ó Û_e[c@`sddlmZmZmZddlZddlZddlZddlmZm Z ddl m Z m Z m Z ddlmZddlmZmZd„Zd„Zd „Zd „Zd „Zd „Zd „Zd„Zd„Zd„Zd„Zd„Zd„Zd„Z d„Z!d„Z"d„Z#d„Z$d„Z%d„Z&d„Z'd„Z(d„Z)d„Z*d„Z+d „Z,d!„Z-id"e j.j/6d#e j.j06d$e j.j16d%e j.j26d&e j.j36d'e j.j46d(e j.j56d)e j.j66Z7d*„Z8d+„Z9d,„Z:d-„Z;ie'ej<6e+ej=6e%ej>6e*ej?6e*ej@6e-ejA6e&ejB6e ejC6e(ejD6e8ejE6e8ejF6eejG6e$ejH6e9ejI6e:ejJ6ZKie*ej@6e&ejB6e(ejD6eejL6eejM6ZNie*ejO6eejP6eejQ6ZRdS(.i(tabsolute_importtdivisiontprint_functionN(tutilstx509(t_CRL_ENTRY_REASON_ENUM_TO_CODEt_DISTPOINT_TYPE_FULLNAMEt_DISTPOINT_TYPE_RELATIVENAME(t _ASN1Type(tCRLEntryExtensionOIDt ExtensionOIDcC`sb|j|ƒ}|jj||jjƒ}|jj||jjƒ}|j||jjkƒ|S(s Converts a python integer to an ASN1_INTEGER. The returned ASN1_INTEGER will not be garbage collected (to support adding them to structs that take ownership of the object). Be sure to register it for GC if it will be discarded after use. (t _int_to_bnt_ffitgct_libtBN_freetBN_to_ASN1_INTEGERtNULLtopenssl_assert(tbackendtxti((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_asn1_ints cC`s.t||ƒ}|jj||jjƒ}|S(N(RR R RtASN1_INTEGER_free(RRR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_asn1_int_gc)scC`s>|jjƒ}|jj|||ƒ}|j|dkƒ|S(s@ Create an ASN1_OCTET_STRING from a Python byte string. i(RtASN1_OCTET_STRING_newtASN1_OCTET_STRING_setR(Rtdatatlengthtstres((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_asn1_str/scC`sV|jjƒ}|jj||jdƒt|jdƒƒƒ}|j|dkƒ|S(s³ Create an ASN1_UTF8STRING from a Python unicode string. This object will be an ASN1_STRING with UTF8 type in OpenSSL and can be decoded with ASN1_STRING_to_UTF8. tutf8i(RtASN1_UTF8STRING_newtASN1_STRING_settencodetlenR(RtstringRR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_asn1_utf8_str9s  'cC`s1t|||ƒ}|jj||jjƒ}|S(N(RR R RtASN1_OCTET_STRING_free(RRRR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_asn1_str_gcGscC`st||jƒS(N(Rt skip_certs(Rtinhibit_any_policy((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_inhibit_any_policyMscC`sœ|jjƒ}x†|jD]{}d}xl|D]d}t||ƒ}|jj||jjƒ}|jj||d|ƒ}|j|dkƒd}q,WqW|S(sP The X509_NAME created will not be gc'd. Use _encode_name_gc if needed. iiÿÿÿÿi( Rt X509_NAME_newtrdnst_encode_name_entryR R tX509_NAME_ENTRY_freetX509_NAME_add_entryR(Rtnametsubjecttrdntset_flagt attributet name_entryR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt _encode_nameQs   cC`s.t||ƒ}|jj||jjƒ}|S(N(R7R R RtX509_NAME_free(Rt attributesR2((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_name_gcescC`s[|jjƒ}xE|D]=}t||ƒ}|jj||ƒ}|j|dkƒqW|S(s: The sk_X509_NAME_ENTRY created will not be gc'd. i(Rtsk_X509_NAME_ENTRY_new_nullR.tsk_X509_NAME_ENTRY_pushR(RR9tstackR5R6R((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_sk_name_entryks  cC`s‚|jtjkr'|jjdƒ}n|jjdƒ}t||jjƒ}|jj |j j ||jj|t |ƒƒ}|S(Nt utf_16_beR ( t_typeRt BMPStringtvalueR#t _txt2obj_gctoidt dotted_stringRtX509_NAME_ENTRY_create_by_OBJR RR$(RR5RBtobjR6((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyR.ws 'cC`st||jƒS(N(Rt crl_number(Rtext((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt&_encode_crl_number_delta_crl_indicator…scC`sv|jjƒ}|j||jjkƒ|jj||jjƒ}|jj|t|j ƒ}|j|dkƒ|S(Ni( RtASN1_ENUMERATED_newRR RR tASN1_ENUMERATED_freetASN1_ENUMERATED_setRtreason(Rt crl_reasontasn1enumR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_crl_reason‰s cC`se|jj|jjtj|jjƒƒƒ}|j||jjkƒ|jj ||jj ƒ}|S(N( RtASN1_GENERALIZEDTIME_setR Rtcalendarttimegmtinvalidity_datet timetupleRR tASN1_GENERALIZEDTIME_free(RRUttime((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_invalidity_date•s  c C`s^|jjƒ}|j||jjkƒ|jj||jjƒ}x|D] }|jjƒ}|j||jjkƒ|jj||ƒ}|j|dkƒt ||j j ƒ}||_ |j rJ|jjƒ}|j||jjkƒxX|j D]M}|jjƒ} |j| |jjkƒ|jj|| ƒ}|j|dkƒt|tjƒr¬t |tjj ƒ| _t||jdƒt|jdƒƒƒ| j_qùt|tjƒsÄt‚t |tjj ƒ| _|jjƒ} |j| |jjkƒ| | j_ |j!r1t"||j!ƒ| _#nt$||j%ƒ| _&qùW||_'qJqJW|S(Nitascii((Rtsk_POLICYINFO_new_nullRR RR tsk_POLICYINFO_freetPOLICYINFO_newtsk_POLICYINFO_pusht_txt2objtpolicy_identifierREtpolicyidtpolicy_qualifierstsk_POLICYQUALINFO_new_nulltPOLICYQUALINFO_newtsk_POLICYQUALINFO_pusht isinstancetsixt text_typeRtOID_CPS_QUALIFIERtpqualidRR#R$tdtcpsurit UserNoticetAssertionErrortOID_CPS_USER_NOTICEtUSERNOTICE_newt usernoticet explicit_textR&texptextt_encode_notice_referencetnotice_referencet noticereft qualifiers( Rtcertificate_policiestcpt policy_infotpiRRDtpqist qualifiertpqitun((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_certificate_policies¡sL    !  cC`s¾|dkr|jjS|jjƒ}|j||jjkƒt||jƒ|_|jjƒ}||_ xH|j D]=}t ||ƒ}|jj ||ƒ}|j|dkƒquW|SdS(Ni( tNoneR RRt NOTICEREF_newRR&t organizationtsk_ASN1_INTEGER_new_nullt noticenostnotice_numbersRtsk_ASN1_INTEGER_push(Rtnoticetnrt notice_stacktnumbertnumR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyRtÓs   cC`sA|jdƒ}|jj|dƒ}|j||jjkƒ|S(s_ Converts a Python string with an ASN.1 object ID in dotted form to a ASN1_OBJECT. RZi(R#Rt OBJ_txt2objRR R(RR1RG((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyR_æscC`s.t||ƒ}|jj||jjƒ}|S(N(R_R R RtASN1_OBJECT_free(RR1RG((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyRCñscC`st|ddƒS(sg The OCSP No Check extension is defined as a null ASN.1 value embedded in an ASN.1 string. si(R((RRI((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_ocsp_nocheck÷scC`sø|jj}|jjƒ}|jj||jjƒ}||d|jƒ}|j|dkƒ||d|jƒ}|j|dkƒ||d|j ƒ}|j|dkƒ||d|j ƒ}|j|dkƒ||d|j ƒ}|j|dkƒ||d|j ƒ}|j|dkƒ||d|j ƒ}|j|dkƒ|j rª||d|jƒ}|j|dkƒ||d |jƒ}|j|dkƒnJ||ddƒ}|j|dkƒ||d dƒ}|j|dkƒ|S( Niiiiiiiii(RtASN1_BIT_STRING_set_bittASN1_BIT_STRING_newR R tASN1_BIT_STRING_freetdigital_signatureRtcontent_commitmenttkey_enciphermenttdata_enciphermentt key_agreementt key_cert_signtcrl_signt encipher_onlyt decipher_only(Rt key_usagetset_bittkuR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_key_usageÿs6  cC`sÈ|jjƒ}|j||jjkƒ|jj||jjƒ}|jdk rvt ||jt |jƒƒ|_ n|j dk rt ||j ƒ|_n|jdk rÄt||jƒ|_n|S(N(RtAUTHORITY_KEYID_newRR RR tAUTHORITY_KEYID_freetkey_identifierRRR$tkeyidtauthority_cert_issuert_encode_general_namestissuertauthority_cert_serial_numberRtserial(Rtauthority_keyidtakid((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt _encode_authority_key_identifierscC`sv|jjƒ}|jj||jjƒ}|jr9dnd|_|jrr|jdk rrt||jƒ|_ n|S(Niÿi( RtBASIC_CONSTRAINTS_newR R tBASIC_CONSTRAINTS_freetcat path_lengthRRtpathlen(Rtbasic_constraintst constraints((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_basic_constraints7s cC`sÈ|jjƒ}|j||jjkƒ|jj||jjƒ}x~|D]v}|jjƒ}t||j j ƒ}t ||j ƒ}||_ ||_|jj||ƒ}|j|dkƒqJW|S(Ni(Rtsk_ACCESS_DESCRIPTION_new_nullRR RR tsk_ACCESS_DESCRIPTION_freetACCESS_DESCRIPTION_newR_t access_methodREt_encode_general_nametaccess_locationtmethodtlocationtsk_ACCESS_DESCRIPTION_push(Rtauthority_info_accesstaiataccess_descriptiontadRºtgnR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt$_encode_authority_information_accessEs    cC`st|jjƒ}|j||jjkƒxE|D]=}t||ƒ}|jj||ƒ}|j|dkƒq/W|S(Ni(RtGENERAL_NAMES_newRR RR¸tsk_GENERAL_NAME_push(Rtnamest general_namesR1RÁR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyR¥Ys cC`s.t||ƒ}|jj||jjƒ}|S(N(R¥R R RtGENERAL_NAMES_free(RtsanRÆ((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_alt_nameds cC`st||jt|jƒƒS(N(R(tdigestR$(Rtski((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_subject_key_identifierlscC`s2t|tjƒrÃ|jjƒ}|j||jjkƒ|jj|_ |jj ƒ}|j||jjkƒ|j j dƒ}|jj ||t|ƒƒ}|j|dkƒ||j_nkt|tjƒrX|jjƒ}|j||jjkƒ|jj|_ |jj|j jj dƒdƒ}|j||jjkƒ||j_nÖt|tjƒrÂ|jjƒ}|j||jjkƒt||j ƒ}|jj|_ ||j_nlt|tjƒrÀ|jjƒ}|j||jjkƒt|j tjƒr=|j jjtj d |j j!dƒ}nMt|j tj"ƒr~|j jjtj d|j j!dƒ}n |j j}t#||t|ƒƒ} |jj$|_ | |j_%nnt|tj&ƒr|jjƒ}|j||jjkƒ|jj'ƒ} |j| |jjkƒ|jj|j(jj dƒdƒ} |j| |jjkƒ|jj)d|j ƒ} |jj)d ƒ} | | d <|jj*|jj| t|j ƒƒ}||jjkrå|j+ƒt,d ƒ‚n| | _(|| _ |jj-|_ | |j_.nt|tj/ƒr—|jjƒ}|j||jjkƒ|j j dƒ} t#|| t| ƒƒ}|jj0|_ ||j_1n—t|tj2ƒr|jjƒ}|j||jjkƒ|j j dƒ} t#|| t| ƒƒ}|jj3|_ ||j_4nt,d j5|ƒƒ‚|S(NR iRZi ii€isunsigned char[]sunsigned char **isInvalid ASN.1 datas"{0} is an unknown GeneralName typeIl (6RfRtDNSNameRtGENERAL_NAME_newRR RtGEN_DNSttypetASN1_IA5STRING_newRBR#R"R$RktdNSNamet RegisteredIDtGEN_RIDRREt registeredIDt DirectoryNameR7t GEN_DIRNAMEt directoryNamet IPAddresst ipaddresst IPv4Networktnetwork_addresstpackedRt int_to_bytest num_addressest IPv6NetworkRt GEN_IPADDt iPAddresst OtherNamet OTHERNAME_newttype_idtnewt d2i_ASN1_TYPEt_consume_errorst ValueErrort GEN_OTHERNAMEt otherNamet RFC822Namet GEN_EMAILt rfc822NametUniformResourceIdentifiertGEN_URItuniformResourceIdentifiertformat(RR1RÁtia5RBRRGtdir_nameRÝtipaddrt other_nameRåRt data_ptr_ptrtasn1_str((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyR¸ps”            cC`sy|jjƒ}|jj||jjƒ}xH|D]@}t||jƒ}|jj||ƒ}|j|dkƒq1W|S(Ni( Rtsk_ASN1_OBJECT_new_nullR R tsk_ASN1_OBJECT_freeR_REtsk_ASN1_OBJECT_pushR(Rtextended_key_usagetekuRDRGR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_extended_key_usageÑs iiiiiiiic C`s |jjƒ}|jj||jjƒ}xÚ|D]Ò}|jjƒ}|j||jjkƒ|jrß|jj ƒ}|j||jjkƒ||_xC|jD]5}|jj |t |dƒ}|j|dkƒq£Wn|j r=|jj ƒ}|j||jjkƒt|_t||j ƒ|j_||_n|jrº|jj ƒ}|j||jjkƒt|_t||jƒ} |j| |jjkƒ| |j_||_n|jrÛt||jƒ|_n|jj||ƒ}|j|dkƒq1W|S(Ni(Rtsk_DIST_POINT_new_nullR R tsk_DIST_POINT_freetDIST_POINT_newRRtreasonsR‘Rt_CRLREASONFLAGSt full_nametDIST_POINT_NAME_newRRÐR¥R1tfullnamet distpointt relative_nameRR>t relativenamet crl_issuert CRLissuertsk_DIST_POINT_push( RtcdpstcdptpointtdptbitmaskRNRtdpnR ((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_cdps_freshest_crlès@            cC`s}|jjƒ}|j||jjkƒ|jj||jjƒ}t||jƒ}||_ t||j ƒ}||_ |S(N( RtNAME_CONSTRAINTS_newRR RR tNAME_CONSTRAINTS_freet_encode_general_subtreetpermitted_subtreestpermittedSubtreestexcluded_subtreestexcludedSubtrees(Rtname_constraintstnct permittedtexcluded((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_name_constraintss  cC`s•|jjƒ}|j||jjkƒ|jj||jjƒ}|jdk rjt ||jƒ|_ n|j dk r‘t ||j ƒ|_ n|S(N( RtPOLICY_CONSTRAINTS_newRR RR tPOLICY_CONSTRAINTS_freetrequire_explicit_policyRRtrequireExplicitPolicytinhibit_policy_mappingtinhibitPolicyMapping(Rtpolicy_constraintstpc((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyt_encode_policy_constraints"scC`s†|dkr|jjS|jjƒ}xV|D]N}|jjƒ}t||ƒ|_|jj||ƒ}|dks,t ‚q,W|SdS(Ni( RR RRtsk_GENERAL_SUBTREE_new_nulltGENERAL_SUBTREE_newR¸tbasetsk_GENERAL_SUBTREE_pushRn(Rtsubtreestgeneral_subtreesR1tgsR((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyR3s   (St __future__RRRRSRÚRgt cryptographyRRt0cryptography.hazmat.backends.openssl.decode_asn1RRRtcryptography.x509.nameRtcryptography.x509.oidR R RRRR&R(R+R7R:R>R.RJRQRYR€RtR_RCRRŸR«R³RÂR¥RÉRÌR¸Rþt ReasonFlagstkey_compromiset ca_compromisetaffiliation_changedt supersededtcessation_of_operationtcertificate_holdtprivilege_withdrawnt aa_compromiseRRRR(RtBASIC_CONSTRAINTStSUBJECT_KEY_IDENTIFIERt KEY_USAGEtSUBJECT_ALTERNATIVE_NAMEtISSUER_ALTERNATIVE_NAMEtEXTENDED_KEY_USAGEtAUTHORITY_KEY_IDENTIFIERtCERTIFICATE_POLICIEStAUTHORITY_INFORMATION_ACCESStCRL_DISTRIBUTION_POINTSt FRESHEST_CRLtINHIBIT_ANY_POLICYt OCSP_NO_CHECKtNAME_CONSTRAINTStPOLICY_CONSTRAINTSt_EXTENSION_ENCODE_HANDLERSt CRL_NUMBERtDELTA_CRL_INDICATORt_CRL_EXTENSION_ENCODE_HANDLERStCERTIFICATE_ISSUERt CRL_REASONtINVALIDITY_DATEt$_CRL_ENTRY_EXTENSION_ENCODE_HANDLERS(((sX/tmp/pip-install-KP2Jbq/cryptography/cryptography/hazmat/backends/openssl/encode_asn1.pyts’             2         a         *