3 L]@srddlmZmZmZddlZddlZddlZddlZddlZddl m Z ddl m Z ddl Z ddlmZddlmZmZddlmZddlmZdd lmZdd lmZmZmZdd lmZdd lm Z m!Z!m"Z"m#Z#d dZ$Gddde%Z&Gddde%Z'e j(ej)Gddde*Z+Gddde*Z,ej-e+Gddde*Z.ej-e+Gddde*Z/ej-e+Gddde*Z0ej-e+Gddde*Z1Gdd d e*Z2ej-e+Gd!d"d"e*Z3ej-e+Gd#d$d$e*Z4ej-e+Gd%d&d&e*Z5ej-e+Gd'd(d(e*Z6Gd)d*d*e*Z7Gd+d,d,e Z8ej-e+Gd-d.d.e*Z9ej-e+Gd/d0d0e*Z:Gd1d2d2e*Z;Gd3d4d4e*Zej-e+Gd9d:d:e*Z?ej-e+Gd;d<dd>e*ZAGd?d@d@e ZBeCdAdBeBDZDej-e+GdCdDdDe*ZEej-e+GdEdFdFe*ZFej-e+GdGdHdHe*ZGGdIdJdJe*ZHGdKdLdLe*ZIej-e+GdMdNdNe*ZJej-e+GdOdPdPe*ZKej-e+GdQdRdRe*ZLej-e+GdSdTdTe*ZMej-e+GdUdVdVe*ZNej-e+GdWdXdXe*ZOej-e+GdYdZdZe*ZPej-e+Gd[d\d\e*ZQej-e+Gd]d^d^e*ZRdS)_)absolute_importdivisionprint_functionN)Enum) PublicKeyInfo)utils) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)SignedCertificateTimestamp) GeneralName IPAddress OtherName)RelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifiercCstt|tr |jtjjtjj}nFt|tr@|jtjj tjj }n&|jtjjtjj }t t j|d}tj|jS)N public_key) isinstancer Z public_bytesr EncodingZDERZ PublicFormatZPKCS1r ZX962ZUncompressedPointZSubjectPublicKeyInfobytesrloadhashlibsha1digest)rdataZ serializedrF/tmp/pip-install-wfra5znf/cryptography/cryptography/x509/extensions.py_key_identifier_from_public_key s     r cseZdZfddZZS)DuplicateExtensioncstt|j|||_dS)N)superr!__init__oid)selfmsgr$) __class__rrr#8szDuplicateExtension.__init__)__name__ __module__ __qualname__r# __classcell__rr)r'rr!7sr!cseZdZfddZZS)ExtensionNotFoundcstt|j|||_dS)N)r"r,r#r$)r%r&r$)r'rrr#>szExtensionNotFound.__init__)r(r)r*r#r+rr)r'rr,=sr,c@seZdZejddZdS) ExtensionTypecCsdS)zK Returns the oid associated with the given extension type. Nr)r%rrrr$EszExtensionType.oidN)r(r)r*abcabstractpropertyr$rrrrr-Csr-c@sDeZdZddZddZddZddZd d Zd d Zd dZ dS) ExtensionscCs ||_dS)N) _extensions)r% extensionsrrrr#MszExtensions.__init__cCs0x|D]}|j|kr|SqWtdj||dS)NzNo {} extension was found)r$r,format)r%r$extrrrget_extension_for_oidPs  z Extensions.get_extension_for_oidcCsD|tkrtdx|D]}t|j|r|SqWtdj||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.zNo {} extension was found)UnrecognizedExtension TypeErrorrvaluer,r3r$)r%Zextclassr4rrrget_extension_for_classWs  z"Extensions.get_extension_for_classcCs t|jS)N)iterr1)r%rrr__iter__gszExtensions.__iter__cCs t|jS)N)lenr1)r%rrr__len__jszExtensions.__len__cCs |j|S)N)r1)r%idxrrr __getitem__mszExtensions.__getitem__cCs dj|jS)Nz)r3r1)r%rrr__repr__pszExtensions.__repr__N) r(r)r*r#r5r9r;r=r?r@rrrrr0Lsr0c@sDeZdZejZddZddZddZddZ d d Z e j d Z d S) CRLNumbercCst|tjstd||_dS)Nzcrl_number must be an integer)rsix integer_typesr7 _crl_number)r% crl_numberrrrr#zs zCRLNumber.__init__cCst|tstS|j|jkS)N)rrANotImplementedrE)r%otherrrr__eq__s zCRLNumber.__eq__cCs ||k S)Nr)r%rGrrr__ne__szCRLNumber.__ne__cCs t|jS)N)hashrE)r%rrr__hash__szCRLNumber.__hash__cCs dj|jS)Nz)r3rE)r%rrrr@szCRLNumber.__repr__rDN)r(r)r*rZ CRL_NUMBERr$r#rHrIrKr@rread_only_propertyrErrrrrAvsrAc@speZdZejZddZeddZeddZ ddZ d d Z d d Z d dZ ejdZejdZejdZdS)AuthorityKeyIdentifiercCsv|dk|dkkrtd|dk rBt|}tdd|DsBtd|dk r`t|tj r`td||_||_||_ dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdS)N)rr ).0xrrr sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) ValueErrorlistallr7rrBrC_key_identifier_authority_cert_issuer_authority_cert_serial_number)r%key_identifierauthority_cert_issuerauthority_cert_serial_numberrrrr#s"   zAuthorityKeyIdentifier.__init__cCst|}||dddS)N)rWrXrY)r )clsrrrrrfrom_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keycCs:t|tr|j}n|jj}tjdtjdd||dddS)NzExtension objects are deprecated as arguments to from_issuer_subject_key_identifier and support will be removed soon. Please migrate to passing a SubjectKeyIdentifier directly.) stacklevel)rWrXrY)rSubjectKeyIdentifierrr8warningswarnrZDeprecatedIn27)rZZskirrrr"from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifiercCs dj|S)Nz)r3)r%rrrr@szAuthorityKeyIdentifier.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkS)N)rrMrFrWrXrY)r%rGrrrrHs    zAuthorityKeyIdentifier.__eq__cCs ||k S)Nr)r%rGrrrrIszAuthorityKeyIdentifier.__ne__cCs,|jdkrd}n t|j}t|j||jfS)N)rXtuplerJrWrY)r%ZacirrrrKs   zAuthorityKeyIdentifier.__hash__rTrUrVN)r(r)r*rZAUTHORITY_KEY_IDENTIFIERr$r# classmethodr[rar@rHrIrKrrLrWrXrYrrrrrMs    rMc@sPeZdZejZddZeddZe j dZ ddZ dd Z d d Zd d ZdS)r^cCs ||_dS)N)_digest)r%rrrrr#szSubjectKeyIdentifier.__init__cCs |t|S)N)r )rZrrrrfrom_public_keysz$SubjectKeyIdentifier.from_public_keyrdcCs dj|jS)Nz$)r3r)r%rrrr@szSubjectKeyIdentifier.__repr__cCst|tstStj|j|jS)N)rr^rFrZbytes_eqr)r%rGrrrrH s zSubjectKeyIdentifier.__eq__cCs ||k S)Nr)r%rGrrrrIszSubjectKeyIdentifier.__ne__cCs t|jS)N)rJr)r%rrrrKszSubjectKeyIdentifier.__hash__N)r(r)r*rZSUBJECT_KEY_IDENTIFIERr$r#rcrerrLrr@rHrIrKrrrrr^s  r^c@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS)AuthorityInformationAccesscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rAccessDescription)rNrOrrrrPsz6AuthorityInformationAccess.__init__..z@Every item in the descriptions list must be an AccessDescription)rRrSr7 _descriptions)r%Z descriptionsrrrr#s z#AuthorityInformationAccess.__init__cCs t|jS)N)r:rh)r%rrrr;$sz#AuthorityInformationAccess.__iter__cCs t|jS)N)r<rh)r%rrrr='sz"AuthorityInformationAccess.__len__cCs dj|jS)Nz )r3rh)r%rrrr@*sz#AuthorityInformationAccess.__repr__cCst|tstS|j|jkS)N)rrfrFrh)r%rGrrrrH-s z!AuthorityInformationAccess.__eq__cCs ||k S)Nr)r%rGrrrrI3sz!AuthorityInformationAccess.__ne__cCs |j|S)N)rh)r%r>rrrr?6sz&AuthorityInformationAccess.__getitem__cCstt|jS)N)rJrbrh)r%rrrrK9sz#AuthorityInformationAccess.__hash__N)r(r)r*rZAUTHORITY_INFORMATION_ACCESSr$r#r;r=r@rHrIr?rKrrrrrfs rfc@sHeZdZddZddZddZddZd d Zej d Z ej d Z d S)rgcCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)rrr7r _access_method_access_location)r% access_methodaccess_locationrrrr#>s   zAccessDescription.__init__cCs dj|S)NzY)r3)r%rrrr@HszAccessDescription.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrgrFrkrl)r%rGrrrrHNs  zAccessDescription.__eq__cCs ||k S)Nr)r%rGrrrrIWszAccessDescription.__ne__cCst|j|jfS)N)rJrkrl)r%rrrrKZszAccessDescription.__hash__rirjN) r(r)r*r#r@rHrIrKrrLrkrlrrrrrg=s   rgc@sNeZdZejZddZejdZ ejdZ ddZ ddZ d d Z d d Zd S)BasicConstraintscCs^t|tstd|dk r(| r(td|dk rNt|tj sF|dkrNtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)rboolr7rQrBrC_ca _path_length)r%ca path_lengthrrrr#es zBasicConstraints.__init__rorpcCs dj|S)Nz:)r3)r%rrrr@zszBasicConstraints.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrmrFrqrr)r%rGrrrrH~s zBasicConstraints.__eq__cCs ||k S)Nr)r%rGrrrrIszBasicConstraints.__ne__cCst|j|jfS)N)rJrqrr)r%rrrrKszBasicConstraints.__hash__N)r(r)r*rZBASIC_CONSTRAINTSr$r#rrLrqrrr@rHrIrKrrrrrmas  rmc@sDeZdZejZddZejdZ ddZ ddZ dd Z d d Z d S) DeltaCRLIndicatorcCst|tjstd||_dS)Nzcrl_number must be an integer)rrBrCr7rD)r%rErrrr#s zDeltaCRLIndicator.__init__rDcCst|tstS|j|jkS)N)rrsrFrE)r%rGrrrrHs zDeltaCRLIndicator.__eq__cCs ||k S)Nr)r%rGrrrrIszDeltaCRLIndicator.__ne__cCs t|jS)N)rJrE)r%rrrrKszDeltaCRLIndicator.__hash__cCs dj|S)Nz.)r3)r%rrrr@szDeltaCRLIndicator.__repr__N)r(r)r*rZDELTA_CRL_INDICATORr$r#rrLrErHrIrKr@rrrrrss rsc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS)CRLDistributionPointscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rDistributionPoint)rNrOrrrrPsz1CRLDistributionPoints.__init__..z?distribution_points must be a list of DistributionPoint objects)rRrSr7_distribution_points)r%distribution_pointsrrrr#s zCRLDistributionPoints.__init__cCs t|jS)N)r:rv)r%rrrr;szCRLDistributionPoints.__iter__cCs t|jS)N)r<rv)r%rrrr=szCRLDistributionPoints.__len__cCs dj|jS)Nz)r3rv)r%rrrr@szCRLDistributionPoints.__repr__cCst|tstS|j|jkS)N)rrtrFrv)r%rGrrrrHs zCRLDistributionPoints.__eq__cCs ||k S)Nr)r%rGrrrrIszCRLDistributionPoints.__ne__cCs |j|S)N)rv)r%r>rrrr?sz!CRLDistributionPoints.__getitem__cCstt|jS)N)rJrbrv)r%rrrrKszCRLDistributionPoints.__hash__N)r(r)r*rZCRL_DISTRIBUTION_POINTSr$r#r;r=r@rHrIr?rKrrrrrts rtc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS) FreshestCRLcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rru)rNrOrrrrPsz'FreshestCRL.__init__..z?distribution_points must be a list of DistributionPoint objects)rRrSr7rv)r%rwrrrr#s zFreshestCRL.__init__cCs t|jS)N)r:rv)r%rrrr;szFreshestCRL.__iter__cCs t|jS)N)r<rv)r%rrrr=szFreshestCRL.__len__cCs dj|jS)Nz)r3rv)r%rrrr@szFreshestCRL.__repr__cCst|tstS|j|jkS)N)rrxrFrv)r%rGrrrrHs zFreshestCRL.__eq__cCs ||k S)Nr)r%rGrrrrIszFreshestCRL.__ne__cCs |j|S)N)rv)r%r>rrrr?szFreshestCRL.__getitem__cCstt|jS)N)rJrbrv)r%rrrrKszFreshestCRL.__hash__N)r(r)r*rZ FRESHEST_CRLr$r#r;r=r@rHrIr?rKrrrrrxs rxc@s\eZdZddZddZddZddZd d Zej d Z ej d Z ej d Z ej dZ dS)rucCs|r|rtd|r6t|}tdd|Ds6td|rLt|tsLtd|rrt|}tdd|Dsrtd|rt|t stdd|D rtd |rtj|kstj |krtd |r| r|p| rtd ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdS)N)rr )rNrOrrrrPsz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdS)N)rr )rNrOrrrrPsz2crl_issuer must be None or a list of general namescss|]}t|tVqdS)N)r ReasonFlags)rNrOrrrrPsz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)rQrRrSr7rr frozensetry unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r% full_name relative_namereasons crl_issuerrrrr#s@   zDistributionPoint.__init__cCs dj|S)Nz})r3)r%rrrr@.szDistributionPoint.__repr__cCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkS)N)rrurFrrrr)r%rGrrrrH5s     zDistributionPoint.__eq__cCs ||k S)Nr)r%rGrrrrI@szDistributionPoint.__ne__cCsH|jdk rt|j}nd}|jdk r0t|j}nd}t||j|j|fS)N)rrbrrJrr)r%fnrrrrrKCs    zDistributionPoint.__hash__r}r~rrN)r(r)r*r#r@rHrIrKrrLrrrrrrrrrus4    ruc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) ryr{Z keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) r(r)r*r{Zkey_compromiseZ ca_compromiseZaffiliation_changedrZcessation_of_operationZcertificate_holdZprivilege_withdrawnZ aa_compromiser|rrrrryVsryc@sNeZdZejZddZddZddZddZ d d Z e j d Z e j d Zd S)PolicyConstraintscCsd|dk rt|tj rtd|dk rrequire_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)rrBrCr7rQ_require_explicit_policy_inhibit_policy_mapping)r%require_explicit_policyinhibit_policy_mappingrrrr#gs    zPolicyConstraints.__init__cCs dj|S)Nz{)r3)r%rrrr@szPolicyConstraints.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrFrr)r%rGrrrrHs  zPolicyConstraints.__eq__cCs ||k S)Nr)r%rGrrrrIszPolicyConstraints.__ne__cCst|j|jfS)N)rJrr)r%rrrrKszPolicyConstraints.__hash__rrN)r(r)r*rZPOLICY_CONSTRAINTSr$r#r@rHrIrKrrLrrrrrrrcs rc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS)CertificatePoliciescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rPolicyInformation)rNrOrrrrPsz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rRrSr7 _policies)r%Zpoliciesrrrr#s zCertificatePolicies.__init__cCs t|jS)N)r:r)r%rrrr;szCertificatePolicies.__iter__cCs t|jS)N)r<r)r%rrrr=szCertificatePolicies.__len__cCs dj|jS)Nz)r3r)r%rrrr@szCertificatePolicies.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zCertificatePolicies.__eq__cCs ||k S)Nr)r%rGrrrrIszCertificatePolicies.__ne__cCs |j|S)N)r)r%r>rrrr?szCertificatePolicies.__getitem__cCstt|jS)N)rJrbr)r%rrrrKszCertificatePolicies.__hash__N)r(r)r*rZCERTIFICATE_POLICIESr$r#r;r=r@rHrIr?rKrrrrrs rc@sHeZdZddZddZddZddZd d Zej d Z ej d Z d S)rcCsHt|tstd||_|r>t|}tdd|Ds>td||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|tjtfVqdS)N)rrB text_type UserNotice)rNrOrrrrPsz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)rrr7_policy_identifierrRrS_policy_qualifiers)r%policy_identifierpolicy_qualifiersrrrr#s  zPolicyInformation.__init__cCs dj|S)Nze)r3)r%rrrr@szPolicyInformation.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrFrr)r%rGrrrrHs  zPolicyInformation.__eq__cCs ||k S)Nr)r%rGrrrrIszPolicyInformation.__ne__cCs(|jdk rt|j}nd}t|j|fS)N)rrbrJr)r%ZpqrrrrKs  zPolicyInformation.__hash__rrN) r(r)r*r#r@rHrIrKrrLrrrrrrrs  rc@sHeZdZddZddZddZddZd d Zej d Z ej d Z d S)rcCs(|rt|t rtd||_||_dS)Nz2notice_reference must be None or a NoticeReference)rNoticeReferencer7_notice_reference_explicit_text)r%notice_reference explicit_textrrrr#s  zUserNotice.__init__cCs dj|S)NzV)r3)r%rrrr@szUserNotice.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrFrr)r%rGrrrrH s  zUserNotice.__eq__cCs ||k S)Nr)r%rGrrrrIszUserNotice.__ne__cCst|j|jfS)N)rJrr)r%rrrrKszUserNotice.__hash__rrN) r(r)r*r#r@rHrIrKrrLrrrrrrrs   rc@sHeZdZddZddZddZddZd d Zej d Z ej d Z d S)rcCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdS)N)rint)rNrOrrrrP"sz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrRrSr7_notice_numbers)r% organizationnotice_numbersrrrr#s zNoticeReference.__init__cCs dj|S)NzU)r3)r%rrrr@)szNoticeReference.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrFrr)r%rGrrrrH/s  zNoticeReference.__eq__cCs ||k S)Nr)r%rGrrrrI8szNoticeReference.__ne__cCst|jt|jfS)N)rJrrbr)r%rrrrK;szNoticeReference.__hash__rrN) r(r)r*r#r@rHrIrKrrLrrrrrrrs   rc@sJeZdZejZddZddZddZddZ d d Z d d Z d dZ dS)ExtendedKeyUsagecCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)rNrOrrrrPHsz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rRrSr7_usages)r%Zusagesrrrr#Fs zExtendedKeyUsage.__init__cCs t|jS)N)r:r)r%rrrr;OszExtendedKeyUsage.__iter__cCs t|jS)N)r<r)r%rrrr=RszExtendedKeyUsage.__len__cCs dj|jS)Nz)r3r)r%rrrr@UszExtendedKeyUsage.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHXs zExtendedKeyUsage.__eq__cCs ||k S)Nr)r%rGrrrrI^szExtendedKeyUsage.__ne__cCstt|jS)N)rJrbr)r%rrrrKaszExtendedKeyUsage.__hash__N) r(r)r*rZEXTENDED_KEY_USAGEr$r#r;r=r@rHrIrKrrrrrBs rc@s2eZdZejZddZddZddZddZ d S) OCSPNoCheckcCst|tstSdS)NT)rrrF)r%rGrrrrHis zOCSPNoCheck.__eq__cCs ||k S)Nr)r%rGrrrrIoszOCSPNoCheck.__ne__cCsttS)N)rJr)r%rrrrKrszOCSPNoCheck.__hash__cCsdS)Nzr)r%rrrr@uszOCSPNoCheck.__repr__N) r(r)r*rZ OCSP_NO_CHECKr$rHrIrKr@rrrrres rc@s2eZdZejZddZddZddZddZ d S) PrecertPoisoncCst|tstSdS)NT)rrrF)r%rGrrrrH}s zPrecertPoison.__eq__cCs ||k S)Nr)r%rGrrrrIszPrecertPoison.__ne__cCsttS)N)rJr)r%rrrrKszPrecertPoison.__hash__cCsdS)Nzr)r%rrrr@szPrecertPoison.__repr__N) r(r)r*rZPRECERT_POISONr$rHrIrKr@rrrrrys rc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS) TLSFeaturecCs:t|}tdd|D s(t|dkr0td||_dS)Ncss|]}t|tVqdS)N)rTLSFeatureType)rNrOrrrrPsz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rRrSr<r7 _features)r%featuresrrrr#s  zTLSFeature.__init__cCs t|jS)N)r:r)r%rrrr;szTLSFeature.__iter__cCs t|jS)N)r<r)r%rrrr=szTLSFeature.__len__cCs dj|S)Nz$)r3)r%rrrr@szTLSFeature.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zTLSFeature.__eq__cCs |j|S)N)r)r%r>rrrr?szTLSFeature.__getitem__cCs ||k S)Nr)r%rGrrrrIszTLSFeature.__ne__cCstt|jS)N)rJrbr)r%rrrrKszTLSFeature.__hash__N)r(r)r*rZ TLS_FEATUREr$r#r;r=r@rHr?rIrKrrrrrs rc@seZdZdZdZdS)rN)r(r)r*Zstatus_requestZstatus_request_v2rrrrrsrccs|]}|j|fVqdS)N)r8)rNrOrrrrPsrPc@sDeZdZejZddZddZddZddZ d d Z e j d Z d S) InhibitAnyPolicycCs.t|tjstd|dkr$td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)rrBrCr7rQ _skip_certs)r% skip_certsrrrr#s  zInhibitAnyPolicy.__init__cCs dj|S)Nz-)r3)r%rrrr@szInhibitAnyPolicy.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zInhibitAnyPolicy.__eq__cCs ||k S)Nr)r%rGrrrrIszInhibitAnyPolicy.__ne__cCs t|jS)N)rJr)r%rrrrKszInhibitAnyPolicy.__hash__rN)r(r)r*rZINHIBIT_ANY_POLICYr$r#r@rHrIrKrrLrrrrrrs rc@seZdZejZddZejdZ ejdZ ejdZ ejdZ ejdZ ejdZejd Zed d Zed d ZddZddZddZddZdS)KeyUsagec CsP| r|s| rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) rQ_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r%digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyrrrr#szKeyUsage.__init__rrrrrrrcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrQr)r%rrrrszKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrQr)r%rrrr szKeyUsage.decipher_onlyc Cs<y|j}|j}Wntk r,d}d}YnXdj|||S)Na-)rrrQr3)r%rrrrrr@s  zKeyUsage.__repr__cCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kS)N) rrrFrrrrrrrrr)r%rGrrrrH&s         zKeyUsage.__eq__cCs ||k S)Nr)r%rGrrrrI6szKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f S)N) rJrrrrrrrrr)r%rrrrK9s zKeyUsage.__hash__N)r(r)r*rZ KEY_USAGEr$r#rrLrrrrrrrpropertyrrr@rHrIrKrrrrrs        rc@sVeZdZejZddZddZddZddZ d d Z d d Z e j d Ze j dZdS)NameConstraintscCs|dk r4t|}tdd|Ds*td|j||dk rht|}tdd|Ds^td|j||dkr|dkrtd||_||_dS)Ncss|]}t|tVqdS)N)rr )rNrOrrrrPKsz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|tVqdS)N)rr )rNrOrrrrPWsz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rRrSr7_validate_ip_namerQ_permitted_subtrees_excluded_subtrees)r%permitted_subtreesexcluded_subtreesrrrr#Gs&  zNameConstraints.__init__cCs&t|tstS|j|jko$|j|jkS)N)rrrFrr)r%rGrrrrHis  zNameConstraints.__eq__cCs ||k S)Nr)r%rGrrrrIrszNameConstraints.__ne__cCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdS)N)rrr8 ipaddress IPv4Network IPv6Network)rNnamerrrrPvsz4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyr7)r%treerrrrus z!NameConstraints._validate_ip_namecCs dj|S)Nze)r3)r%rrrr@~szNameConstraints.__repr__cCs@|jdk rt|j}nd}|jdk r0t|j}nd}t||fS)N)rrbrrJ)r%ZpsesrrrrKs    zNameConstraints.__hash__rrN)r(r)r*rZNAME_CONSTRAINTSr$r#rHrIrr@rKrrLrrrrrrrCs"   rc@sReZdZddZejdZejdZejdZddZ dd Z d d Z d d Z dS) ExtensioncCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)rrr7rn_oid _critical_value)r%r$criticalr8rrrr#s  zExtension.__init__rrrcCs dj|S)Nz@)r3)r%rrrr@szExtension.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkS)N)rrrFr$rr8)r%rGrrrrHs    zExtension.__eq__cCs ||k S)Nr)r%rGrrrrIszExtension.__ne__cCst|j|j|jfS)N)rJr$rr8)r%rrrrKszExtension.__hash__N) r(r)r*r#rrLr$rr8r@rHrIrKrrrrrs    rc@sTeZdZddZddZddZddZd d Zd d Zd dZ ddZ ddZ dS) GeneralNamescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr )rNrOrrrrPsz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rRrSr7_general_names)r% general_namesrrrr#s zGeneralNames.__init__cCs t|jS)N)r:r)r%rrrr;szGeneralNames.__iter__cCs t|jS)N)r<r)r%rrrr=szGeneralNames.__len__cs0fdd|D}tkr(dd|D}t|S)Nc3s|]}t|r|VqdS)N)r)rNi)typerrrPsz3GeneralNames.get_values_for_type..css|] }|jVqdS)N)r8)rNrrrrrPs)rrR)r%robjsr)rrget_values_for_typesz GeneralNames.get_values_for_typecCs dj|jS)Nz)r3r)r%rrrr@szGeneralNames.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zGeneralNames.__eq__cCs ||k S)Nr)r%rGrrrrIszGeneralNames.__ne__cCs |j|S)N)r)r%r>rrrr?szGeneralNames.__getitem__cCstt|jS)N)rJrbr)r%rrrrKszGeneralNames.__hash__N) r(r)r*r#r;r=rr@rHrIr?rKrrrrrs  rc@sZeZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ ddZdS)SubjectAlternativeNamecCst||_dS)N)rr)r%rrrrr#szSubjectAlternativeName.__init__cCs t|jS)N)r:r)r%rrrr;szSubjectAlternativeName.__iter__cCs t|jS)N)r<r)r%rrrr=szSubjectAlternativeName.__len__cCs |jj|S)N)rr)r%rrrrrsz*SubjectAlternativeName.get_values_for_typecCs dj|jS)Nz)r3r)r%rrrr@szSubjectAlternativeName.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zSubjectAlternativeName.__eq__cCs |j|S)N)r)r%r>rrrr?sz"SubjectAlternativeName.__getitem__cCs ||k S)Nr)r%rGrrrrIszSubjectAlternativeName.__ne__cCs t|jS)N)rJr)r%rrrrKszSubjectAlternativeName.__hash__N)r(r)r*rZSUBJECT_ALTERNATIVE_NAMEr$r#r;r=rr@rHr?rIrKrrrrrsrc@sZeZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ ddZdS)IssuerAlternativeNamecCst||_dS)N)rr)r%rrrrr#szIssuerAlternativeName.__init__cCs t|jS)N)r:r)r%rrrr;szIssuerAlternativeName.__iter__cCs t|jS)N)r<r)r%rrrr=szIssuerAlternativeName.__len__cCs |jj|S)N)rr)r%rrrrrsz)IssuerAlternativeName.get_values_for_typecCs dj|jS)Nz)r3r)r%rrrr@szIssuerAlternativeName.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zIssuerAlternativeName.__eq__cCs ||k S)Nr)r%rGrrrrI%szIssuerAlternativeName.__ne__cCs |j|S)N)r)r%r>rrrr?(sz!IssuerAlternativeName.__getitem__cCs t|jS)N)rJr)r%rrrrK+szIssuerAlternativeName.__hash__N)r(r)r*rZISSUER_ALTERNATIVE_NAMEr$r#r;r=rr@rHrIr?rKrrrrr src@sZeZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ ddZdS)CertificateIssuercCst||_dS)N)rr)r%rrrrr#3szCertificateIssuer.__init__cCs t|jS)N)r:r)r%rrrr;6szCertificateIssuer.__iter__cCs t|jS)N)r<r)r%rrrr=9szCertificateIssuer.__len__cCs |jj|S)N)rr)r%rrrrr<sz%CertificateIssuer.get_values_for_typecCs dj|jS)Nz)r3r)r%rrrr@?szCertificateIssuer.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHBs zCertificateIssuer.__eq__cCs ||k S)Nr)r%rGrrrrIHszCertificateIssuer.__ne__cCs |j|S)N)r)r%r>rrrr?KszCertificateIssuer.__getitem__cCs t|jS)N)rJr)r%rrrrKNszCertificateIssuer.__hash__N)r(r)r*rZCERTIFICATE_ISSUERr$r#r;r=rr@rHrIr?rKrrrrr/src@sDeZdZejZddZddZddZddZ d d Z e j d Z d S) CRLReasoncCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)rryr7_reason)r%reasonrrrr#Vs zCRLReason.__init__cCs dj|jS)Nz)r3r)r%rrrr@\szCRLReason.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrH_s zCRLReason.__eq__cCs ||k S)Nr)r%rGrrrrIeszCRLReason.__ne__cCs t|jS)N)rJr)r%rrrrKhszCRLReason.__hash__rN)r(r)r*rZ CRL_REASONr$r#r@rHrIrKrrLrrrrrrRsrc@sDeZdZejZddZddZddZddZ d d Z e j d Z d S) InvalidityDatecCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)rdatetimer7_invalidity_date)r%invalidity_daterrrr#rs zInvalidityDate.__init__cCs dj|jS)Nz$)r3r)r%rrrr@xszInvalidityDate.__repr__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrH}s zInvalidityDate.__eq__cCs ||k S)Nr)r%rGrrrrIszInvalidityDate.__ne__cCs t|jS)N)rJr)r%rrrrKszInvalidityDate.__hash__rN)r(r)r*rZINVALIDITY_DATEr$r#r@rHrIrKrrLrrrrrrnsrc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS))PrecertificateSignedCertificateTimestampscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr )rNZsctrrrrPszEPrecertificateSignedCertificateTimestamps.__init__..zYEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamp)rRrSr7_signed_certificate_timestamps)r%Zsigned_certificate_timestampsrrrr#s z2PrecertificateSignedCertificateTimestamps.__init__cCs t|jS)N)r:r)r%rrrr;sz2PrecertificateSignedCertificateTimestamps.__iter__cCs t|jS)N)r<r)r%rrrr=sz1PrecertificateSignedCertificateTimestamps.__len__cCs |j|S)N)r)r%r>rrrr?sz5PrecertificateSignedCertificateTimestamps.__getitem__cCsdjt|S)Nz/)r3rR)r%rrrr@sz2PrecertificateSignedCertificateTimestamps.__repr__cCstt|jS)N)rJrbr)r%rrrrKsz2PrecertificateSignedCertificateTimestamps.__hash__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs z0PrecertificateSignedCertificateTimestamps.__eq__cCs ||k S)Nr)r%rGrrrrIsz0PrecertificateSignedCertificateTimestamps.__ne__N)r(r)r*rZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr$r#r;r=r?r@rKrHrIrrrrrs  rc@sDeZdZejZddZddZddZddZ d d Z e j d Z d S) OCSPNoncecCst|tstd||_dS)Nznonce must be bytes)rrr7_nonce)r%noncerrrr#s zOCSPNonce.__init__cCst|tstS|j|jkS)N)rrrFr)r%rGrrrrHs zOCSPNonce.__eq__cCs ||k S)Nr)r%rGrrrrIszOCSPNonce.__ne__cCs t|jS)N)rJr)r%rrrrKszOCSPNonce.__hash__cCs dj|S)Nz)r3)r%rrrr@szOCSPNonce.__repr__rN)r(r)r*rZNONCEr$r#rHrIrKr@rrLrrrrrrsrc@seZdZejZddZddZddZddZ d d Z e j d Z e j d Ze j d Ze j dZe j dZe j dZe j dZdS)IssuingDistributionPointc Cs|r,t|t s$tdd|D r,td|rLtj|ksDtj|krLtdt|tort|tort|tort|ts|td||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_ ||_||_||_||_dS) Ncss|]}t|tVqdS)N)rry)rNrOrrrrPsz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSrr)rNrOrrr sz5IssuingDistributionPoint.__init__..zOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rrzrSr7ryr{r|rQrnr<r_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsr}r~) r%rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsZcrl_constraintsrrrr#sD       z!IssuingDistributionPoint.__init__cCs dj|S)NaG)r3)r%rrrr@"sz!IssuingDistributionPoint.__repr__cCsbt|tstS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j |j kS)N) rrrFrrrrrrr)r%rGrrrrH.s       zIssuingDistributionPoint.__eq__cCs ||k S)Nr)r%rGrrrrI=szIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jfS)N)rJrrrrrrr)r%rrrrK@sz!IssuingDistributionPoint.__hash__r}r~rrrrrN)r(r)r*rZISSUING_DISTRIBUTION_POINTr$r#r@rHrIrKrrLrrrrrrrrrrrrs F     rc@sHeZdZddZejdZejdZddZddZ d d Z d d Z d S)r6cCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)rrr7rr)r%r$r8rrrr#\s zUnrecognizedExtension.__init__rrcCs dj|S)Nz7)r3)r%rrrr@eszUnrecognizedExtension.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rr6rFr$r8)r%rGrrrrHls zUnrecognizedExtension.__eq__cCs ||k S)Nr)r%rGrrrrIrszUnrecognizedExtension.__ne__cCst|j|jfS)N)rJr$r8)r%rrrrKuszUnrecognizedExtension.__hash__N) r(r)r*r#rrLr$r8r@rHrIrKrrrrr6Zs  r6)S __future__rrrr.rrrr_enumrZasn1crypto.keysrrBZ cryptographyrZcryptography.hazmat.primitivesrr Z,cryptography.hazmat.primitives.asymmetric.ecr Z-cryptography.hazmat.primitives.asymmetric.rsar Z*cryptography.x509.certificate_transparencyr Zcryptography.x509.general_namer rrZcryptography.x509.namerZcryptography.x509.oidrrrrr Exceptionr!r, add_metaclassABCMetaobjectr-r0Zregister_interfacerArMr^rfrgrmrsrtrxruryrrrrrrrrrrdictZ_TLS_FEATURE_TYPE_TO_ENUMrrrrrrrrrrrrrr6rrrrs       *f&$)((] <&2%$") ^Q'-"""/