U q`@sddlZddlZddlZddlZddlZddlmZddlmZddl m Z m Z m Z m Z ddlmZddlmZmZddlmZddlmZdd lmZdd lmZmZmZdd lmZdd lm Z m!Z!m"Z"m#Z#ee$d ddZ%ddZ&Gddde'Z(Gddde'Z)Gdddej*dZ+Gddde,Z-Gddde+Z.Gddde+Z/Gdd d e+Z0Gd!d"d"e+Z1Gd#d$d$e+Z2Gd%d&d&e,Z3Gd'd(d(e+Z4Gd)d*d*e+Z5Gd+d,d,e+Z6Gd-d.d.e+Z7Gd/d0d0e,Z8Gd1d2d2eZ9Gd3d4d4e+Z:Gd5d6d6e+Z;Gd7d8d8e,ZGd=d>d>e+Z?Gd?d@d@e+Z@GdAdBdBe+ZAGdCdDdDe+ZBGdEdFdFeZCdGdHeCDZDGdIdJdJe+ZEGdKdLdLe+ZFGdMdNdNe+ZGGdOdPdPe,ZHGdQdRdRe,ZIGdSdTdTe+ZJGdUdVdVe+ZKGdWdXdXe+ZLGdYdZdZe+ZMGd[d\d\e+ZNGd]d^d^e+ZOGd_d`d`e+ZPGdadbdbe+ZQGdcdddde+ZRGdedfdfe+ZSdS)gN)Enum)utils) BIT_STRING DERReaderOBJECT_IDENTIFIERSEQUENCE)_PUBLIC_KEY_TYPES) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)SignedCertificateTimestamp) GeneralName IPAddress OtherName)RelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifier public_keyreturnc Cst|tr |tjjtjj}nt|tr@|tjj tjj }n|tjjtjj }t |}| t}|t}|t}W5QRX| |t|s|W5QRX|dkrtd|j}t|S)NrzInvalid public key encoding) isinstancer Z public_bytesr EncodingZDERZ PublicFormatZPKCS1r ZX962ZUncompressedPointZSubjectPublicKeyInforZread_single_elementrZ read_elementrrZis_emptyZread_any_elementZ read_byte ValueErrordatahashlibsha1digest)rrZ serializedreaderZpublic_key_info algorithmZpublic_key_datar"C/tmp/pip-target-nv4zd3e_/lib/python/cryptography/x509/extensions.py_key_identifier_from_public_key%s4      r$cs.fdd}fdd}fdd}|||fS)Ncstt|SN)lengetattrself field_namer"r# len_methodNsz*_make_sequence_methods..len_methodcstt|Sr%)iterr'r(r*r"r# iter_methodQsz+_make_sequence_methods..iter_methodcst||Sr%)r')r)idxr*r"r#getitem_methodTsz._make_sequence_methods..getitem_methodr")r+r,r.r0r"r*r#_make_sequence_methodsMs   r1cs$eZdZeedfdd ZZS)DuplicateExtensionmsgoidcstt||||_dSr%)superr2__init__r5r)r4r5 __class__r"r#r7[szDuplicateExtension.__init____name__ __module__ __qualname__strrr7 __classcell__r"r"r9r#r2Zsr2cs$eZdZeedfdd ZZS)ExtensionNotFoundr3cstt||||_dSr%)r6rAr7r5r8r9r"r#r7aszExtensionNotFound.__init__r;r"r"r9r#rA`srAc@s eZdZejedddZdS) ExtensionTypercCsdS)zK Returns the oid associated with the given extension type. Nr"r(r"r"r#r5gszExtensionType.oidN)r<r=r>abcabstractpropertyrr5r"r"r"r#rBfsrB) metaclassc@sTeZdZejddddZeddddZddd d Ze d \Z Z Z d d Z dS) Extensions Extension) extensionscCs ||_dSr%) _extensions)r)rIr"r"r#r7oszExtensions.__init__)r5rcCs0|D]}|j|kr|Sqtd||dS)NNo {} extension was found)r5rAformat)r)r5extr"r"r#get_extension_for_oidrs  z Extensions.get_extension_for_oidrCcCsD|tkrtd|D]}t|j|r|Sqtd||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.rK)UnrecognizedExtension TypeErrorrvaluerArLr5)r)ZextclassrMr"r"r#get_extension_for_classys  z"Extensions.get_extension_for_classrJcCs d|jS)Nz)rLrJr(r"r"r#__repr__szExtensions.__repr__N)r<r=r>typingListr7rrNrRr1__len____iter__ __getitem__rSr"r"r"r#rGns rGc@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S) CRLNumber crl_numbercCst|tstd||_dSNzcrl_number must be an integerrintrP _crl_numberr)r[r"r"r#r7s zCRLNumber.__init__cCst|tstS|j|jkSr%)rrYNotImplementedr[r)otherr"r"r#__eq__s zCRLNumber.__eq__cCs ||k Sr%r"rbr"r"r#__ne__szCRLNumber.__ne__cCs t|jSr%hashr[r(r"r"r#__hash__szCRLNumber.__hash__cCs d|jS)Nz)rLr[r(r"r"r#rSszCRLNumber.__repr__r_N)r<r=r>rZ CRL_NUMBERr5r^r7rdrerhrSrread_only_propertyr[r"r"r"r#rYsrYc@seZdZejZejeejej e eje dddZ e eddddZe dddd d Zd d Zd dZddZddZedZedZedZdS)AuthorityKeyIdentifierkey_identifierauthority_cert_issuerauthority_cert_serial_numbercCsr|dk|dkkrtd|dk rBt|}tdd|DsBtd|dk r\t|ts\td||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdSr%rr.0xr"r"r# sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) rlistallrPrr^_key_identifier_authority_cert_issuer_authority_cert_serial_number)r)rlrmrnr"r"r#r7s, zAuthorityKeyIdentifier.__init__rcCst|}||dddSNrkr$)clsrrr"r"r#from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keySubjectKeyIdentifier)skircCs||jdddSryr)r{r~r"r"r#"from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifiercCs d|S)NzrLr(r"r"r#rSszAuthorityKeyIdentifier.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkSr%)rrjrarlrmrnrbr"r"r#rds   zAuthorityKeyIdentifier.__eq__cCs ||k Sr%r"rbr"r"r#reszAuthorityKeyIdentifier.__ne__cCs,|jdkrd}n t|j}t|j||jfSr%)rmtuplergrlrn)r)Zacir"r"r#rhs    zAuthorityKeyIdentifier.__hash__rvrwrxN)r<r=r>rZAUTHORITY_KEY_IDENTIFIERr5rTOptionalbytesIterablerr^r7 classmethodrr|rrSrdrerhrrirlrmrnr"r"r"r#rjs, !     rjc@s^eZdZejZedddZee ddddZ e dZ dd Zd d Zd d ZddZdS)r}rcCs ||_dSr%)_digest)r)rr"r"r#r7 szSubjectKeyIdentifier.__init__rcCs |t|Sr%rz)r{rr"r"r#from_public_keysz$SubjectKeyIdentifier.from_public_keyrcCs d|jS)Nz$)rLrr(r"r"r#rSszSubjectKeyIdentifier.__repr__cCst|tstSt|j|jSr%)rr}rar Zbytes_eqrrbr"r"r#rds zSubjectKeyIdentifier.__eq__cCs ||k Sr%r"rbr"r"r#re szSubjectKeyIdentifier.__ne__cCs t|jSr%)rgrr(r"r"r#rh#szSubjectKeyIdentifier.__hash__N)r<r=r>rZSUBJECT_KEY_IDENTIFIERr5rr7rrrrrirrSrdrerhr"r"r"r#r} s r}c@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)AuthorityInformationAccessAccessDescription descriptionscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrrpr"r"r#rs,sz6AuthorityInformationAccess.__init__..@Every item in the descriptions list must be an AccessDescriptionrtrurP _descriptionsr)rr"r"r#r7*s z#AuthorityInformationAccess.__init__rcCs d|jS)Nz rLrr(r"r"r#rS6sz#AuthorityInformationAccess.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rd9s z!AuthorityInformationAccess.__eq__cCs ||k Sr%r"rbr"r"r#re?sz!AuthorityInformationAccess.__ne__cCstt|jSr%rgrrr(r"r"r#rhBsz#AuthorityInformationAccess.__hash__N)r<r=r>rZAUTHORITY_INFORMATION_ACCESSr5rTrr7r1rVrWrXrSrdrerhr"r"r"r#r's rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)SubjectInformationAccessrrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrpr"r"r#rsKsz4SubjectInformationAccess.__init__..rrrr"r"r#r7Is z!SubjectInformationAccess.__init__rcCs d|jS)Nzrr(r"r"r#rSUsz!SubjectInformationAccess.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rdXs zSubjectInformationAccess.__eq__cCs ||k Sr%r"rbr"r"r#re^szSubjectInformationAccess.__ne__cCstt|jSr%rr(r"r"r#rhasz!SubjectInformationAccess.__hash__N)r<r=r>rZSUBJECT_INFORMATION_ACCESSr5rTrr7r1rVrWrXrSrdrerhr"r"r"r#rFs rc@sPeZdZeedddZddZddZdd Zd d Z e d Z e d Z dS)r) access_methodaccess_locationcCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)rrrPr_access_method_access_location)r)rrr"r"r#r7fs   zAccessDescription.__init__cCs d|S)NzYrr(r"r"r#rSrszAccessDescription.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rdxs    zAccessDescription.__eq__cCs ||k Sr%r"rbr"r"r#reszAccessDescription.__ne__cCst|j|jfSr%)rgrrr(r"r"r#rhszAccessDescription.__hash__rrN)r<r=r>rrr7rSrdrerhrrirrr"r"r"r#res   rc@s\eZdZejZeeje dddZ e dZ e dZddZdd Zd d Zd d ZdS)BasicConstraints)ca path_lengthcCsXt|tstd|dk r&|s&td|dk rHt|tr@|dkrHtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)rboolrPrr^_ca _path_length)r)rrr"r"r#r7s  zBasicConstraints.__init__rrcCs d|S)Nz:rr(r"r"r#rSszBasicConstraints.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rds zBasicConstraints.__eq__cCs ||k Sr%r"rbr"r"r#reszBasicConstraints.__ne__cCst|j|jfSr%)rgrrr(r"r"r#rhszBasicConstraints.__hash__N)r<r=r>rZBASIC_CONSTRAINTSr5rrTrr^r7rrirrrSrdrerhr"r"r"r#rs  rc@sJeZdZejZedddZe dZ ddZ ddZ d d Z d d Zd S)DeltaCRLIndicatorrZcCst|tstd||_dSr\r]r`r"r"r#r7s zDeltaCRLIndicator.__init__r_cCst|tstS|j|jkSr%)rrrar[rbr"r"r#rds zDeltaCRLIndicator.__eq__cCs ||k Sr%r"rbr"r"r#reszDeltaCRLIndicator.__ne__cCs t|jSr%rfr(r"r"r#rhszDeltaCRLIndicator.__hash__cCs d|S)Nz.rr(r"r"r#rSszDeltaCRLIndicator.__repr__N)r<r=r>rZDELTA_CRL_INDICATORr5r^r7rrir[rdrerhrSr"r"r"r#rs rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)CRLDistributionPointsDistributionPointdistribution_pointscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrrpr"r"r#rssz1CRLDistributionPoints.__init__..?distribution_points must be a list of DistributionPoint objectsrtrurP_distribution_pointsr)rr"r"r#r7szCRLDistributionPoints.__init__rcCs d|jS)NzrLrr(r"r"r#rSszCRLDistributionPoints.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rds zCRLDistributionPoints.__eq__cCs ||k Sr%r"rbr"r"r#reszCRLDistributionPoints.__ne__cCstt|jSr%rgrrr(r"r"r#rhszCRLDistributionPoints.__hash__N)r<r=r>rZCRL_DISTRIBUTION_POINTSr5rTrr7r1rVrWrXrSrdrerhr"r"r"r#rs  rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS) FreshestCRLrrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rrpr"r"r#rssz'FreshestCRL.__init__..rrrr"r"r#r7szFreshestCRL.__init__rcCs d|jS)Nzrr(r"r"r#rS szFreshestCRL.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rd s zFreshestCRL.__eq__cCs ||k Sr%r"rbr"r"r#reszFreshestCRL.__ne__cCstt|jSr%rr(r"r"r#rhszFreshestCRL.__hash__N)r<r=r>rZ FRESHEST_CRLr5rTrr7r1rVrWrXrSrdrerhr"r"r"r#rs  rc@seZdZejejeejeejejdejejedddZ ddZ ddZ d d Z d d Z ed ZedZedZedZdS)r ReasonFlags) full_name relative_namereasons crl_issuercCs|r|rtd|r6t|}tdd|Ds6td|rLt|tsLtd|rrt|}tdd|Dsrtd|rt|trtdd|Dstd |rtj|kstj |krtd |r|s|s|std ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdSr%rorpr"r"r#rs)sz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdSr%rorpr"r"r#rs6sz2crl_issuer must be None or a list of general namescss|]}t|tVqdSr%rrrpr"r"r#rs=sz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)rrtrurPrr frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r)rrrrr"r"r#r7sV zDistributionPoint.__init__cCs d|S)Nz}rr(r"r"r#rSUszDistributionPoint.__repr__cCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkSr%)rrrarrrrrbr"r"r#rd\s     zDistributionPoint.__eq__cCs ||k Sr%r"rbr"r"r#regszDistributionPoint.__ne__cCsH|jdk rt|j}nd}|jdk r0t|j}nd}t||j|j|fSr%)rrrrgrr)r)fnrr"r"r#rhjs    zDistributionPoint.__hash__rrrrN)r<r=r>rTrrrr FrozenSetr7rSrdrerhrrirrrrr"r"r"r#rs ;    rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rrZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) r<r=r>rZkey_compromiseZ ca_compromiseZaffiliation_changedrZcessation_of_operationZcertificate_holdZprivilege_withdrawnZ aa_compromiserr"r"r"r#r}src@sbeZdZejZejeejedddZ ddZ ddZ dd Z d d Z ed Zed ZdS)PolicyConstraints)require_explicit_policyinhibit_policy_mappingcCs\|dk rt|tstd|dk r4t|ts4td|dkrL|dkrLtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)rr^rPr_require_explicit_policy_inhibit_policy_mapping)r)rrr"r"r#r7s(  zPolicyConstraints.__init__cCs d|S)Nz{rr(r"r"r#rSszPolicyConstraints.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rds    zPolicyConstraints.__eq__cCs ||k Sr%r"rbr"r"r#reszPolicyConstraints.__ne__cCst|j|jfSr%)rgrrr(r"r"r#rhs zPolicyConstraints.__hash__rrN)r<r=r>rZPOLICY_CONSTRAINTSr5rTrr^r7rSrdrerhrrirrr"r"r"r#rs  rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS)CertificatePoliciesPolicyInformation)policiescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%)rrrpr"r"r#rssz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rtrurP _policies)r)rr"r"r#r7s zCertificatePolicies.__init__rcCs d|jS)Nz)rLrr(r"r"r#rSszCertificatePolicies.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rds zCertificatePolicies.__eq__cCs ||k Sr%r"rbr"r"r#reszCertificatePolicies.__ne__cCstt|jSr%)rgrrr(r"r"r#rhszCertificatePolicies.__hash__N)r<r=r>rZCERTIFICATE_POLICIESr5rTrr7r1rVrWrXrSrdrerhr"r"r"r#rs rc@sfeZdZeejejejedfdddZ ddZ ddZ d d Z d d Z ed ZedZdS)r UserNotice)policy_identifierpolicy_qualifierscCsHt|tstd||_|r>t|}tdd|Ds>td||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|ttfVqdSr%)rr?rrpr"r"r#rssz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)rrrP_policy_identifierrtru_policy_qualifiers)r)rrr"r"r#r7s zPolicyInformation.__init__cCs d|S)Nzerr(r"r"r#rSszPolicyInformation.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rds    zPolicyInformation.__eq__cCs ||k Sr%r"rbr"r"r#reszPolicyInformation.__ne__cCs(|jdk rt|j}nd}t|j|fSr%)rrrgr)r)Zpqr"r"r#rhs  zPolicyInformation.__hash__rrN)r<r=r>rrTrrUnionr?r7rSrdrerhrrirrr"r"r"r#rs   rc@s\eZdZejdejedddZddZddZd d Z d d Z e d Z e dZdS)rNoticeReference)notice_reference explicit_textcCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)rrrP_notice_reference_explicit_text)r)rrr"r"r#r7!szUserNotice.__init__cCs d|S)NzVrr(r"r"r#rS0szUserNotice.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rd6s    zUserNotice.__eq__cCs ||k Sr%r"rbr"r"r#re?szUserNotice.__ne__cCst|j|jfSr%)rgrrr(r"r"r#rhBszUserNotice.__hash__rrN)r<r=r>rTrr?r7rSrdrerhrrirrr"r"r"r#r s   rc@s\eZdZejeejedddZddZ ddZ dd Z d d Z e d Ze d ZdS)r) organizationnotice_numberscCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdSr%)rr^rpr"r"r#rsQsz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrtrurP_notice_numbers)r)rrr"r"r#r7Js zNoticeReference.__init__cCs d|S)NzUrr(r"r"r#rSVszNoticeReference.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rd\s    zNoticeReference.__eq__cCs ||k Sr%r"rbr"r"r#reeszNoticeReference.__ne__cCst|jt|jfSr%)rgrrrr(r"r"r#rhhszNoticeReference.__hash__rrN)r<r=r>rTrr?rr^r7rSrdrerhrrirrr"r"r"r#rIs   rc@sTeZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd S)ExtendedKeyUsage)usagescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%)rrrpr"r"r#rstsz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rtrurP_usages)r)rr"r"r#r7rs zExtendedKeyUsage.__init__rcCs d|jS)Nz)rLrr(r"r"r#rS}szExtendedKeyUsage.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rds zExtendedKeyUsage.__eq__cCs ||k Sr%r"rbr"r"r#reszExtendedKeyUsage.__ne__cCstt|jSr%)rgrrr(r"r"r#rhszExtendedKeyUsage.__hash__N)r<r=r>rZEXTENDED_KEY_USAGEr5rTrrr7r1rVrWrXrSrdrerhr"r"r"r#ros rc@s2eZdZejZddZddZddZddZ d S) OCSPNoCheckcCst|tstSdSNT)rrrarbr"r"r#rds zOCSPNoCheck.__eq__cCs ||k Sr%r"rbr"r"r#reszOCSPNoCheck.__ne__cCsttSr%)rgrr(r"r"r#rhszOCSPNoCheck.__hash__cCsdS)Nzr"r(r"r"r#rSszOCSPNoCheck.__repr__N) r<r=r>rZ OCSP_NO_CHECKr5rdrerhrSr"r"r"r#rs rc@s2eZdZejZddZddZddZddZ d S) PrecertPoisoncCst|tstSdSr)rrrarbr"r"r#rds zPrecertPoison.__eq__cCs ||k Sr%r"rbr"r"r#reszPrecertPoison.__ne__cCsttSr%)rgrr(r"r"r#rhszPrecertPoison.__hash__cCsdS)Nzr"r(r"r"r#rSszPrecertPoison.__repr__N) r<r=r>rZPRECERT_POISONr5rdrerhrSr"r"r"r#rs rc@sTeZdZejZejddddZe d\Z Z Z ddZ dd Zd d Zd d ZdS) TLSFeatureTLSFeatureType)featurescCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdSr%)rrrpr"r"r#rssz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rtrur&rP _features)r)rr"r"r#r7s zTLSFeature.__init__rcCs d|S)Nz$rr(r"r"r#rSszTLSFeature.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rds zTLSFeature.__eq__cCs ||k Sr%r"rbr"r"r#reszTLSFeature.__ne__cCstt|jSr%)rgrrr(r"r"r#rhszTLSFeature.__hash__N)r<r=r>rZ TLS_FEATUREr5rTrr7r1rVrWrXrSrdrerhr"r"r"r#rs rc@seZdZdZdZdS)rN)r<r=r>Zstatus_requestZstatus_request_v2r"r"r"r#rsrcCsi|] }|j|qSr"rQrpr"r"r# src@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S)InhibitAnyPolicy) skip_certscCs,t|tstd|dkr"td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)rr^rPr _skip_certs)r)rr"r"r#r7s  zInhibitAnyPolicy.__init__cCs d|S)Nz-rr(r"r"r#rSszInhibitAnyPolicy.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rds zInhibitAnyPolicy.__eq__cCs ||k Sr%r"rbr"r"r#reszInhibitAnyPolicy.__ne__cCs t|jSr%)rgrr(r"r"r#rhszInhibitAnyPolicy.__hash__rN)r<r=r>rZINHIBIT_ANY_POLICYr5r^r7rSrdrerhrrirr"r"r"r#rs rc @seZdZejZeeeeeeeeed ddZe dZ e dZ e dZ e dZ e dZe d Ze d Zed d Zed dZddZddZddZddZdS)KeyUsage) digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyc CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r)rrrrrrrrrr"r"r#r7s zKeyUsage.__init__rrrrrrrcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrrr(r"r"r#r(s zKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrrr(r"r"r#r1s zKeyUsage.decipher_onlycCs<z|j}|j}Wntk r,d}d}YnXd|||S)NFa-)rrrrL)r)rrr"r"r#rS:s  zKeyUsage.__repr__cCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kSr%) rrrarrrrrrrrrrbr"r"r#rdOs&          zKeyUsage.__eq__cCs ||k Sr%r"rbr"r"r#re_szKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f Sr%) rgrrrrrrrrrr(r"r"r#rhbszKeyUsage.__hash__N)r<r=r>rZ KEY_USAGEr5rr7rrirrrrrrrpropertyrrrSrdrerhr"r"r"r#rs4          rc@sveZdZejZejeje ejeje dddZ ddZ ddZ dd Z d d Zd d ZedZedZdS)NameConstraints)permitted_subtreesexcluded_subtreescCs|dk r4t|}tdd|Ds*td|||dk rht|}tdd|Ds^td|||dkr|dkrtd||_||_dS)Ncss|]}t|tVqdSr%rorpr"r"r#rs|sz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|tVqdSr%rorpr"r"r#rssz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rtrurP_validate_ip_namer_permitted_subtrees_excluded_subtrees)r)rrr"r"r#r7us(  zNameConstraints.__init__cCs&t|tstS|j|jko$|j|jkSr%)rrrarrrbr"r"r#rds    zNameConstraints.__eq__cCs ||k Sr%r"rbr"r"r#reszNameConstraints.__ne__cCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdSr%)rrrQ ipaddress IPv4Network IPv6Network)rqnamer"r"r#rss   z4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyrP)r)treer"r"r#rs z!NameConstraints._validate_ip_namecCs d|S)Nzerr(r"r"r#rSszNameConstraints.__repr__cCs@|jdk rt|j}nd}|jdk r0t|j}nd}t||fSr%)rrrrg)r)Zpsesr"r"r#rhs    zNameConstraints.__hash__rrN)r<r=r>rZNAME_CONSTRAINTSr5rTrrrr7rdrerrSrhrrirrr"r"r"r#rrs "   rc@s\eZdZeeedddZedZ edZ edZ ddZ d d Z d d Zd dZdS)rH)r5criticalrQcCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)rrrPr_oid _critical_value)r)r5rrQr"r"r#r7s  zExtension.__init__rrr cCs d|S)Nz@rr(r"r"r#rSszExtension.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkSr%)rrHrar5rrQrbr"r"r#rds    zExtension.__eq__cCs ||k Sr%r"rbr"r"r#reszExtension.__ne__cCst|j|j|jfSr%)rgr5rrQr(r"r"r#rhszExtension.__hash__N)r<r=r>rrrBr7rrir5rrQrSrdrerhr"r"r"r#rHs     rHc@sbeZdZejedddZed\ZZ Z ej edddZ dd Z d d Zd d ZddZdS) GeneralNames general_namescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rorpr"r"r#rssz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rtrurP_general_namesr)r r"r"r#r7s zGeneralNames.__init__r typecs0fdd|D}tkr(dd|D}t|S)Nc3s|]}t|r|VqdSr%)rrqirr"r#rss z3GeneralNames.get_values_for_type..css|] }|jVqdSr%rrr"r"r#rss)rrt)r)robjsr"rr#get_values_for_typesz GeneralNames.get_values_for_typecCs d|jS)NzrLr r(r"r"r#rSszGeneralNames.__repr__cCst|tstS|j|jkSr%)rr rar rbr"r"r#rd s zGeneralNames.__eq__cCs ||k Sr%r"rbr"r"r#reszGeneralNames.__ne__cCstt|jSr%)rgrr r(r"r"r#rhszGeneralNames.__hash__N)r<r=r>rTrrr7r1rVrWrXTyperrSrdrerhr"r"r"r#r s  r c@s\eZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)SubjectAlternativeNamer cCst||_dSr%r r rr"r"r#r7szSubjectAlternativeName.__init__r cCs |j|Sr%r rr)rr"r"r#r sz*SubjectAlternativeName.get_values_for_typecCs d|jS)Nzrr(r"r"r#rS#szSubjectAlternativeName.__repr__cCst|tstS|j|jkSr%)rrrar rbr"r"r#rd&s zSubjectAlternativeName.__eq__cCs ||k Sr%r"rbr"r"r#re,szSubjectAlternativeName.__ne__cCs t|jSr%rgr r(r"r"r#rh/szSubjectAlternativeName.__hash__N)r<r=r>rZSUBJECT_ALTERNATIVE_NAMEr5rTrrr7r1rVrWrXrrSrdrerhr"r"r"r#rsrc@s\eZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)IssuerAlternativeNamer cCst||_dSr%rrr"r"r#r76szIssuerAlternativeName.__init__r cCs |j|Sr%rrr"r"r#r;sz)IssuerAlternativeName.get_values_for_typecCs d|jS)Nzrr(r"r"r#rS>szIssuerAlternativeName.__repr__cCst|tstS|j|jkSr%)rrrar rbr"r"r#rdAs zIssuerAlternativeName.__eq__cCs ||k Sr%r"rbr"r"r#reGszIssuerAlternativeName.__ne__cCs t|jSr%rr(r"r"r#rhJszIssuerAlternativeName.__hash__N)r<r=r>rZISSUER_ALTERNATIVE_NAMEr5rTrrr7r1rVrWrXrrSrdrerhr"r"r"r#r3src@s\eZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd dZdS)CertificateIssuerr cCst||_dSr%rrr"r"r#r7QszCertificateIssuer.__init__r cCs |j|Sr%rrr"r"r#rVsz%CertificateIssuer.get_values_for_typecCs d|jS)Nzrr(r"r"r#rSYszCertificateIssuer.__repr__cCst|tstS|j|jkSr%)rrrar rbr"r"r#rd\s zCertificateIssuer.__eq__cCs ||k Sr%r"rbr"r"r#rebszCertificateIssuer.__ne__cCs t|jSr%rr(r"r"r#rheszCertificateIssuer.__hash__N)r<r=r>rZCERTIFICATE_ISSUERr5rTrrr7r1rVrWrXrrSrdrerhr"r"r"r#rNsrc@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S) CRLReason)reasoncCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)rrrP_reason)r)rr"r"r#r7ls zCRLReason.__init__cCs d|jS)Nz)rLr r(r"r"r#rSrszCRLReason.__repr__cCst|tstS|j|jkSr%)rrrarrbr"r"r#rdus zCRLReason.__eq__cCs ||k Sr%r"rbr"r"r#re{szCRLReason.__ne__cCs t|jSr%)rgrr(r"r"r#rh~szCRLReason.__hash__r N)r<r=r>rZ CRL_REASONr5rr7rSrdrerhrrirr"r"r"r#risrc@sLeZdZejZejdddZddZddZ dd Z d d Z e d Zd S)InvalidityDate)invalidity_datecCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)rdatetimerP_invalidity_date)r)r"r"r"r#r7s zInvalidityDate.__init__cCs d|jS)Nz$)rLr$r(r"r"r#rSszInvalidityDate.__repr__cCst|tstS|j|jkSr%)rr!rar"rbr"r"r#rds zInvalidityDate.__eq__cCs ||k Sr%r"rbr"r"r#reszInvalidityDate.__ne__cCs t|jSr%)rgr"r(r"r"r#rhszInvalidityDate.__hash__r$N)r<r=r>rZINVALIDITY_DATEr5r#r7rSrdrerhrrir"r"r"r"r#r!sr!c@sTeZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd S))PrecertificateSignedCertificateTimestampssigned_certificate_timestampscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%rr rqZsctr"r"r#rsszEPrecertificateSignedCertificateTimestamps.__init__..YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamprtrurP_signed_certificate_timestampsr)r'r"r"r#r7sz2PrecertificateSignedCertificateTimestamps.__init__r,cCsdt|S)Nz/rLrtr(r"r"r#rSsz2PrecertificateSignedCertificateTimestamps.__repr__cCstt|jSr%rgrr,r(r"r"r#rhsz2PrecertificateSignedCertificateTimestamps.__hash__cCst|tstS|j|jkSr%)rr%rar,rbr"r"r#rds  z0PrecertificateSignedCertificateTimestamps.__eq__cCs ||k Sr%r"rbr"r"r#resz0PrecertificateSignedCertificateTimestamps.__ne__N)r<r=r>rZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr5rTrr r7r1rVrWrXrSrhrdrer"r"r"r#r%s   r%c@sTeZdZejZejedddZ e d\Z Z Z ddZddZd d Zd d Zd S)SignedCertificateTimestampsr&cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr%r(r)r"r"r#rssz7SignedCertificateTimestamps.__init__..r*r+r-r"r"r#r7sz$SignedCertificateTimestamps.__init__r,cCsdt|S)Nz!r.r(r"r"r#rSsz$SignedCertificateTimestamps.__repr__cCstt|jSr%r/r(r"r"r#rhsz$SignedCertificateTimestamps.__hash__cCst|tstS|j|jkSr%)rr0rar,rbr"r"r#rds  z"SignedCertificateTimestamps.__eq__cCs ||k Sr%r"rbr"r"r#resz"SignedCertificateTimestamps.__ne__N)r<r=r>rZSIGNED_CERTIFICATE_TIMESTAMPSr5rTrr r7r1rVrWrXrSrhrdrer"r"r"r#r0s   r0c@sJeZdZejZedddZddZddZ dd Z d d Z e d Zd S) OCSPNonce)noncecCst|tstd||_dS)Nznonce must be bytes)rrrP_nonce)r)r2r"r"r#r7s zOCSPNonce.__init__cCst|tstS|j|jkSr%)rr1rar2rbr"r"r#rds zOCSPNonce.__eq__cCs ||k Sr%r"rbr"r"r#reszOCSPNonce.__ne__cCs t|jSr%)rgr2r(r"r"r#rh szOCSPNonce.__hash__cCs d|S)Nzrr(r"r"r#rSszOCSPNonce.__repr__r3N)r<r=r>rZNONCEr5rr7rdrerhrSrrir2r"r"r"r#r1sr1c@seZdZejZddZddZddZddZ d d Z e d Z e d Ze d Ze dZe dZe dZe dZdS)IssuingDistributionPointc Cs|r(t|tr tdd|Ds(td|rHtj|ks@tj|krHtdt|trpt|trpt|trpt|tsxtd||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_ ||_||_||_||_dS) Ncss|]}t|tVqdSr%rrpr"r"r#rs#sz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSr"r"rpr"r"r# Esz5IssuingDistributionPoint.__init__..zOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rrrurPrrrrrr&r_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r)rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsZcrl_constraintsr"r"r#r7sp  z!IssuingDistributionPoint.__init__cCs d|S)NaGrr(r"r"r#rSgsz!IssuingDistributionPoint.__repr__cCsbt|tstS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j |j kSr%) rr4rarrr<r=r>r?r@rbr"r"r#rdss"       zIssuingDistributionPoint.__eq__cCs ||k Sr%r"rbr"r"r#reszIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jfSr%)rgrrr<r=r>r?r@r(r"r"r#rhsz!IssuingDistributionPoint.__hash__rrr7r8r;r9r:N)r<r=r>rZISSUING_DISTRIBUTION_POINTr5r7rSrdrerhrrirrr<r=r>r?r@r"r"r"r#r4s&P     r4c@sPeZdZeedddZedZedZ ddZ dd Z d d Z d d Z dS)rO)r5rQcCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)rrrPrr )r)r5rQr"r"r#r7s zUnrecognizedExtension.__init__rr cCs d|S)Nz7rr(r"r"r#rSszUnrecognizedExtension.__repr__cCs&t|tstS|j|jko$|j|jkSr%)rrOrar5rQrbr"r"r#rds zUnrecognizedExtension.__eq__cCs ||k Sr%r"rbr"r"r#reszUnrecognizedExtension.__ne__cCst|j|jfSr%)rgr5rQr(r"r"r#rhszUnrecognizedExtension.__hash__N)r<r=r>rrr7rrir5rQrSrdrerhr"r"r"r#rOs  rO)TrDr#rrrTenumrZ cryptographyrZcryptography.hazmat._derrrrrZcryptography.hazmat._typesrZcryptography.hazmat.primitivesr r Z,cryptography.hazmat.primitives.asymmetric.ecr Z-cryptography.hazmat.primitives.asymmetric.rsar Z*cryptography.x509.certificate_transparencyr Zcryptography.x509.general_namerrrZcryptography.x509.namerZcryptography.x509.oidrrrrrr$r1 Exceptionr2rAABCMetarBobjectrGrYrjr}rrrrrrrrrrrrrrrrrrrZ_TLS_FEATURE_TYPE_TO_ENUMrrrrHr rrrrr!r%r0r1r4rOr"r"r"r#sx       ( !_&)%%d @7)&" qU+&-+