o geA!@sddlZddlmZddlmZddlmZmZGdddejZ dde DZ e Z ej e jeje jeje jeje jeje jeje jiZejd ejd ejd ejd ejd ej dejdejdejdi ZddZGddde ZGddde Z Gddde Z!dS)N)utils) _get_backend)NameOIDObjectIdentifierc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) _ASN1Type N) __name__ __module__ __qualname__ UTF8String NumericStringPrintableString T61String IA5StringUTCTimeGeneralizedTime VisibleStringUniversalString BMPStringrr8/usr/lib/python3/dist-packages/cryptography/x509/name.pyr srcCsi|]}|j|qSr)value.0irrr sr$CNLSTOOUCSTREETDCUIDcCs|sdS|dd}|dd}|dd}|dd }|d d }|d d }|dd}|dd}|ddvr>d|}|ddkrL|ddd}|S)z>Escape special characters in RFC4514 Distinguished Name value.\z\\"z\"+z\+,z\,;z\;z\>z\00r)# r8Nz\ )replace)valrrr_escape_dn_value3s          r<c@seZdZefdedefddZedZ edZ defdd Z d e de fd d Zd e de fd dZdefddZdefddZdS) NameAttributeoidr cCst|ts tdt|tstd|tjks|tjkr)t|ddkr)t d|t kr4t |t j}t|t s=td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z#value argument must be a text type.utf8z/Country name must be a 2 character country codez%_type must be from the _ASN1Type enum) isinstancer TypeErrorstrr COUNTRY_NAMEJURISDICTION_COUNTRY_NAMElenencode ValueError _SENTINEL_NAMEOID_DEFAULT_TYPEgetrr_oid_value_type)selfr>r rNrrr__init__Ls&       zNameAttribute.__init__rLrMreturncCs$t|j|jj}d|t|jfS)z Format as RFC4514 Distinguished Name string. Use short attribute name if available, otherwise fall back to OID dotted string. z%s=%s)_NAMEOID_TO_NAMErKr> dotted_stringr<r )rOkeyrrrrfc4514_stringqszNameAttribute.rfc4514_stringothercCs&t|tstS|j|jko|j|jkSN)rAr=NotImplementedr>r rOrVrrr__eq__{s zNameAttribute.__eq__cC ||k SrWrrYrrr__ne__ zNameAttribute.__ne__cCst|j|jfSrW)hashr>r rOrrr__hash__szNameAttribute.__hash__cCs d|S)Nz/)formatr_rrr__repr__r]zNameAttribute.__repr__N)rrrrIrrCrPrread_only_propertyr>r rUobjectboolrZr\intr`rbrrrrr=Ks "  r=c@seZdZdejefddZdejefddZde fddZ d e de fd d Z d e de fd d ZdefddZdejefddZdefddZde fddZdS)RelativeDistinguishedName attributescCs\t|}|s tdtdd|Dstd||_t||_t|jt|kr,tddS)Nz-a relative distinguished name cannot be emptycs|]}t|tVqdSrWrAr=r"xrrr z5RelativeDistinguishedName.__init__..z/attributes must be an iterable of NameAttributez$duplicate attributes are not allowed)listrHallrB _attributes frozenset_attribute_setrFrOrhrrrrPs z"RelativeDistinguishedName.__init__rQcfdd|DS)Ncg|] }|jkr|qSrr>r!rwrr zDRelativeDistinguishedName.get_attributes_for_oid..rrOr>rrwrget_attributes_for_oidz0RelativeDistinguishedName.get_attributes_for_oidcCsddd|jDS)z Format as RFC4514 Distinguished Name string. Within each RDN, attributes are joined by '+', although that is rarely used in certificates. r1cs|]}|VqdSrWrUr"attrrrrrmz;RelativeDistinguishedName.rfc4514_string..)joinrqr_rrrrUsz(RelativeDistinguishedName.rfc4514_stringrVcCt|tstS|j|jkSrW)rArgrXrsrYrrrrZ  z RelativeDistinguishedName.__eq__cCr[rWrrYrrrr\r]z RelativeDistinguishedName.__ne__cC t|jSrW)r^rsr_rrrr`r]z"RelativeDistinguishedName.__hash__cCrrW)iterrqr_rrr__iter__r]z"RelativeDistinguishedName.__iter__cCrrW)rFrqr_rrr__len__r]z!RelativeDistinguishedName.__len__cCsd|S)Nz)rarUr_rrrrbsz"RelativeDistinguishedName.__repr__N)rrrtypingIterabler=rPListr{rCrUrdrerZr\rfr`Iteratorrrrbrrrrrgs rgc@seZdZddZdefddZdejefddZ e dej e fdd Z ddefd d Zd edefddZd edefddZdefddZdejefddZdefddZdefddZd S)NamecCsRt|}tdd|Drdd|D|_dStdd|Dr%||_dStd)NcsrirWrjrkrrrrmrnz Name.__init__..cSsg|]}t|gqSr)rgrkrrrrxs z!Name.__init__..csrirW)rArgrkrrrrmrnzNattributes must be a list of NameAttribute or a list RelativeDistinguishedName)rorprqrBrtrrrrPs  z Name.__init__rQcCsdddt|jDS)a Format as RFC4514 Distinguished Name string. For example 'CN=foobar.com,O=Foo Corp,C=US' An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in real world certificates. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. r2csr}rWr~rrrrrms z&Name.rfc4514_string..)rreversedrqr_rrrrUs zName.rfc4514_stringcru)Ncrvrrwr!rwrrrxryz/Name.get_attributes_for_oid..rrzrrwrr{r|zName.get_attributes_for_oidcCs|jSrWrqr_rrrrdnssz Name.rdnsNcCst|}||SrW)rx509_name_bytes)rObackendrrr public_bytess zName.public_bytesrVcCrrW)rArrXrqrYrrrrZrz Name.__eq__cCr[rWrrYrrrr\r]z Name.__ne__cCstt|jSrW)r^tuplerqr_rrrr`sz Name.__hash__ccs"|jD] }|D]}|VqqdSrWr)rOrdnavarrrrs  z Name.__iter__cCstdd|jDS)Ncss|]}t|VqdSrW)rF)r"rrrrrmrzName.__len__..)sumrqr_rrrrsz Name.__len__cCs ddd|jD}d|S)Nr2csr}rWr~rrrrrmrz Name.__repr__..z )rrqra)rOrrrrrbs z Name.__repr__rW)rrrrPrCrUrrr=r{propertyrrgrbytesrrdrerZr\rfr`rrrrbrrrrrsr)"r cryptographyrcryptography.hazmat.backendsrcryptography.x509.oidrrEnumr_ASN1_TYPE_TO_ENUMrdrIrDrrE SERIAL_NUMBER DN_QUALIFIER EMAIL_ADDRESSrDOMAIN_COMPONENTrJ COMMON_NAME LOCALITY_NAMESTATE_OR_PROVINCE_NAMEORGANIZATION_NAMEORGANIZATIONAL_UNIT_NAMESTREET_ADDRESSUSER_IDrRr<r=rgrrrrrs8     @1