INDICATORr0rQr2rrYrPrUrVrXrIr!r!r!r"rs rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)CRLDistributionPointsDistributionPoint)distribution_pointscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`sz1CRLDistributionPoints.__init__..z?distribution_points must be a list of DistributionPoint objects)rarbrF_distribution_points)r&rr!r!r"r2s zCRLDistributionPoints.__init__rcCs d|jS)Nz)rBr)r&r!r!r"rIszCRLDistributionPoints.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zCRLDistributionPoints.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszCRLDistributionPoints.__ne__cCstt|jS)N)rWrkr)r&r!r!r"rXszCRLDistributionPoints.__hash__N)r4r5r6rZCRL_DISTRIBUTION_POINTSr0rJrnr2r-rLrMrNrIrUrVrXr!r!r!r"rs  rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS) FreshestCRLr)rcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`sz'FreshestCRL.__init__..z?distribution_points must be a list of DistributionPoint objects)rarbrFr)r&rr!r!r"r2s zFreshestCRL.__init__rcCs d|jS)Nz)rBr)r&r!r!r"rI szFreshestCRL.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rU s zFreshestCRL.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszFreshestCRL.__ne__cCstt|jS)N)rWrkr)r&r!r!r"rXszFreshestCRL.__hash__N)r4r5r6rZ FRESHEST_CRLr0rJrnr2r-rLrMrNrIrUrVrXr!r!r!r"rs  rc@seZdZejejeejeejejdejejedddZ ddZ ddZ d d Z d d Z ed ZedZedZedZdS)r ReasonFlags) full_name relative_namereasons crl_issuercCs|r|rtd|r6t|}tdd|Ds6td|rLt|tsLtd|rrt|}tdd|Dsrtd|rt|trtdd|Dstd |rtj|kstj |krtd |r|s|s|std ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdS)N)rr)r^r_r!r!r"r`)sz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdS)N)rr)r^r_r!r!r"r`6sz2crl_issuer must be None or a list of general namescss|]}t|tVqdS)N)rr)r^r_r!r!r"r`=sz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)rrarbrFrr frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r&rrrrr!r!r"r2sB    zDistributionPoint.__init__cCs d|S)Nz})rB)r&r!r!r"rIUszDistributionPoint.__repr__cCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkS)N)rrrSrrrr)r&rTr!r!r"rU\s     zDistributionPoint.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVgszDistributionPoint.__ne__cCsH|jdk rt|j}nd}|jdk r0t|j}nd}t||j|j|fS)N)rrkrrWrr)r&fnrr!r!r"rXjs    zDistributionPoint.__hash__rrrrN)r4r5r6rJrlrnrr FrozenSetr2rIrUrVrXrrYrrrrr!r!r!r"rs6    rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rrZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) r4r5r6rZkey_compromiseZ ca_compromiseZaffiliation_changedrZcessation_of_operationZcertificate_holdZprivilege_withdrawnZ aa_compromiserr!r!r!r"r}src@sbeZdZejZejeejedddZ ddZ ddZ dd Z d d Z ed Zed ZdS)PolicyConstraints)require_explicit_policyinhibit_policy_mappingcCs\|dk rt|tstd|dk r4t|ts4td|dkrL|dkrLtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)rrQrFr_require_explicit_policy_inhibit_policy_mapping)r&rrr!r!r"r2s  zPolicyConstraints.__init__cCs d|S)Nz{)rB)r&r!r!r"rIszPolicyConstraints.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrSrr)r&rTr!r!r"rUs  zPolicyConstraints.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszPolicyConstraints.__ne__cCst|j|jfS)N)rWrr)r&r!r!r"rXszPolicyConstraints.__hash__rrN)r4r5r6rZPOLICY_CONSTRAINTSr0rJrlrQr2rIrUrVrXrrYrrr!r!r!r"rs rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)CertificatePoliciesPolicyInformation)policiescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`sz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rarbrF _policies)r&rr!r!r"r2s zCertificatePolicies.__init__rcCs d|jS)Nz)rBr)r&r!r!r"rIszCertificatePolicies.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zCertificatePolicies.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszCertificatePolicies.__ne__cCstt|jS)N)rWrkr)r&r!r!r"rXszCertificatePolicies.__hash__N)r4r5r6rZCERTIFICATE_POLICIESr0rJrnr2r-rLrMrNrIrUrVrXr!r!r!r"rs rc@sfeZdZeejejejedfdddZ ddZ ddZ d d Z d d Z ed ZedZdS)r UserNotice)policy_identifierpolicy_qualifierscCsHt|tstd||_|r>t|}tdd|Ds>td||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|ttfVqdS)N)rr7r)r^r_r!r!r"r`sz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)rrrF_policy_identifierrarb_policy_qualifiers)r&rrr!r!r"r2s zPolicyInformation.__init__cCs d|S)Nze)rB)r&r!r!r"rIszPolicyInformation.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrSrr)r&rTr!r!r"rUs  zPolicyInformation.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszPolicyInformation.__ne__cCs(|jdk rt|j}nd}t|j|fS)N)rrkrWr)r&Zpqr!r!r"rXs  zPolicyInformation.__hash__rrN)r4r5r6rrJrlrnUnionr7r2rIrUrVrXrrYrrr!r!r!r"rs   rc@s\eZdZejdejedddZddZddZd d Z d d Z e d Z e dZdS)rNoticeReference)notice_reference explicit_textcCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)rrrF_notice_reference_explicit_text)r&rrr!r!r"r2!s zUserNotice.__init__cCs d|S)NzV)rB)r&r!r!r"rI0szUserNotice.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrSrr)r&rTr!r!r"rU6s  zUserNotice.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV?szUserNotice.__ne__cCst|j|jfS)N)rWrr)r&r!r!r"rXBszUserNotice.__hash__rrN)r4r5r6rJrlr7r2rIrUrVrXrrYrrr!r!r!r"r s   rc@s\eZdZejeejedddZddZ ddZ dd Z d d Z e d Ze d ZdS)r) organizationnotice_numberscCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdS)N)rrQ)r^r_r!r!r"r`Qsz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrarbrF_notice_numbers)r&rrr!r!r"r2Js zNoticeReference.__init__cCs d|S)NzU)rB)r&r!r!r"rIVszNoticeReference.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrSrr)r&rTr!r!r"rU\s  zNoticeReference.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVeszNoticeReference.__ne__cCst|jt|jfS)N)rWrrkr)r&r!r!r"rXhszNoticeReference.__hash__rrN)r4r5r6rJrlr7rnrQr2rIrUrVrXrrYrrr!r!r!r"rIs   rc@sTeZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd S)ExtendedKeyUsage)usagescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`tsz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rarbrF_usages)r&rr!r!r"r2rs zExtendedKeyUsage.__init__rcCs d|jS)Nz)rBr)r&r!r!r"rI}szExtendedKeyUsage.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zExtendedKeyUsage.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszExtendedKeyUsage.__ne__cCstt|jS)N)rWrkr)r&r!r!r"rXszExtendedKeyUsage.__hash__N)r4r5r6rZEXTENDED_KEY_USAGEr0rJrnrr2r-rLrMrNrIrUrVrXr!r!r!r"ros rc@s2eZdZejZddZddZddZddZ d S) OCSPNoCheckcCst|tstSdS)NT)rrrS)r&rTr!r!r"rUs zOCSPNoCheck.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszOCSPNoCheck.__ne__cCsttS)N)rWr)r&r!r!r"rXszOCSPNoCheck.__hash__cCsdS)Nzr!)r&r!r!r"rIszOCSPNoCheck.__repr__N) r4r5r6rZ OCSP_NO_CHECKr0rUrVrXrIr!r!r!r"rs rc@s2eZdZejZddZddZddZddZ d S) PrecertPoisoncCst|tstSdS)NT)rrrS)r&rTr!r!r"rUs zPrecertPoison.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszPrecertPoison.__ne__cCsttS)N)rWr)r&r!r!r"rXszPrecertPoison.__hash__cCsdS)Nzr!)r&r!r!r"rIszPrecertPoison.__repr__N) r4r5r6rZPRECERT_POISONr0rUrVrXrIr!r!r!r"rs rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS) TLSFeatureTLSFeatureType)featurescCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`sz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rarbr$rF _features)r&rr!r!r"r2s  zTLSFeature.__init__rcCs d|S)Nz$)rB)r&r!r!r"rIszTLSFeature.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zTLSFeature.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszTLSFeature.__ne__cCstt|jS)N)rWrkr)r&r!r!r"rXszTLSFeature.__hash__N)r4r5r6rZ TLS_FEATUREr0rJrnr2r-rLrMrNrIrUrVrXr!r!r!r"rs rc@seZdZdZdZdS)rN)r4r5r6Zstatus_requestZstatus_request_v2r!r!r!r"rsrcCsi|] }||jqSr!)rG)r^r_r!r!r" src@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S)InhibitAnyPolicy) skip_certscCs,t|tstd|dkr"td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)rrQrFr _skip_certs)r&rr!r!r"r2s  zInhibitAnyPolicy.__init__cCs d|S)Nz-)rB)r&r!r!r"rIszInhibitAnyPolicy.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zInhibitAnyPolicy.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszInhibitAnyPolicy.__ne__cCs t|jS)N)rWr)r&r!r!r"rXszInhibitAnyPolicy.__hash__rN)r4r5r6rZINHIBIT_ANY_POLICYr0rQr2rIrUrVrXrrYrr!r!r!r"rs rc @seZdZejZeeeeeeeeed ddZe dZ e dZ e dZ e dZ e dZe d Ze d Zed d Zed dZddZddZddZddZdS)KeyUsage) digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyc CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r&rrrrrrrrrr!r!r"r2s zKeyUsage.__init__rrrrrrrcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrr)r&r!r!r"r(szKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrr)r&r!r!r"r1szKeyUsage.decipher_onlycCs<y|j}|j}Wntk r,d}d}YnXd|||S)NFa-)rrrrB)r&rrr!r!r"rI:s  zKeyUsage.__repr__cCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kS)N) rrrSrrrrrrrrr)r&rTr!r!r"rUOs         zKeyUsage.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV_szKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f S)N) rWrrrrrrrrr)r&r!r!r"rXbszKeyUsage.__hash__N)r4r5r6rZ KEY_USAGEr0r~r2rrYrrrrrrrpropertyrrrIrUrVrXr!r!r!r"rs.        rc@sveZdZejZejeje ejeje dddZ ddZ ddZ dd Z d d Zd d ZedZedZdS)NameConstraints)permitted_subtreesexcluded_subtreescCs|dk r4t|}tdd|Ds*td|||dk rht|}tdd|Ds^td|||dkr|dkrtd||_||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`|sz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|tVqdS)N)rr)r^r_r!r!r"r`sz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rarbrF_validate_ip_namer_permitted_subtrees_excluded_subtrees)r&rrr!r!r"r2us"  zNameConstraints.__init__cCs&t|tstS|j|jko$|j|jkS)N)rrrSrr)r&rTr!r!r"rUs  zNameConstraints.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszNameConstraints.__ne__cCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdS)N)rrrG ipaddress IPv4Network IPv6Network)r^namer!r!r"r`sz4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyrF)r&treer!r!r"rs  z!NameConstraints._validate_ip_namecCs d|S)Nze)rB)r&r!r!r"rIszNameConstraints.__repr__cCs@|jdk rt|j}nd}|jdk r0t|j}nd}t||fS)N)rrkrrW)r&Zpsesr!r!r"rXs    zNameConstraints.__hash__rrN)r4r5r6rZNAME_CONSTRAINTSr0rJrlrnrr2rUrVrrIrXrrYrrr!r!r!r"rrs   rc@s\eZdZeeedddZedZ edZ edZ ddZ d d Z d d Zd dZdS)r?)r0criticalrGcCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)rrrFr~_oid _critical_value)r&r0rrGr!r!r"r2s  zExtension.__init__rrrcCs d|S)Nz@)rB)r&r!r!r"rIszExtension.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkS)N)rr?rSr0rrG)r&rTr!r!r"rUs    zExtension.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszExtension.__ne__cCst|j|j|jfS)N)rWr0rrG)r&r!r!r"rXszExtension.__hash__N)r4r5r6rr~r:r2rrYr0rrGrIrUrVrXr!r!r!r"r?s    r?c@sbeZdZejedddZed\ZZ Z ej edddZ dd Z d d Zd d ZddZdS) GeneralNames) general_namescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`sz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rarbrF_general_names)r&rr!r!r"r2s zGeneralNames.__init__r)typecs0fdd|D}tkr(dd|D}t|S)Nc3s|]}t|r|VqdS)N)r)r^i)rr!r"r`sz3GeneralNames.get_values_for_type..css|] }|jVqdS)N)rG)r^rr!r!r"r`s)rra)r&robjsr!)rr"get_values_for_typesz GeneralNames.get_values_for_typecCs d|jS)Nz)rBr)r&r!r!r"rIszGeneralNames.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rU s zGeneralNames.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszGeneralNames.__ne__cCstt|jS)N)rWrkr)r&r!r!r"rXszGeneralNames.__hash__N)r4r5r6rJrnrr2r-rLrMrNTyperrIrUrVrXr!r!r!r"rs  rc@s\eZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)SubjectAlternativeName)rcCst||_dS)N)rr)r&rr!r!r"r2szSubjectAlternativeName.__init__rcCs |j|S)N)rr)r&rr!r!r"r sz*SubjectAlternativeName.get_values_for_typecCs d|jS)Nz)rBr)r&r!r!r"rI#szSubjectAlternativeName.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rU&s zSubjectAlternativeName.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV,szSubjectAlternativeName.__ne__cCs t|jS)N)rWr)r&r!r!r"rX/szSubjectAlternativeName.__hash__N)r4r5r6rZSUBJECT_ALTERNATIVE_NAMEr0rJrnrr2r-rLrMrNrrIrUrVrXr!r!r!r"rsrc@s\eZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)IssuerAlternativeName)rcCst||_dS)N)rr)r&rr!r!r"r26szIssuerAlternativeName.__init__rcCs |j|S)N)rr)r&rr!r!r"r;sz)IssuerAlternativeName.get_values_for_typecCs d|jS)Nz)rBr)r&r!r!r"rI>szIssuerAlternativeName.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUAs zIssuerAlternativeName.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVGszIssuerAlternativeName.__ne__cCs t|jS)N)rWr)r&r!r!r"rXJszIssuerAlternativeName.__hash__N)r4r5r6rZISSUER_ALTERNATIVE_NAMEr0rJrnrr2r-rLrMrNrrIrUrVrXr!r!r!r"r3src@s\eZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)CertificateIssuer)rcCst||_dS)N)rr)r&rr!r!r"r2QszCertificateIssuer.__init__rcCs |j|S)N)rr)r&rr!r!r"rVsz%CertificateIssuer.get_values_for_typecCs d|jS)Nz)rBr)r&r!r!r"rIYszCertificateIssuer.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rU\s zCertificateIssuer.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVbszCertificateIssuer.__ne__cCs t|jS)N)rWr)r&r!r!r"rXeszCertificateIssuer.__hash__N)r4r5r6rZCERTIFICATE_ISSUERr0rJrnrr2r-rLrMrNrrIrUrVrXr!r!r!r"rNsrc@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S) CRLReason)reasoncCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)rrrF_reason)r&rr!r!r"r2ls zCRLReason.__init__cCs d|jS)Nz)rBr)r&r!r!r"rIrszCRLReason.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUus zCRLReason.__eq__cCs ||k S)Nr!)r&rTr!r!r"rV{szCRLReason.__ne__cCs t|jS)N)rWr)r&r!r!r"rX~szCRLReason.__hash__rN)r4r5r6rZ CRL_REASONr0rr2rIrUrVrXrrYrr!r!r!r"risrc@sLeZdZejZejdddZddZddZ dd Z d d Z e d Zd S)InvalidityDate)invalidity_datecCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)rdatetimerF_invalidity_date)r&rr!r!r"r2s zInvalidityDate.__init__cCs d|jS)Nz$)rBr)r&r!r!r"rIszInvalidityDate.__repr__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zInvalidityDate.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszInvalidityDate.__ne__cCs t|jS)N)rWr)r&r!r!r"rXszInvalidityDate.__hash__rN)r4r5r6rZINVALIDITY_DATEr0rr2rIrUrVrXrrYrr!r!r!r"rsrc@sTeZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd S))PrecertificateSignedCertificateTimestamps)signed_certificate_timestampscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr )r^sctr!r!r"r`szEPrecertificateSignedCertificateTimestamps.__init__..zYEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamp)rarbrF_signed_certificate_timestamps)r&rr!r!r"r2s z2PrecertificateSignedCertificateTimestamps.__init__rcCsdt|S)Nz/)rBra)r&r!r!r"rIsz2PrecertificateSignedCertificateTimestamps.__repr__cCstt|jS)N)rWrkr)r&r!r!r"rXsz2PrecertificateSignedCertificateTimestamps.__hash__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs z0PrecertificateSignedCertificateTimestamps.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVsz0PrecertificateSignedCertificateTimestamps.__ne__N)r4r5r6rZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr0rJrnr r2r-rLrMrNrIrXrUrVr!r!r!r"rs  rc@sTeZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd S)SignedCertificateTimestamps)rcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr )r^rr!r!r"r`sz7SignedCertificateTimestamps.__init__..zYEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamp)rarbrFr)r&rr!r!r"r2s z$SignedCertificateTimestamps.__init__rcCsdt|S)Nz!)rBra)r&r!r!r"rIsz$SignedCertificateTimestamps.__repr__cCstt|jS)N)rWrkr)r&r!r!r"rXsz$SignedCertificateTimestamps.__hash__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs z"SignedCertificateTimestamps.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVsz"SignedCertificateTimestamps.__ne__N)r4r5r6rZSIGNED_CERTIFICATE_TIMESTAMPSr0rJrnr r2r-rLrMrNrIrXrUrVr!r!r!r"rs  rc@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S) OCSPNonce)noncecCst|tstd||_dS)Nznonce must be bytes)rrmrF_nonce)r&rr!r!r"r2s zOCSPNonce.__init__cCst|tstS|j|jkS)N)rrrSr)r&rTr!r!r"rUs zOCSPNonce.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszOCSPNonce.__ne__cCs t|jS)N)rWr)r&r!r!r"rX szOCSPNonce.__hash__cCs d|S)Nz)rB)r&r!r!r"rIszOCSPNonce.__repr__rN)r4r5r6rZNONCEr0rmr2rUrVrXrIrrYrr!r!r!r"rsrc@seZdZejZddZddZddZddZ d d Z e d Z e d Ze d Ze dZe dZe dZe dZdS)IssuingDistributionPointc Cs|r(t|tr tdd|Ds(td|rHtj|ks@tj|krHtdt|trpt|trpt|trpt|tsxtd||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_ ||_||_||_||_dS) Ncss|]}t|tVqdS)N)rr)r^r_r!r!r"r`#sz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSr!r!)r^r_r!r!r" Esz5IssuingDistributionPoint.__init__..zOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rrrbrFrrrrr~r$r_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r&rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsZcrl_constraintsr!r!r"r2sP        z!IssuingDistributionPoint.__init__cCs d|S)NaG)rB)r&r!r!r"rIgsz!IssuingDistributionPoint.__repr__cCsbt|tstS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j |j kS)N) rrrSrrrrrrr)r&rTr!r!r"rUss       zIssuingDistributionPoint.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jfS)N)rWrrrrrrr)r&r!r!r"rXsz!IssuingDistributionPoint.__hash__rrrrrrrN)r4r5r6rZISSUING_DISTRIBUTION_POINTr0r2rIrUrVrXrrYrrrrrrrr!r!r!r"rs P     rc@sPeZdZeedddZedZedZ ddZ dd Z d d Z d d Z dS)rE)r0rGcCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)rrrFrr)r&r0rGr!r!r"r2s zUnrecognizedExtension.__init__rrcCs d|S)Nz7)rB)r&r!r!r"rIszUnrecognizedExtension.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrErSr0rG)r&rTr!r!r"rUs zUnrecognizedExtension.__eq__cCs ||k S)Nr!)r&rTr!r!r"rVszUnrecognizedExtension.__ne__cCst|j|jfS)N)rWr0rG)r&r!r!r"rXszUnrecognizedExtension.__hash__N)r4r5r6rrmr2rrYr0rGrIrUrVrXr!r!r!r"rEs  rE)Tr;rrrrJenumrZ cryptographyrZcryptography.hazmat._derrrrrZcryptography.hazmat._typesrZcryptography.hazmat.primitivesr r Z,cryptography.hazmat.primitives.asymmetric.ecr Z-cryptography.hazmat.primitives.asymmetric.rsar Z*cryptography.x509.certificate_transparencyr Zcryptography.x509.general_namerrrZcryptography.x509.namerZcryptography.x509.oidrrrrrmr#r- Exceptionr.r9ABCMetar:objectr>rOrZrhrrrvrsr{rrrrrrrrrrrrrrrZ_TLS_FEATURE_TYPE_TO_ENUMrrrr?rrrrrrrrrrrEr!r!r!r"sx       ( !_&)%%d @7)&" qU+&-+