U *}f@sddlmZmZmZddlZddlZddlZddlZddlm Z ddl Z ddl m Z ddl mZmZmZmZddlmZmZddlmZddlmZdd lmZdd lmZmZmZdd lm Z dd l!m"Z"m#Z#m$Z$m%Z%d dZ&ddZ'Gddde(Z)Gddde(Z*e +ej,Gddde-Z.Gddde-Z/e 0e.Gddde-Z1e 0e.Gddde-Z2e 0e.Gddde-Z3e 0e.Gdd d e-Z4e 0e.Gd!d"d"e-Z5Gd#d$d$e-Z6e 0e.Gd%d&d&e-Z7e 0e.Gd'd(d(e-Z8e 0e.Gd)d*d*e-Z9e 0e.Gd+d,d,e-Z:Gd-d.d.e-Z;Gd/d0d0e ZGd5d6d6e-Z?Gd7d8d8e-Z@Gd9d:d:e-ZAe 0e.Gd;d<dd>e-ZCe 0e.Gd?d@d@e-ZDe 0e.GdAdBdBe-ZEGdCdDdDe ZFdEdFeFDZGe 0e.GdGdHdHe-ZHe 0e.GdIdJdJe-ZIe 0e.GdKdLdLe-ZJGdMdNdNe-ZKGdOdPdPe-ZLe 0e.GdQdRdRe-ZMe 0e.GdSdTdTe-ZNe 0e.GdUdVdVe-ZOe 0e.GdWdXdXe-ZPe 0e.GdYdZdZe-ZQe 0e.Gd[d\d\e-ZRe 0e.Gd]d^d^e-ZSe 0e.Gd_d`d`e-ZTe 0e.Gdadbdbe-ZUe 0e.Gdcdddde-ZVdS)e)absolute_importdivisionprint_functionN)Enum)utils) BIT_STRING DERReaderOBJECT_IDENTIFIERSEQUENCE) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)SignedCertificateTimestamp) GeneralName IPAddress OtherName)RelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifierc Cst|tr |tjjtjj}nt|tr@|tjj tjj }n|tjjtjj }t |}| t}|t}|t}W5QRX| |t|s|W5QRX|dkrtd|j}t|S)NrzInvalid public key encoding) isinstancerZ public_bytesr EncodingZDERZ PublicFormatZPKCS1r ZX962ZUncompressedPointZSubjectPublicKeyInforZread_single_elementr Z read_elementrr Zis_emptyZread_any_elementZ read_byte ValueErrordatahashlibsha1digest) public_keyrZ serializedreaderZpublic_key_info algorithmr"@/tmp/pip-unpacked-wheel-x36vw73o/cryptography/x509/extensions.py_key_identifier_from_public_key&s4      r$cs.fdd}fdd}fdd}|||fS)Ncstt|SN)lengetattrself field_namer"r# len_methodOsz*_make_sequence_methods..len_methodcstt|Sr%)iterr'r(r*r"r# iter_methodRsz+_make_sequence_methods..iter_methodcst||Sr%)r')r)idxr*r"r#getitem_methodUsz._make_sequence_methods..getitem_methodr")r+r,r.r0r"r*r#_make_sequence_methodsNs   r1cseZdZfddZZS)DuplicateExtensioncstt||||_dSr%)superr2__init__oidr)msgr5 __class__r"r#r4\szDuplicateExtension.__init____name__ __module__ __qualname__r4 __classcell__r"r"r8r#r2[sr2cseZdZfddZZS)ExtensionNotFoundcstt||||_dSr%)r3r?r4r5r6r8r"r#r4bszExtensionNotFound.__init__r:r"r"r8r#r?asr?c@seZdZejddZdS) ExtensionTypecCsdS)zK Returns the oid associated with the given extension type. Nr"r(r"r"r#r5iszExtensionType.oidN)r;r<r=abcabstractpropertyr5r"r"r"r#r@gsr@c@s:eZdZddZddZddZed\ZZZ dd Z d S) ExtensionscCs ||_dSr%) _extensions)r) extensionsr"r"r#r4qszExtensions.__init__cCs0|D]}|j|kr|Sqtd||dS)NNo {} extension was found)r5r?format)r)r5extr"r"r#get_extension_for_oidts  z Extensions.get_extension_for_oidcCsD|tkrtd|D]}t|j|r|Sqtd||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.rF)UnrecognizedExtension TypeErrorrvaluer?rGr5)r)ZextclassrHr"r"r#get_extension_for_class{s  z"Extensions.get_extension_for_classrDcCs d|jS)Nz)rGrDr(r"r"r#__repr__szExtensions.__repr__N) r;r<r=r4rIrMr1__len____iter__ __getitem__rNr"r"r"r#rCps rCc@sDeZdZejZddZddZddZddZ d d Z e d Z d S) CRLNumbercCst|tjstd||_dSNzcrl_number must be an integerrsix integer_typesrK _crl_numberr) crl_numberr"r"r#r4s zCRLNumber.__init__cCst|tstS|j|jkSr%)rrRNotImplementedrYr)otherr"r"r#__eq__s zCRLNumber.__eq__cCs ||k Sr%r"r[r"r"r#__ne__szCRLNumber.__ne__cCs t|jSr%hashrYr(r"r"r#__hash__szCRLNumber.__hash__cCs d|jS)Nz)rGrYr(r"r"r#rNszCRLNumber.__repr__rWN)r;r<r=rZ CRL_NUMBERr5r4r]r^rarNrread_only_propertyrYr"r"r"r#rRsrRc@speZdZejZddZeddZeddZ ddZ d d Z d d Z d dZ edZedZedZdS)AuthorityKeyIdentifiercCst|dk|dkkrtd|dk rBt|}tdd|DsBtd|dk r^t|tjs^td||_||_||_ dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdSr%rr.0xr"r"r# sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) rlistallrKrrUrV_key_identifier_authority_cert_issuer_authority_cert_serial_number)r)key_identifierauthority_cert_issuerauthority_cert_serial_numberr"r"r#r4s, zAuthorityKeyIdentifier.__init__cCst|}||dddSN)rnrorpr$)clsrrr"r"r#from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keycCs||jdddSrq)r)rsZskir"r"r#"from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifiercCs d|S)NzrGr(r"r"r#rNszAuthorityKeyIdentifier.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkSr%)rrcrZrnrorpr[r"r"r#r]s   zAuthorityKeyIdentifier.__eq__cCs ||k Sr%r"r[r"r"r#r^szAuthorityKeyIdentifier.__ne__cCs,|jdkrd}n t|j}t|j||jfSr%)rotupler`rnrp)r)Zacir"r"r#ras    zAuthorityKeyIdentifier.__hash__rkrlrmN)r;r<r=rZAUTHORITY_KEY_IDENTIFIERr5r4 classmethodrtrurNr]r^rarrbrnrorpr"r"r"r#rcs!     rcc@sPeZdZejZddZeddZe dZ ddZ dd Z d d Zd d ZdS)SubjectKeyIdentifiercCs ||_dSr%)_digest)r)rr"r"r#r4 szSubjectKeyIdentifier.__init__cCs |t|Sr%rr)rsrr"r"r#from_public_keysz$SubjectKeyIdentifier.from_public_keyrzcCs d|jS)Nz$)rGrr(r"r"r#rNszSubjectKeyIdentifier.__repr__cCst|tstSt|j|jSr%)rryrZr Zbytes_eqrr[r"r"r#r]s zSubjectKeyIdentifier.__eq__cCs ||k Sr%r"r[r"r"r#r^szSubjectKeyIdentifier.__ne__cCs t|jSr%)r`rr(r"r"r#ra"szSubjectKeyIdentifier.__hash__N)r;r<r=rZSUBJECT_KEY_IDENTIFIERr5r4rxr{rrbrrNr]r^rar"r"r"r#ry s  ryc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) AuthorityInformationAccesscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rAccessDescriptionrer"r"r#rh,sz6AuthorityInformationAccess.__init__..@Every item in the descriptions list must be an AccessDescriptionrirjrK _descriptionsr)Z descriptionsr"r"r#r4*s z#AuthorityInformationAccess.__init__rcCs d|jS)Nz rGrr(r"r"r#rN6sz#AuthorityInformationAccess.__repr__cCst|tstS|j|jkSr%)rr|rZrr[r"r"r#r]9s z!AuthorityInformationAccess.__eq__cCs ||k Sr%r"r[r"r"r#r^?sz!AuthorityInformationAccess.__ne__cCstt|jSr%r`rwrr(r"r"r#raBsz#AuthorityInformationAccess.__hash__N)r;r<r=rZAUTHORITY_INFORMATION_ACCESSr5r4r1rOrPrQrNr]r^rar"r"r"r#r|&s r|c@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) SubjectInformationAccesscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%r}rer"r"r#rhLsz4SubjectInformationAccess.__init__..rrrr"r"r#r4Js z!SubjectInformationAccess.__init__rcCs d|jS)Nzrr(r"r"r#rNVsz!SubjectInformationAccess.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]Ys zSubjectInformationAccess.__eq__cCs ||k Sr%r"r[r"r"r#r^_szSubjectInformationAccess.__ne__cCstt|jSr%rr(r"r"r#rabsz!SubjectInformationAccess.__hash__N)r;r<r=rZSUBJECT_INFORMATION_ACCESSr5r4r1rOrPrQrNr]r^rar"r"r"r#rFs rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)r~cCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)rrrKr_access_method_access_location)r) access_methodaccess_locationr"r"r#r4gs   zAccessDescription.__init__cCs d|S)NzYrvr(r"r"r#rNqszAccessDescription.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rr~rZrrr[r"r"r#r]ws    zAccessDescription.__eq__cCs ||k Sr%r"r[r"r"r#r^szAccessDescription.__ne__cCst|j|jfSr%)r`rrr(r"r"r#raszAccessDescription.__hash__rrN) r;r<r=r4rNr]r^rarrbrrr"r"r"r#r~fs   r~c@sNeZdZejZddZedZ edZ ddZ ddZ d d Z d d Zd S)BasicConstraintscCsZt|tstd|dk r&|s&td|dk rJt|tjrB|dkrJtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)rboolrKrrUrV_ca _path_length)r)ca path_lengthr"r"r#r4s   zBasicConstraints.__init__rrcCs d|S)Nz:rvr(r"r"r#rNszBasicConstraints.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrZrrr[r"r"r#r]s zBasicConstraints.__eq__cCs ||k Sr%r"r[r"r"r#r^szBasicConstraints.__ne__cCst|j|jfSr%)r`rrr(r"r"r#raszBasicConstraints.__hash__N)r;r<r=rZBASIC_CONSTRAINTSr5r4rrbrrrNr]r^rar"r"r"r#rs  rc@sDeZdZejZddZedZ ddZ ddZ dd Z d d Z d S) DeltaCRLIndicatorcCst|tjstd||_dSrSrTrXr"r"r#r4s zDeltaCRLIndicator.__init__rWcCst|tstS|j|jkSr%)rrrZrYr[r"r"r#r]s zDeltaCRLIndicator.__eq__cCs ||k Sr%r"r[r"r"r#r^szDeltaCRLIndicator.__ne__cCs t|jSr%r_r(r"r"r#raszDeltaCRLIndicator.__hash__cCs d|S)Nz.rvr(r"r"r#rNszDeltaCRLIndicator.__repr__N)r;r<r=rZDELTA_CRL_INDICATORr5r4rrbrYr]r^rarNr"r"r"r#rs rc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) CRLDistributionPointscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rDistributionPointrer"r"r#rhsz1CRLDistributionPoints.__init__..?distribution_points must be a list of DistributionPoint objectsrirjrK_distribution_pointsr)Zdistribution_pointsr"r"r#r4szCRLDistributionPoints.__init__rcCs d|jS)NzrGrr(r"r"r#rNszCRLDistributionPoints.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zCRLDistributionPoints.__eq__cCs ||k Sr%r"r[r"r"r#r^szCRLDistributionPoints.__ne__cCstt|jSr%r`rwrr(r"r"r#raszCRLDistributionPoints.__hash__N)r;r<r=rZCRL_DISTRIBUTION_POINTSr5r4r1rOrPrQrNr]r^rar"r"r"r#rs  rc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) FreshestCRLcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrer"r"r#rhsz'FreshestCRL.__init__..rrrr"r"r#r4szFreshestCRL.__init__rcCs d|jS)Nzrr(r"r"r#rNszFreshestCRL.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r] s zFreshestCRL.__eq__cCs ||k Sr%r"r[r"r"r#r^szFreshestCRL.__ne__cCstt|jSr%rr(r"r"r#raszFreshestCRL.__hash__N)r;r<r=rZ FRESHEST_CRLr5r4r1rOrPrQrNr]r^rar"r"r"r#rs  rc@s\eZdZddZddZddZddZd d Ze d Z e d Z e d Z e dZ dS)rcCs|r|rtd|r6t|}tdd|Ds6td|rLt|tsLtd|rrt|}tdd|Dsrtd|rt|trtdd|Dstd |rtj|kstj |krtd |r|s|s|std ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdSr%rdrer"r"r#rh"sz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdSr%rdrer"r"r#rh/sz2crl_issuer must be None or a list of general namescss|]}t|tVqdSr%r ReasonFlagsrer"r"r#rh6sz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)rrirjrKrr frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r) full_name relative_namereasons crl_issuerr"r"r#r4sV zDistributionPoint.__init__cCs d|S)Nz}rvr(r"r"r#rNNszDistributionPoint.__repr__cCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkSr%)rrrZrrrrr[r"r"r#r]Us     zDistributionPoint.__eq__cCs ||k Sr%r"r[r"r"r#r^`szDistributionPoint.__ne__cCsH|jdk rt|j}nd}|jdk r0t|j}nd}t||j|j|fSr%)rrwrr`rr)r)fnrr"r"r#racs    zDistributionPoint.__hash__rrrrN)r;r<r=r4rNr]r^rarrbrrrrr"r"r"r#rs5    rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rrZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) r;r<r=rZkey_compromiseZ ca_compromiseZaffiliation_changedrZcessation_of_operationZcertificate_holdZprivilege_withdrawnZ aa_compromiserr"r"r"r#rvsrc@sNeZdZejZddZddZddZddZ d d Z e d Z e d Zd S)PolicyConstraintscCs`|dk rt|tjstd|dk r8t|tjs8td|dkrP|dkrPtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)rrUrVrKr_require_explicit_policy_inhibit_policy_mapping)r)require_explicit_policyinhibit_policy_mappingr"r"r#r4s(  zPolicyConstraints.__init__cCs d|S)Nz{rvr(r"r"r#rNszPolicyConstraints.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrZrrr[r"r"r#r]s    zPolicyConstraints.__eq__cCs ||k Sr%r"r[r"r"r#r^szPolicyConstraints.__ne__cCst|j|jfSr%)r`rrr(r"r"r#ras zPolicyConstraints.__hash__rrN)r;r<r=rZPOLICY_CONSTRAINTSr5r4rNr]r^rarrbrrr"r"r"r#rs rc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) CertificatePoliciescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%)rPolicyInformationrer"r"r#rhsz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rirjrK _policies)r)Zpoliciesr"r"r#r4s zCertificatePolicies.__init__rcCs d|jS)Nz)rGrr(r"r"r#rNszCertificatePolicies.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zCertificatePolicies.__eq__cCs ||k Sr%r"r[r"r"r#r^szCertificatePolicies.__ne__cCstt|jSr%)r`rwrr(r"r"r#raszCertificatePolicies.__hash__N)r;r<r=rZCERTIFICATE_POLICIESr5r4r1rOrPrQrNr]r^rar"r"r"r#rs rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)rcCsHt|tstd||_|r>t|}tdd|Ds>td||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|tjtfVqdSr%)rrU text_type UserNoticerer"r"r#rhsz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)rrrK_policy_identifierrirj_policy_qualifiers)r)policy_identifierpolicy_qualifiersr"r"r#r4s zPolicyInformation.__init__cCs d|S)Nzervr(r"r"r#rNszPolicyInformation.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrZrrr[r"r"r#r]s    zPolicyInformation.__eq__cCs ||k Sr%r"r[r"r"r#r^szPolicyInformation.__ne__cCs(|jdk rt|j}nd}t|j|fSr%)rrwr`r)r)Zpqr"r"r#ras  zPolicyInformation.__hash__rrN) r;r<r=r4rNr]r^rarrbrrr"r"r"r#rs  rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)rcCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)rNoticeReferencerK_notice_reference_explicit_text)r)notice_reference explicit_textr"r"r#r4szUserNotice.__init__cCs d|S)NzVrvr(r"r"r#rNszUserNotice.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrZrrr[r"r"r#r]$s    zUserNotice.__eq__cCs ||k Sr%r"r[r"r"r#r^-szUserNotice.__ne__cCst|j|jfSr%)r`rrr(r"r"r#ra0szUserNotice.__hash__rrN) r;r<r=r4rNr]r^rarrbrrr"r"r"r#rs   rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)rcCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdSr%)rintrer"r"r#rh;sz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrirjrK_notice_numbers)r) organizationnotice_numbersr"r"r#r48s zNoticeReference.__init__cCs d|S)NzUrvr(r"r"r#rN@szNoticeReference.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrZrrr[r"r"r#r]Fs    zNoticeReference.__eq__cCs ||k Sr%r"r[r"r"r#r^OszNoticeReference.__ne__cCst|jt|jfSr%)r`rrwrr(r"r"r#raRszNoticeReference.__hash__rrN) r;r<r=r4rNr]r^rarrbrrr"r"r"r#r7s  rc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) ExtendedKeyUsagecCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%)rrrer"r"r#rh_sz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rirjrK_usages)r)Zusagesr"r"r#r4]s zExtendedKeyUsage.__init__rcCs d|jS)Nz)rGrr(r"r"r#rNhszExtendedKeyUsage.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]ks zExtendedKeyUsage.__eq__cCs ||k Sr%r"r[r"r"r#r^qszExtendedKeyUsage.__ne__cCstt|jSr%)r`rwrr(r"r"r#ratszExtendedKeyUsage.__hash__N)r;r<r=rZEXTENDED_KEY_USAGEr5r4r1rOrPrQrNr]r^rar"r"r"r#rYs rc@s2eZdZejZddZddZddZddZ d S) OCSPNoCheckcCst|tstSdSNT)rrrZr[r"r"r#r]|s zOCSPNoCheck.__eq__cCs ||k Sr%r"r[r"r"r#r^szOCSPNoCheck.__ne__cCsttSr%)r`rr(r"r"r#raszOCSPNoCheck.__hash__cCsdS)Nzr"r(r"r"r#rNszOCSPNoCheck.__repr__N) r;r<r=rZ OCSP_NO_CHECKr5r]r^rarNr"r"r"r#rxs rc@s2eZdZejZddZddZddZddZ d S) PrecertPoisoncCst|tstSdSr)rrrZr[r"r"r#r]s zPrecertPoison.__eq__cCs ||k Sr%r"r[r"r"r#r^szPrecertPoison.__ne__cCsttSr%)r`rr(r"r"r#raszPrecertPoison.__hash__cCsdS)Nzr"r(r"r"r#rNszPrecertPoison.__repr__N) r;r<r=rZPRECERT_POISONr5r]r^rarNr"r"r"r#rs rc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) TLSFeaturecCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdSr%)rTLSFeatureTyperer"r"r#rhsz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rirjr&rK _features)r)featuresr"r"r#r4s zTLSFeature.__init__rcCs d|S)Nz$rvr(r"r"r#rNszTLSFeature.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zTLSFeature.__eq__cCs ||k Sr%r"r[r"r"r#r^szTLSFeature.__ne__cCstt|jSr%)r`rwrr(r"r"r#raszTLSFeature.__hash__N)r;r<r=rZ TLS_FEATUREr5r4r1rOrPrQrNr]r^rar"r"r"r#rs rc@seZdZdZdZdS)rN)r;r<r=Zstatus_requestZstatus_request_v2r"r"r"r#rsrcCsi|] }|j|qSr"rLrer"r"r# src@sDeZdZejZddZddZddZddZ d d Z e d Z d S) InhibitAnyPolicycCs.t|tjstd|dkr$td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)rrUrVrKr _skip_certs)r) skip_certsr"r"r#r4s  zInhibitAnyPolicy.__init__cCs d|S)Nz-rvr(r"r"r#rNszInhibitAnyPolicy.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zInhibitAnyPolicy.__eq__cCs ||k Sr%r"r[r"r"r#r^szInhibitAnyPolicy.__ne__cCs t|jSr%)r`rr(r"r"r#raszInhibitAnyPolicy.__hash__rN)r;r<r=rZINHIBIT_ANY_POLICYr5r4rNr]r^rarrbrr"r"r"r#rs rc@seZdZejZddZedZ edZ edZ edZ edZ edZed Zed d Zed d ZddZddZddZddZdS)KeyUsagec CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r)digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyr"r"r#r4s zKeyUsage.__init__rrrrrrrcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrrr(r"r"r#rs zKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrrr(r"r"r#r!s zKeyUsage.decipher_onlycCs<z|j}|j}Wntk r,d}d}YnXd|||S)NFa-)rrrrG)r)rrr"r"r#rN*s  zKeyUsage.__repr__cCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kSr%) rrrZrrrrrrrrrr[r"r"r#r]?s&          zKeyUsage.__eq__cCs ||k Sr%r"r[r"r"r#r^OszKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f Sr%) r`rrrrrrrrrr(r"r"r#raRszKeyUsage.__hash__N)r;r<r=rZ KEY_USAGEr5r4rrbrrrrrrrpropertyrrrNr]r^rar"r"r"r#rs"         rc@sVeZdZejZddZddZddZddZ d d Z d d Z e d Ze dZdS)NameConstraintscCs|dk r4t|}tdd|Ds*td|||dk rht|}tdd|Ds^td|||dkr|dkrtd||_||_dS)Ncss|]}t|tVqdSr%rdrer"r"r#rhisz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|tVqdSr%rdrer"r"r#rhssz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rirjrK_validate_ip_namer_permitted_subtrees_excluded_subtrees)r)permitted_subtreesexcluded_subtreesr"r"r#r4fs(  zNameConstraints.__init__cCs&t|tstS|j|jko$|j|jkSr%)rrrZrrr[r"r"r#r]s    zNameConstraints.__eq__cCs ||k Sr%r"r[r"r"r#r^szNameConstraints.__ne__cCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdSr%)rrrL ipaddress IPv4Network IPv6Network)rfnamer"r"r#rhs   z4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyrK)r)treer"r"r#rs z!NameConstraints._validate_ip_namecCs d|S)Nzervr(r"r"r#rNszNameConstraints.__repr__cCs@|jdk rt|j}nd}|jdk r0t|j}nd}t||fSr%)rrwrr`)r)Zpsesr"r"r#ras    zNameConstraints.__hash__rrN)r;r<r=rZNAME_CONSTRAINTSr5r4r]r^rrNrarrbrrr"r"r"r#rbs   rc@sReZdZddZedZedZedZddZ dd Z d d Z d d Z dS) ExtensioncCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)rrrKr_oid _critical_value)r)r5criticalrLr"r"r#r4s  zExtension.__init__rrrcCs d|S)Nz@rvr(r"r"r#rNszExtension.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkSr%)rrrZr5rrLr[r"r"r#r]s    zExtension.__eq__cCs ||k Sr%r"r[r"r"r#r^szExtension.__ne__cCst|j|j|jfSr%)r`r5rrLr(r"r"r#raszExtension.__hash__N) r;r<r=r4rrbr5rrLrNr]r^rar"r"r"r#rs    rc@sJeZdZddZed\ZZZddZddZ dd Z d d Z d d Z dS) GeneralNamescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rdrer"r"r#rhsz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rirjrK_general_namesr)Z general_namesr"r"r#r4s zGeneralNames.__init__rcs0fdd|D}tkr(dd|D}t|S)Nc3s|]}t|r|VqdSr%)rrfityper"r#rhs z3GeneralNames.get_values_for_type..css|] }|jVqdSr%rrr"r"r#rhs)rri)r)robjsr"rr#get_values_for_typesz GeneralNames.get_values_for_typecCs d|jS)NzrGrr(r"r"r#rNszGeneralNames.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zGeneralNames.__eq__cCs ||k Sr%r"r[r"r"r#r^szGeneralNames.__ne__cCstt|jSr%)r`rwrr(r"r"r#raszGeneralNames.__hash__N) r;r<r=r4r1rOrPrQrrNr]r^rar"r"r"r#rs  rc@sPeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd d ZdS)SubjectAlternativeNamecCst||_dSr%rrrr"r"r#r4szSubjectAlternativeName.__init__rcCs |j|Sr%rrr)rr"r"r#r sz*SubjectAlternativeName.get_values_for_typecCs d|jS)Nzrr(r"r"r#rNszSubjectAlternativeName.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zSubjectAlternativeName.__eq__cCs ||k Sr%r"r[r"r"r#r^szSubjectAlternativeName.__ne__cCs t|jSr%r`rr(r"r"r#raszSubjectAlternativeName.__hash__N)r;r<r=rZSUBJECT_ALTERNATIVE_NAMEr5r4r1rOrPrQrrNr]r^rar"r"r"r#rsrc@sPeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd d ZdS)IssuerAlternativeNamecCst||_dSr%rrr"r"r#r4#szIssuerAlternativeName.__init__rcCs |j|Sr%rrr"r"r#r(sz)IssuerAlternativeName.get_values_for_typecCs d|jS)Nzrr(r"r"r#rN+szIssuerAlternativeName.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r].s zIssuerAlternativeName.__eq__cCs ||k Sr%r"r[r"r"r#r^4szIssuerAlternativeName.__ne__cCs t|jSr%rr(r"r"r#ra7szIssuerAlternativeName.__hash__N)r;r<r=rZISSUER_ALTERNATIVE_NAMEr5r4r1rOrPrQrrNr]r^rar"r"r"r#rsrc@sPeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd d ZdS)CertificateIssuercCst||_dSr%rrr"r"r#r4?szCertificateIssuer.__init__rcCs |j|Sr%rrr"r"r#rDsz%CertificateIssuer.get_values_for_typecCs d|jS)Nzrr(r"r"r#rNGszCertificateIssuer.__repr__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]Js zCertificateIssuer.__eq__cCs ||k Sr%r"r[r"r"r#r^PszCertificateIssuer.__ne__cCs t|jSr%rr(r"r"r#raSszCertificateIssuer.__hash__N)r;r<r=rZCERTIFICATE_ISSUERr5r4r1rOrPrQrrNr]r^rar"r"r"r#r;src@sDeZdZejZddZddZddZddZ d d Z e d Z d S) CRLReasoncCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)rrrK_reason)r)reasonr"r"r#r4[s zCRLReason.__init__cCs d|jS)Nz)rGr r(r"r"r#rNaszCRLReason.__repr__cCst|tstS|j|jkSr%)rr rZr r[r"r"r#r]ds zCRLReason.__eq__cCs ||k Sr%r"r[r"r"r#r^jszCRLReason.__ne__cCs t|jSr%)r`r r(r"r"r#ramszCRLReason.__hash__r N)r;r<r=rZ CRL_REASONr5r4rNr]r^rarrbr r"r"r"r#r Wsr c@sDeZdZejZddZddZddZddZ d d Z e d Z d S) InvalidityDatecCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)rdatetimerK_invalidity_date)r)invalidity_dater"r"r#r4ws zInvalidityDate.__init__cCs d|jS)Nz$)rGrr(r"r"r#rN}szInvalidityDate.__repr__cCst|tstS|j|jkSr%)rr rZrr[r"r"r#r]s zInvalidityDate.__eq__cCs ||k Sr%r"r[r"r"r#r^szInvalidityDate.__ne__cCs t|jSr%)r`rr(r"r"r#raszInvalidityDate.__hash__rN)r;r<r=rZINVALIDITY_DATEr5r4rNr]r^rarrbrr"r"r"r#r ssr c@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) )PrecertificateSignedCertificateTimestampscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrrfZsctr"r"r#rhszEPrecertificateSignedCertificateTimestamps.__init__..YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamprirjrK_signed_certificate_timestampsr)Zsigned_certificate_timestampsr"r"r#r4sz2PrecertificateSignedCertificateTimestamps.__init__rcCsdt|S)Nz/rGrir(r"r"r#rNsz2PrecertificateSignedCertificateTimestamps.__repr__cCstt|jSr%r`rwrr(r"r"r#rasz2PrecertificateSignedCertificateTimestamps.__hash__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s  z0PrecertificateSignedCertificateTimestamps.__eq__cCs ||k Sr%r"r[r"r"r#r^sz0PrecertificateSignedCertificateTimestamps.__ne__N)r;r<r=rZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr5r4r1rOrPrQrNrar]r^r"r"r"r#rs   rc@sHeZdZejZddZed\ZZ Z ddZ ddZ dd Z d d Zd S) SignedCertificateTimestampscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrr"r"r#rhsz7SignedCertificateTimestamps.__init__..rrrr"r"r#r4sz$SignedCertificateTimestamps.__init__rcCsdt|S)Nz!rr(r"r"r#rNsz$SignedCertificateTimestamps.__repr__cCstt|jSr%rr(r"r"r#rasz$SignedCertificateTimestamps.__hash__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s  z"SignedCertificateTimestamps.__eq__cCs ||k Sr%r"r[r"r"r#r^sz"SignedCertificateTimestamps.__ne__N)r;r<r=rZSIGNED_CERTIFICATE_TIMESTAMPSr5r4r1rOrPrQrNrar]r^r"r"r"r#rs   rc@sDeZdZejZddZddZddZddZ d d Z e d Z d S) OCSPNoncecCst|tstd||_dS)Nznonce must be bytes)rbytesrK_nonce)r)noncer"r"r#r4s zOCSPNonce.__init__cCst|tstS|j|jkSr%)rrrZrr[r"r"r#r]s zOCSPNonce.__eq__cCs ||k Sr%r"r[r"r"r#r^szOCSPNonce.__ne__cCs t|jSr%)r`rr(r"r"r#raszOCSPNonce.__hash__cCs d|S)Nzrvr(r"r"r#rNszOCSPNonce.__repr__rN)r;r<r=rZNONCEr5r4r]r^rarNrrbrr"r"r"r#rsrc@seZdZejZddZddZddZddZ d d Z e d Z e d Ze d Ze dZe dZe dZe dZdS)IssuingDistributionPointc Cs|r(t|tr tdd|Ds(td|rHtj|ks@tj|krHtdt|trpt|trpt|trpt|tsxtd||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_ ||_||_||_||_dS) Ncss|]}t|tVqdSr%rrer"r"r#rh sz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSr"r"rer"r"r# /sz5IssuingDistributionPoint.__init__..zOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rrrjrKrrrrrr&r_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r)rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsZcrl_constraintsr"r"r#r4sp  z!IssuingDistributionPoint.__init__cCs d|S)NaGrvr(r"r"r#rNQsz!IssuingDistributionPoint.__repr__cCsbt|tstS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j |j kSr%) rrrZrrr&r'r(r)r*r[r"r"r#r]]s"       zIssuingDistributionPoint.__eq__cCs ||k Sr%r"r[r"r"r#r^lszIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jfSr%)r`rrr&r'r(r)r*r(r"r"r#raosz!IssuingDistributionPoint.__hash__rrr!r"r%r#r$N)r;r<r=rZISSUING_DISTRIBUTION_POINTr5r4rNr]r^rarrbrrr&r'r(r)r*r"r"r"r#rs&P     rc@sHeZdZddZedZedZddZddZ d d Z d d Z d S)rJcCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)rrrKrr)r)r5rLr"r"r#r4s zUnrecognizedExtension.__init__rrcCs d|S)Nz7rvr(r"r"r#rNszUnrecognizedExtension.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrJrZr5rLr[r"r"r#r]s zUnrecognizedExtension.__eq__cCs ||k Sr%r"r[r"r"r#r^szUnrecognizedExtension.__ne__cCst|j|jfSr%)r`r5rLr(r"r"r#raszUnrecognizedExtension.__hash__N) r;r<r=r4rrbr5rLrNr]r^rar"r"r"r#rJs  rJ)W __future__rrrrAr rrenumrrUZ cryptographyrZcryptography.hazmat._derrrr r Zcryptography.hazmat.primitivesr r Z,cryptography.hazmat.primitives.asymmetric.ecr Z-cryptography.hazmat.primitives.asymmetric.rsarZ*cryptography.x509.certificate_transparencyrZcryptography.x509.general_namerrrZcryptography.x509.namerZcryptography.x509.oidrrrrr$r1 Exceptionr2r? add_metaclassABCMetaobjectr@rCZregister_interfacerRrcryr|rr~rrrrrrrrrrrrrrrrZ_TLS_FEATURE_TYPE_TO_ENUMrrrrrrrrr r rrrrrJr"r"r"r#s      (  ![$)##^ <2%"" qQ)&(&