o ge@sddlZddlZddlZddlZddlZddlmZddlmZm Z m Z m Z ddl m Z ddlmZmZddlmZddlmZddlmZdd lmZmZmZdd lmZdd lmZmZm Z m!Z!d e d e"fddZ#ddZ$Gddde%Z&Gddde%Z'Gdddej(dZ)Gddde*Z+Gddde)Z,Gddde)Z-Gdd d e)Z.Gd!d"d"e)Z/Gd#d$d$e)Z0Gd%d&d&e*Z1Gd'd(d(e)Z2Gd)d*d*e)Z3Gd+d,d,e)Z4Gd-d.d.e)Z5Gd/d0d0e*Z6Gd1d2d2ej7Z8Gd3d4d4e)Z9Gd5d6d6e)Z:Gd7d8d8e*Z;Gd9d:d:e*Zd>e)Z>Gd?d@d@e)Z?GdAdBdBe)Z@GdCdDdDe)ZAGdEdFdFej7ZBdGdHeBDZCGdIdJdJe)ZDGdKdLdLe)ZEGdMdNdNe)ZFGdOdPdPe*ZGGdQdRdRe*ZHGdSdTdTe)ZIGdUdVdVe)ZJGdWdXdXe)ZKGdYdZdZe)ZLGd[d\d\e)ZMGd]d^d^e)ZNGd_d`d`e)ZOGdadbdbe)ZPGdcdddde)ZQGdedfdfe)ZRdS)gN)utils) BIT_STRING DERReaderOBJECT_IDENTIFIERSEQUENCE)_PUBLIC_KEY_TYPES) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)SignedCertificateTimestamp) GeneralName IPAddress OtherName)RelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifier public_keyreturncCst|tr|tjjtjj}nit|tr |tjj tjj }nY|tjjtjj }t |}| t}|t}|t}Wdn1sHwY||t|s]|Wdn1sgwY|dkrvtd|j}t|S)NrzInvalid public key encoding) isinstancer public_bytesr EncodingDER PublicFormatPKCS1r X962UncompressedPointSubjectPublicKeyInforread_single_elementr read_elementrris_emptyread_any_element read_byte ValueErrordatahashlibsha1digest)rr& serializedreaderpublic_key_info algorithmpublic_key_datar/>/usr/lib/python3/dist-packages/cryptography/x509/extensions.py_key_identifier_from_public_key$s:       r1cs.fdd}fdd}fdd}|||fS)Nctt|SN)lengetattrself field_namer/r0 len_methodMz*_make_sequence_methods..len_methodcr2r3)iterr5r6r8r/r0 iter_methodPr;z+_make_sequence_methods..iter_methodcst||Sr3)r5)r7idxr8r/r0getitem_methodSr;z._make_sequence_methods..getitem_methodr/)r9r:r=r?r/r8r0_make_sequence_methodsLs    r@c&eZdZdedeffdd ZZS)DuplicateExtensionmsgoidctt||||_dSr3)superrB__init__rDr7rCrD __class__r/r0rGZ zDuplicateExtension.__init____name__ __module__ __qualname__strrrG __classcell__r/r/rIr0rBYrBcrA)ExtensionNotFoundrCrDcrEr3)rFrSrGrDrHrIr/r0rG`rKzExtensionNotFound.__init__rLr/r/rIr0rS_rRrSc@s eZdZejdefddZdS) ExtensionTypercCdS)zK Returns the oid associated with the given extension type. Nr/r6r/r/r0rDfszExtensionType.oidN)rMrNrOabcabstractpropertyrrDr/r/r/r0rTesrT) metaclassc@sReZdZdejdfddZdeddfddZdd d Ze d \Z Z Z d d Z dS) Extensions extensions ExtensioncC ||_dSr3) _extensions)r7rZr/r/r0rGn zExtensions.__init__rDrcCs,|D] }|j|kr |Sqtd||)NNo {} extension was found)rDrSformat)r7rDextr/r/r0get_extension_for_oidqs  z Extensions.get_extension_for_oidcCs@|turtd|D] }t|j|r|Sq td||j)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.r_)UnrecognizedExtension TypeErrorrvaluerSr`rD)r7extclassrar/r/r0get_extension_for_classxs  z"Extensions.get_extension_for_classr]cC d|jS)Nz)r`r]r6r/r/r0__repr__ zExtensions.__repr__N)rr[)rMrNrOtypingListrGrrbrgr@__len____iter__ __getitem__rir/r/r/r0rYms   rYc@JeZdZejZdefddZddZddZ dd Z d d Z e d Zd S) CRLNumber crl_numbercCt|ts td||_dSNzcrl_number must be an integerrintrd _crl_numberr7rrr/r/r0rG  zCRLNumber.__init__cCt|tstS|j|jkSr3)rrqNotImplementedrrr7otherr/r/r0__eq__  zCRLNumber.__eq__cC ||k Sr3r/r|r/r/r0__ne__r^zCRLNumber.__ne__cC t|jSr3hashrrr6r/r/r0__hash__r^zCRLNumber.__hash__cCrh)Nz)r`rrr6r/r/r0rirjzCRLNumber.__repr__rwN)rMrNrOr CRL_NUMBERrDrvrGr~rrrirread_only_propertyrrr/r/r/r0rqrqc@seZdZejZdejedejej e deje fddZ e deddfdd Ze  dd d ZddZddZddZddZedZedZedZdS)AuthorityKeyIdentifierkey_identifierauthority_cert_issuerauthority_cert_serial_numbercCsr|du|dukr td|dur!t|}tdd|Ds!td|dur.t|ts.td||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecs|]}t|tVqdSr3rr .0xr/r/r0   z2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) r%listallrdrrv_key_identifier_authority_cert_issuer_authority_cert_serial_number)r7rrrr/r/r0rGs*  zAuthorityKeyIdentifier.__init__rrcCst|}||dddSN)rrrr1)clsrr)r/r/r0from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keyskiSubjectKeyIdentifiercCs||jdddSr)r))rrr/r/r0"from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifiercC d|S)Nzr`r6r/r/r0riszAuthorityKeyIdentifier.__repr__cC2t|tstS|j|jko|j|jko|j|jkSr3)rrr{rrrr|r/r/r0r~s   zAuthorityKeyIdentifier.__eq__cCrr3r/r|r/r/r0rr^zAuthorityKeyIdentifier.__ne__cCs,|jdurd}nt|j}t|j||jfSr3)rtuplerrr)r7acir/r/r0rs   zAuthorityKeyIdentifier.__hash__rrrN)rrrr)rMrNrOrAUTHORITY_KEY_IDENTIFIERrDrkOptionalbytesIterabler rvrG classmethodrrrrir~rrrrrrrr/r/r/r0rs< !      rc@s`eZdZejZdefddZede ddfddZ e dZ d d Zd d Zd dZddZdS)rr)cCr\r3)_digest)r7r)r/r/r0rG r^zSubjectKeyIdentifier.__init__rrcCs |t|Sr3r)rrr/r/r0from_public_keys z$SubjectKeyIdentifier.from_public_keyrcCrh)Nz$)r`r)r6r/r/r0rirjzSubjectKeyIdentifier.__repr__cCst|tstSt|j|jSr3)rrr{rbytes_eqr)r|r/r/r0r~s zSubjectKeyIdentifier.__eq__cCrr3r/r|r/r/r0rr^zSubjectKeyIdentifier.__ne__cCrr3)rr)r6r/r/r0r"r^zSubjectKeyIdentifier.__hash__N)rMrNrOrSUBJECT_KEY_IDENTIFIERrDrrGrrrrrr)rir~rrr/r/r/r0rs  rc@TeZdZejZdejdfddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)AuthorityInformationAccess descriptionsAccessDescriptioncC,t|}tdd|Dstd||_dS)Ncsrr3rrrr/r/r0r+z6AuthorityInformationAccess.__init__..@Every item in the descriptions list must be an AccessDescriptionrrrd _descriptionsr7rr/r/r0rG)  z#AuthorityInformationAccess.__init__rcCrh)Nz r`rr6r/r/r0ri5rjz#AuthorityInformationAccess.__repr__cCrzr3)rrr{rr|r/r/r0r~8rz!AuthorityInformationAccess.__eq__cCrr3r/r|r/r/r0r>r^z!AuthorityInformationAccess.__ne__cCtt|jSr3rrrr6r/r/r0rAr;z#AuthorityInformationAccess.__hash__N)rMrNrOrAUTHORITY_INFORMATION_ACCESSrDrkrrGr@rmrnrorir~rrr/r/r/r0r&  rc@r)SubjectInformationAccessrrcCr)Ncsrr3rrr/r/r0rJrz4SubjectInformationAccess.__init__..rrrr/r/r0rGHrz!SubjectInformationAccess.__init__rcCrh)Nzrr6r/r/r0riTrjz!SubjectInformationAccess.__repr__cCrzr3)rrr{rr|r/r/r0r~WrzSubjectInformationAccess.__eq__cCrr3r/r|r/r/r0r]r^zSubjectInformationAccess.__ne__cCrr3rr6r/r/r0r`r;z!SubjectInformationAccess.__hash__N)rMrNrOrSUBJECT_INFORMATION_ACCESSrDrkrrGr@rmrnrorir~rrr/r/r/r0rErrc@sReZdZdedefddZddZddZd d Zd d Z e d Z e dZ dS)r access_methodaccess_locationcCs4t|ts tdt|tstd||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)rrrdr _access_method_access_location)r7rrr/r/r0rGes   zAccessDescription.__init__cCr)NzYrr6r/r/r0riqzAccessDescription.__repr__cC&t|tstS|j|jko|j|jkSr3)rrr{rrr|r/r/r0r~w   zAccessDescription.__eq__cCrr3r/r|r/r/r0rr^zAccessDescription.__ne__cCt|j|jfSr3)rrrr6r/r/r0rzAccessDescription.__hash__rrN)rMrNrOrr rGrir~rrrrrrr/r/r/r0rds    rc@s^eZdZejZdedeje fddZ e dZ e dZddZd d Zd d Zd dZdS)BasicConstraintsca path_lengthcCsXt|ts td|dur|std|dur$t|tr |dkr$td||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)rboolrdr%rv_ca _path_length)r7rrr/r/r0rGs   zBasicConstraints.__init__rrcCr)Nz:rr6r/r/r0rirzBasicConstraints.__repr__cCrr3)rrr{rrr|r/r/r0r~ zBasicConstraints.__eq__cCrr3r/r|r/r/r0rr^zBasicConstraints.__ne__cCrr3)rrrr6r/r/r0rrzBasicConstraints.__hash__N)rMrNrOrBASIC_CONSTRAINTSrDrrkrrvrGrrrrrir~rrr/r/r/r0rs   rc@sJeZdZejZdefddZe dZ ddZ ddZ d d Z d d Zd S)DeltaCRLIndicatorrrcCrsrtrurxr/r/r0rGryzDeltaCRLIndicator.__init__rwcCrzr3)rrr{rrr|r/r/r0r~rzDeltaCRLIndicator.__eq__cCrr3r/r|r/r/r0rr^zDeltaCRLIndicator.__ne__cCrr3rr6r/r/r0rr^zDeltaCRLIndicator.__hash__cCr)Nz.rr6r/r/r0rir^zDeltaCRLIndicator.__repr__N)rMrNrOrDELTA_CRL_INDICATORrDrvrGrrrrr~rrrir/r/r/r0rs  rc@r)CRLDistributionPointsdistribution_pointsDistributionPointcCr)Ncsrr3rrrr/r/r0rrz1CRLDistributionPoints.__init__..?distribution_points must be a list of DistributionPoint objectsrrrd_distribution_pointsr7rr/r/r0rG zCRLDistributionPoints.__init__rcCrh)Nzr`rr6r/r/r0rirjzCRLDistributionPoints.__repr__cCrzr3)rrr{rr|r/r/r0r~rzCRLDistributionPoints.__eq__cCrr3r/r|r/r/r0rr^zCRLDistributionPoints.__ne__cCrr3rrrr6r/r/r0rr;zCRLDistributionPoints.__hash__N)rMrNrOrCRL_DISTRIBUTION_POINTSrDrkrrGr@rmrnrorir~rrr/r/r/r0r   rc@r) FreshestCRLrrcCr)Ncsrr3rrr/r/r0rrz'FreshestCRL.__init__..rrrr/r/r0rGrzFreshestCRL.__init__rcCrh)Nzrr6r/r/r0rirjzFreshestCRL.__repr__cCrzr3)rrr{rr|r/r/r0r~ rzFreshestCRL.__eq__cCrr3r/r|r/r/r0rr^zFreshestCRL.__ne__cCrr3rr6r/r/r0rr;zFreshestCRL.__hash__N)rMrNrOr FRESHEST_CRLrDrkrrGr@rmrnrorir~rrr/r/r/r0rrrc @seZdZdejejedejedejejddejejefddZ dd Z d d Z d d Z ddZ edZedZedZedZdS)r full_name relative_namereasons ReasonFlags crl_issuercCs|r|rtd|rt|}tdd|Dstd|r&t|ts&td|r9t|}tdd|Ds9td|rMt|trItdd|DsMtd |r]tj|vsYtj |vr]td |ri|si|si|sitd ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.csrr3rrr/r/r0r(rz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecsrr3rrr/r/r0r5rz2crl_issuer must be None or a list of general namescsrr3rrrr/r/r0r<rz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)r%rrrdrr frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r7rrrrr/r/r0rGsR    zDistributionPoint.__init__cCr)Nz}rr6r/r/r0riTzDistributionPoint.__repr__cCs>t|tstS|j|jko|j|jko|j|jko|j|jkSr3)rrr{rrrrr|r/r/r0r~[s     zDistributionPoint.__eq__cCrr3r/r|r/r/r0rfr^zDistributionPoint.__ne__cCsH|jdur t|j}nd}|jdurt|j}nd}t||j|j|fSr3)rrrrrr)r7fnrr/r/r0ris    zDistributionPoint.__hash__rrrrN)rMrNrOrkrrr r FrozenSetrGrir~rrrrrrrrr/r/r/r0rs$ ;   rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rr keyCompromise cACompromiseaffiliationChanged supersededcessationOfOperationcertificateHoldprivilegeWithdrawn aACompromise removeFromCRLN) rMrNrOrkey_compromise ca_compromiseaffiliation_changedrcessation_of_operationcertificate_holdprivilege_withdrawn aa_compromiserr/r/r/r0r|src@sdeZdZejZdejedejefddZ ddZ ddZ d d Z d d Z ed ZedZdS)PolicyConstraintsrequire_explicit_policyinhibit_policy_mappingcCs\|dur t|ts td|durt|tstd|dur&|dur&td||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)rrvrdr%_require_explicit_policy_inhibit_policy_mapping)r7rrr/r/r0rGs$   zPolicyConstraints.__init__cCr)Nz{rr6r/r/r0rirzPolicyConstraints.__repr__cCrr3)rrr{rrr|r/r/r0r~rzPolicyConstraints.__eq__cCrr3r/r|r/r/r0rr^zPolicyConstraints.__ne__cCrr3)rrrr6r/r/r0rs zPolicyConstraints.__hash__rrN)rMrNrOrPOLICY_CONSTRAINTSrDrkrrvrGrir~rrrrrrr/r/r/r0rs"  rc@r)CertificatePoliciespoliciesPolicyInformationcCr)Ncsrr3)rr rr/r/r0rrz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rrrd _policies)r7r r/r/r0rGrzCertificatePolicies.__init__r cCrh)Nz)r`r r6r/r/r0rirjzCertificatePolicies.__repr__cCrzr3)rr r{r r|r/r/r0r~rzCertificatePolicies.__eq__cCrr3r/r|r/r/r0rr^zCertificatePolicies.__ne__cCrr3)rrr r6r/r/r0rr;zCertificatePolicies.__hash__N)rMrNrOrCERTIFICATE_POLICIESrDrkrrGr@rmrnrorir~rrr/r/r/r0r rr c@sheZdZdedejejejedffddZ ddZ dd Z d d Z d d Z edZedZdS)r policy_identifierpolicy_qualifiers UserNoticecCsHt|ts td||_|rt|}tdd|Dstd||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|] }t|ttfVqdSr3)rrPrrr/r/r0rs z-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)rrrd_policy_identifierrr_policy_qualifiers)r7rrr/r/r0rGs  zPolicyInformation.__init__cCr)Nzerr6r/r/r0rirzPolicyInformation.__repr__cCrr3)rr r{rrr|r/r/r0r~rzPolicyInformation.__eq__cCrr3r/r|r/r/r0rr^zPolicyInformation.__ne__cCs(|jdur t|j}nd}t|j|fSr3)rrrr)r7pqr/r/r0rs  zPolicyInformation.__hash__rrN)rMrNrOrrkrrUnionrPrGrir~rrrrrrr/r/r/r0r s   r c@s^eZdZdejddejefddZddZdd Zd d Z d d Z e dZ e dZdS)rnotice_referenceNoticeReference explicit_textcCs&|r t|ts td||_||_dS)Nz2notice_reference must be None or a NoticeReference)rrrd_notice_reference_explicit_text)r7rrr/r/r0rG s zUserNotice.__init__cCr)NzVrr6r/r/r0ri/rzUserNotice.__repr__cCrr3)rrr{rrr|r/r/r0r~5rzUserNotice.__eq__cCrr3r/r|r/r/r0r>r^zUserNotice.__ne__cCrr3)rrrr6r/r/r0rArzUserNotice.__hash__rrN)rMrNrOrkrrPrGrir~rrrrrrr/r/r/r0rs   rc@s^eZdZdejedejefddZddZ ddZ d d Z d d Z e d Ze dZdS)r organizationnotice_numberscCs2||_t|}tdd|Dstd||_dS)Ncsrr3)rrvrr/r/r0rPrz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrrrd_notice_numbers)r7rrr/r/r0rGIs  zNoticeReference.__init__cCr)NzUrr6r/r/r0riUrzNoticeReference.__repr__cCrr3)rrr{rrr|r/r/r0r~[rzNoticeReference.__eq__cCrr3r/r|r/r/r0rdr^zNoticeReference.__ne__cCst|jt|jfSr3)rrrrr6r/r/r0rgzNoticeReference.__hash__rrN)rMrNrOrkrrPrrvrGrir~rrrrrrr/r/r/r0rHs    rc@TeZdZejZdejefddZ e d\Z Z Z ddZddZd d Zd d Zd S)ExtendedKeyUsageusagescCr)Ncsrr3)rrrr/r/r0rsrz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rrrd_usages)r7r!r/r/r0rGqs  zExtendedKeyUsage.__init__r"cCrh)Nz)r`r"r6r/r/r0ri|rjzExtendedKeyUsage.__repr__cCrzr3)rr r{r"r|r/r/r0r~rzExtendedKeyUsage.__eq__cCrr3r/r|r/r/r0rr^zExtendedKeyUsage.__ne__cCrr3)rrr"r6r/r/r0rr;zExtendedKeyUsage.__hash__N)rMrNrOrEXTENDED_KEY_USAGErDrkrrrGr@rmrnrorir~rrr/r/r/r0r ns  r c@2eZdZejZddZddZddZddZ d S) OCSPNoCheckcCt|tstSdSNT)rr%r{r|r/r/r0r~ zOCSPNoCheck.__eq__cCrr3r/r|r/r/r0rr^zOCSPNoCheck.__ne__cCttSr3)rr%r6r/r/r0rzOCSPNoCheck.__hash__cCrU)Nzr/r6r/r/r0rizOCSPNoCheck.__repr__N) rMrNrOr OCSP_NO_CHECKrDr~rrrir/r/r/r0r%  r%c@r$) PrecertPoisoncCr&r')rr.r{r|r/r/r0r~r(zPrecertPoison.__eq__cCrr3r/r|r/r/r0rr^zPrecertPoison.__ne__cCr)r3)rr.r6r/r/r0rr*zPrecertPoison.__hash__cCrU)Nzr/r6r/r/r0rir+zPrecertPoison.__repr__N) rMrNrOrPRECERT_POISONrDr~rrrir/r/r/r0r.r-r.c@r) TLSFeaturefeaturesTLSFeatureTypecCs8t|}tdd|Drt|dkrtd||_dS)Ncsrr3)rr2rr/r/r0rrz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rrr4rd _features)r7r1r/r/r0rGs  zTLSFeature.__init__r3cCr)Nz$rr6r/r/r0rir^zTLSFeature.__repr__cCrzr3)rr0r{r3r|r/r/r0r~rzTLSFeature.__eq__cCrr3r/r|r/r/r0rr^zTLSFeature.__ne__cCrr3)rrr3r6r/r/r0rr;zTLSFeature.__hash__N)rMrNrOr TLS_FEATURErDrkrrGr@rmrnrorir~rrr/r/r/r0r0s  r0c@seZdZdZdZdS)r2N)rMrNrOstatus_requeststatus_request_v2r/r/r/r0r2sr2cCsi|]}|j|qSr/rerr/r/r0 r:c@rp)InhibitAnyPolicy skip_certscCs,t|ts td|dkrtd||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)rrvrdr% _skip_certs)r7r=r/r/r0rGs  zInhibitAnyPolicy.__init__cCr)Nz-rr6r/r/r0rir^zInhibitAnyPolicy.__repr__cCrzr3)rr<r{r=r|r/r/r0r~rzInhibitAnyPolicy.__eq__cCrr3r/r|r/r/r0rr^zInhibitAnyPolicy.__ne__cCrr3)rr=r6r/r/r0rr^zInhibitAnyPolicy.__hash__r>N)rMrNrOrINHIBIT_ANY_POLICYrDrvrGrir~rrrrr=r/r/r/r0r<s r<c@seZdZejZdedededededededed efd d Ze d Z e d Z e dZ e dZ e dZe dZe dZeddZeddZddZddZddZddZdS) KeyUsagedigital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyc CsN|s |s| r td||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r%_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r7rArBrCrDrErFrGrHrIr/r/r0rGs  zKeyUsage.__init__rJrKrLrMrNrOrPcC|jstd|jS)Nz7encipher_only is undefined unless key_agreement is true)rEr%rQr6r/r/r0rH' zKeyUsage.encipher_onlycCrS)Nz7decipher_only is undefined unless key_agreement is true)rEr%rRr6r/r/r0rI0rTzKeyUsage.decipher_onlycCs:z|j}|j}Wn tyd}d}Ynwd|||S)NFa-)rHrIr%r`)r7rHrIr/r/r0ri9s   zKeyUsage.__repr__cCszt|tstS|j|jko<|j|jko<|j|jko<|j|jko<|j|jko<|j|jko<|j |j ko<|j |j ko<|j |j kSr3) rr@r{rArBrCrDrErFrGrQrRr|r/r/r0r~Ns&          zKeyUsage.__eq__cCrr3r/r|r/r/r0r^r^zKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f Sr3) rrArBrCrDrErFrGrQrRr6r/r/r0raszKeyUsage.__hash__N)rMrNrOr KEY_USAGErDrrGrrrArBrCrDrErFrGpropertyrHrIrir~rrr/r/r/r0r@sH           r@c@sxeZdZejZdejeje dejeje fddZ ddZ ddZ d d Z d d Zd dZedZedZdS)NameConstraintspermitted_subtreesexcluded_subtreescCs|durt|}tdd|Dstd|||dur4t|}tdd|Ds/td|||dur@|dur@td||_||_dS)Ncsrr3rrr/r/r0r{rz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecsrr3rrr/r/r0rrz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rrrd_validate_ip_namer%_permitted_subtrees_excluded_subtrees)r7rXrYr/r/r0rGts(   zNameConstraints.__init__cCrr3)rrWr{rYrXr|r/r/r0r~rzNameConstraints.__eq__cCrr3r/r|r/r/r0rr^zNameConstraints.__ne__cCstdd|Dr tddS)Ncss0|]}t|tot|jtjtjf VqdSr3)rrre ipaddress IPv4Network IPv6Network)rnamer/r/r0rs  z4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyrd)r7treer/r/r0rZsz!NameConstraints._validate_ip_namecCr)Nzerr6r/r/r0rirzNameConstraints.__repr__cCs@|jdur t|j}nd}|jdurt|j}nd}t||fSr3)rXrrYr)r7psesr/r/r0rs     zNameConstraints.__hash__r[r\N)rMrNrOrNAME_CONSTRAINTSrDrkrrr rGr~rrZrirrrrXrYr/r/r/r0rWqs "   rWc@s`eZdZdededefddZedZ edZ edZ d d Z d d Z d dZddZdS)r[rDcriticalrecCs:t|ts tdt|tstd||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)rrrdr_oid _critical_value)r7rDrfrer/r/r0rGs   zExtension.__init__rgrhricCr)Nz@rr6r/r/r0rirzExtension.__repr__cCrr3)rr[r{rDrfrer|r/r/r0r~s    zExtension.__eq__cCrr3r/r|r/r/r0rr^zExtension.__ne__cCst|j|j|jfSr3)rrDrfrer6r/r/r0rrzExtension.__hash__N)rMrNrOrrrTrGrrrDrfrerir~rrr/r/r/r0r[s    r[c@sbeZdZdejefddZed\ZZ Z dej efddZ dd Z d d Zd d ZddZdS) GeneralNames general_namescCr)Ncsrr3rrr/r/r0rrz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rrrd_general_namesr7rkr/r/r0rGrzGeneralNames.__init__rltypecs0fdd|D}tkrdd|D}t|S)Nc3s|] }t|r|VqdSr3)rrirnr/r0rsz3GeneralNames.get_values_for_type..css|]}|jVqdSr3r9ror/r/r0rs)rr)r7rnobjsr/rqr0get_values_for_typesz GeneralNames.get_values_for_typecCrh)Nzr`rlr6r/r/r0rirjzGeneralNames.__repr__cCrzr3)rrjr{rlr|r/r/r0r~ rzGeneralNames.__eq__cCrr3r/r|r/r/r0rr^zGeneralNames.__ne__cCrr3)rrrlr6r/r/r0rr;zGeneralNames.__hash__N)rMrNrOrkrr rGr@rmrnroTypersrir~rrr/r/r/r0rjs   rjc@\eZdZejZdejefddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)SubjectAlternativeNamerkcCt||_dSr3rjrlrmr/r/r0rGr;zSubjectAlternativeName.__init__rlcC |j|Sr3rlrsr7rnr/r/r0rsrjz*SubjectAlternativeName.get_values_for_typecCrh)Nzrtr6r/r/r0ri"rjzSubjectAlternativeName.__repr__cCrzr3)rrwr{rlr|r/r/r0r~%rzSubjectAlternativeName.__eq__cCrr3r/r|r/r/r0r+r^zSubjectAlternativeName.__ne__cCrr3rrlr6r/r/r0r.r^zSubjectAlternativeName.__hash__N)rMrNrOrSUBJECT_ALTERNATIVE_NAMErDrkrr rGr@rmrnrorsrir~rrr/r/r/r0rw rwc@rv)IssuerAlternativeNamerkcCrxr3ryrmr/r/r0rG5r;zIssuerAlternativeName.__init__rlcCrzr3r{r|r/r/r0rs:rjz)IssuerAlternativeName.get_values_for_typecCrh)Nzrtr6r/r/r0ri=rjzIssuerAlternativeName.__repr__cCrzr3)rrr{rlr|r/r/r0r~@rzIssuerAlternativeName.__eq__cCrr3r/r|r/r/r0rFr^zIssuerAlternativeName.__ne__cCrr3r}r6r/r/r0rIr^zIssuerAlternativeName.__hash__N)rMrNrOrISSUER_ALTERNATIVE_NAMErDrkrr rGr@rmrnrorsrir~rrr/r/r/r0r2rrc@rv)CertificateIssuerrkcCrxr3ryrmr/r/r0rGPr;zCertificateIssuer.__init__rlcCrzr3r{r|r/r/r0rsUrjz%CertificateIssuer.get_values_for_typecCrh)Nzrtr6r/r/r0riXrjzCertificateIssuer.__repr__cCrzr3)rrr{rlr|r/r/r0r~[rzCertificateIssuer.__eq__cCrr3r/r|r/r/r0rar^zCertificateIssuer.__ne__cCrr3r}r6r/r/r0rdr^zCertificateIssuer.__hash__N)rMrNrOrCERTIFICATE_ISSUERrDrkrr rGr@rmrnrorsrir~rrr/r/r/r0rMrrc@rp) CRLReasonreasoncCrs)Nz*reason must be an element from ReasonFlags)rrrd_reason)r7rr/r/r0rGkryzCRLReason.__init__cCrh)Nz)r`rr6r/r/r0riqrjzCRLReason.__repr__cCrzr3)rrr{rr|r/r/r0r~trzCRLReason.__eq__cCrr3r/r|r/r/r0rzr^zCRLReason.__ne__cCrr3)rrr6r/r/r0r}r^zCRLReason.__hash__rN)rMrNrOr CRL_REASONrDrrGrir~rrrrrr/r/r/r0rhsrc@sLeZdZejZdejfddZddZddZ dd Z d d Z e d Zd S)InvalidityDateinvalidity_datecCst|tjs td||_dS)Nz+invalidity_date must be a datetime.datetime)rdatetimerd_invalidity_date)r7rr/r/r0rGs  zInvalidityDate.__init__cCrh)Nz$)r`rr6r/r/r0riszInvalidityDate.__repr__cCrzr3)rrr{rr|r/r/r0r~rzInvalidityDate.__eq__cCrr3r/r|r/r/r0rr^zInvalidityDate.__ne__cCrr3)rrr6r/r/r0rr^zInvalidityDate.__hash__rN)rMrNrOrINVALIDITY_DATErDrrGrir~rrrrrr/r/r/r0rsrc@r))PrecertificateSignedCertificateTimestampssigned_certificate_timestampscCr)Ncsrr3rr rsctr/r/r0r  zEPrecertificateSignedCertificateTimestamps.__init__..YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamprrrd_signed_certificate_timestampsr7rr/r/r0rG z2PrecertificateSignedCertificateTimestamps.__init__rcCdt|S)Nz/r`rr6r/r/r0risz2PrecertificateSignedCertificateTimestamps.__repr__cCrr3rrrr6r/r/r0rr;z2PrecertificateSignedCertificateTimestamps.__hash__cCrzr3)rrr{rr|r/r/r0r~ z0PrecertificateSignedCertificateTimestamps.__eq__cCrr3r/r|r/r/r0rr^z0PrecertificateSignedCertificateTimestamps.__ne__N)rMrNrOr%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSrDrkrr rGr@rmrnrorirr~rr/r/r/r0rs   rc@r)SignedCertificateTimestampsrcCr)Ncsrr3rrr/r/r0rrz7SignedCertificateTimestamps.__init__..rrrr/r/r0rGrz$SignedCertificateTimestamps.__init__rcCr)Nz!rr6r/r/r0rir;z$SignedCertificateTimestamps.__repr__cCrr3rr6r/r/r0rr;z$SignedCertificateTimestamps.__hash__cCrzr3)rrr{rr|r/r/r0r~rz"SignedCertificateTimestamps.__eq__cCrr3r/r|r/r/r0rr^z"SignedCertificateTimestamps.__ne__N)rMrNrOrSIGNED_CERTIFICATE_TIMESTAMPSrDrkrr rGr@rmrnrorirr~rr/r/r/r0rs   rc@rp) OCSPNoncenoncecCrs)Nznonce must be bytes)rrrd_nonce)r7rr/r/r0rGryzOCSPNonce.__init__cCrzr3)rrr{rr|r/r/r0r~rzOCSPNonce.__eq__cCrr3r/r|r/r/r0rr^zOCSPNonce.__ne__cCrr3)rrr6r/r/r0r r^zOCSPNonce.__hash__cCr)Nzrr6r/r/r0ri r^zOCSPNonce.__repr__rN)rMrNrOrNONCErDrrGr~rrrirrrr/r/r/r0rrrc@seZdZejZddZddZddZddZ d d Z e d Z e d Ze d Ze dZe dZe dZe dZdS)IssuingDistributionPointc Cs|rt|trtdd|Dstd|r$tj|vs tj|vr$tdt|tr8t|tr8t|tr8t|ts.z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|]}|r|qSr/r/rr/r/r0 Dr;z5IssuingDistributionPoint.__init__..zOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rrrrdrrrr%rr4ra_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r7rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certscrl_constraintsr/r/r0rGsl     z!IssuingDistributionPoint.__init__cCr)NaGrr6r/r/r0rifsz!IssuingDistributionPoint.__repr__cCsbt|tstS|j|jko0|j|jko0|j|jko0|j|jko0|j|jko0|j|jko0|j |j kSr3) rrr{rrrrrrrr|r/r/r0r~rs"       zIssuingDistributionPoint.__eq__cCrr3r/r|r/r/r0rr^zIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jfSr3)rrrrrrrrr6r/r/r0rsz!IssuingDistributionPoint.__hash__rrrrrrrN)rMrNrOrISSUING_DISTRIBUTION_POINTrDrGrir~rrrrrrrrrrrr/r/r/r0rs(P    rc@sReZdZdedefddZedZedZ ddZ d d Z d d Z d dZ dS)rcrDrecCs"t|ts td||_||_dS)Nzoid must be an ObjectIdentifier)rrrdrgri)r7rDrer/r/r0rGs  zUnrecognizedExtension.__init__rgricCr)Nz7rr6r/r/r0rirzUnrecognizedExtension.__repr__cCrr3)rrcr{rDrer|r/r/r0r~rzUnrecognizedExtension.__eq__cCrr3r/r|r/r/r0rr^zUnrecognizedExtension.__ne__cCrr3)rrDrer6r/r/r0rrzUnrecognizedExtension.__hash__N)rMrNrOrrrGrrrDrerir~rrr/r/r/r0rcs   rc)SrVrr'r]rk cryptographyrcryptography.hazmat._derrrrrcryptography.hazmat._typesrcryptography.hazmat.primitivesrr ,cryptography.hazmat.primitives.asymmetric.ecr -cryptography.hazmat.primitives.asymmetric.rsar *cryptography.x509.certificate_transparencyr cryptography.x509.general_namer rrcryptography.x509.namercryptography.x509.oidrrrrrr1r@ ExceptionrBrSABCMetarTobjectrYrqrrrrrrrrrrEnumrrr r rrr r%r.r0r2_TLS_FEATURE_TYPE_TO_ENUMr<r@rWr[rjrwrrrrrrrrrcr/r/r/r0sx      ( !_&)%%d @7)&" qU+&-+