B \`@sddlmZmZmZddlZddlZddlZddlZddlm Z ddl m Z ddl Z ddl mZddlmZmZddlmZddlmZdd lmZdd lmZmZmZdd lmZdd lmZm Z m!Z!d dZ"Gddde#Z$Gddde#Z%e &ej'Gddde(Z)Gddde(Z*e+e)Gddde(Z,e+e)Gddde(Z-e+e)Gddde(Z.e+e)Gddde(Z/Gdd d e(Z0e+e)Gd!d"d"e(Z1e+e)Gd#d$d$e(Z2e+e)Gd%d&d&e(Z3e+e)Gd'd(d(e(Z4Gd)d*d*e(Z5Gd+d,d,e Z6e+e)Gd-d.d.e(Z7e+e)Gd/d0d0e(Z8Gd1d2d2e(Z9Gd3d4d4e(Z:Gd5d6d6e(Z;e+e)Gd7d8d8e(ZGd=d>d>e Z?e@d?d@e?DZAe+e)GdAdBdBe(ZBe+e)GdCdDdDe(ZCe+e)GdEdFdFe(ZDGdGdHdHe(ZEGdIdJdJe(ZFe+e)GdKdLdLe(ZGe+e)GdMdNdNe(ZHe+e)GdOdPdPe(ZIe+e)GdQdRdRe(ZJe+e)GdSdTdTe(ZKe+e)GdUdVdVe(ZLe+e)GdWdXdXe(ZMdS)Y)absolute_importdivisionprint_functionN)Enum) PublicKeyInfo)utils) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)SignedCertificateTimestamp) GeneralName IPAddress OtherName)RelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDObjectIdentifiercCsnt|tr |tjjtjj}n@t|tr8| }n(|tjjtjj }t t|d}t|S)N public_key) isinstancer Z public_bytesr ZEncodingZDERZ PublicFormatZPKCS1r Zpublic_numbersZ encode_pointZSubjectPublicKeyInfosixZ binary_typerloadhashlibZsha1digest)rdataZ serializedrO/opt/alt/python37/lib64/python3.7/site-packages/cryptography/x509/extensions.py_key_identifier_from_public_keys    rcseZdZfddZZS)DuplicateExtensioncstt||||_dS)N)superr__init__oid)selfmsgr!) __class__rrr 4szDuplicateExtension.__init__)__name__ __module__ __qualname__r __classcell__rr)r$rr3srcseZdZfddZZS)ExtensionNotFoundcstt||||_dS)N)rr)r r!)r"r#r!)r$rrr :szExtensionNotFound.__init__)r%r&r'r r(rr)r$rr)9sr)c@seZdZejddZdS) ExtensionTypecCsdS)zK Returns the oid associated with the given extension type. Nr)r"rrrr!AszExtensionType.oidN)r%r&r'abcabstractpropertyr!rrrrr*?sr*c@sDeZdZddZddZddZddZd d Zd d Zd dZ dS) ExtensionscCs ||_dS)N) _extensions)r" extensionsrrrr IszExtensions.__init__cCs0x|D]}|j|kr|SqWtd||dS)NzNo {0} extension was found)r!r)format)r"r!extrrrget_extension_for_oidLs  z Extensions.get_extension_for_oidcCsD|tkrtdx|D]}t|j|r|SqWtd||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.zNo {0} extension was found)UnrecognizedExtension TypeErrorrvaluer)r0r!)r"Zextclassr1rrrget_extension_for_classSs  z"Extensions.get_extension_for_classcCs t|jS)N)iterr.)r"rrr__iter__cszExtensions.__iter__cCs t|jS)N)lenr.)r"rrr__len__fszExtensions.__len__cCs |j|S)N)r.)r"idxrrr __getitem__iszExtensions.__getitem__cCs d|jS)Nz)r0r.)r"rrr__repr__lszExtensions.__repr__N) r%r&r'r r2r6r8r:r<r=rrrrr-Hsr-c@sDeZdZejZddZddZddZddZ d d Z e d Z d S) CRLNumbercCst|tjstd||_dS)Nzcrl_number must be an integer)rr integer_typesr4 _crl_number)r" crl_numberrrrr vs zCRLNumber.__init__cCst|tstS|j|jkS)N)rr>NotImplementedrA)r"otherrrr__eq__|s zCRLNumber.__eq__cCs ||k S)Nr)r"rCrrr__ne__szCRLNumber.__ne__cCs t|jS)N)hashrA)r"rrr__hash__szCRLNumber.__hash__cCs d|jS)Nz)r0rA)r"rrrr=szCRLNumber.__repr__r@N)r%r&r'rZ CRL_NUMBERr!r rDrErGr=rread_only_propertyrArrrrr>rsr>c@speZdZejZddZeddZeddZ ddZ d d Z d d Z d dZ edZedZedZdS)AuthorityKeyIdentifiercCst|dk|dkkrtd|dk rBt|}tdd|DsBtd|dk r^t|tjs^td||_||_||_ dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdS)N)rr ).0xrrr sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) ValueErrorlistallr4rrr?_key_identifier_authority_cert_issuer_authority_cert_serial_number)r"key_identifierauthority_cert_issuerauthority_cert_serial_numberrrrr s"   zAuthorityKeyIdentifier.__init__cCst|}||dddS)N)rSrTrU)r)clsrrrrrfrom_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keycCs||jjdddS)N)rSrTrU)r5r)rVZskirrr"from_issuer_subject_key_identifiersz9AuthorityKeyIdentifier.from_issuer_subject_key_identifiercCs d|S)Nz)r0)r"rrrr=szAuthorityKeyIdentifier.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkS)N)rrIrBrSrTrU)r"rCrrrrDs    zAuthorityKeyIdentifier.__eq__cCs ||k S)Nr)r"rCrrrrEszAuthorityKeyIdentifier.__ne__cCs,|jdkrd}n t|j}t|j||jfS)N)rTtuplerFrSrU)r"ZacirrrrGs   zAuthorityKeyIdentifier.__hash__rPrQrRN)r%r&r'rZAUTHORITY_KEY_IDENTIFIERr!r classmethodrWrXr=rDrErGrrHrSrTrUrrrrrIs    rIc@sPeZdZejZddZeddZe dZ ddZ dd Z d d Zd d ZdS)SubjectKeyIdentifiercCs ||_dS)N)_digest)r"rrrrr szSubjectKeyIdentifier.__init__cCs |t|S)N)r)rVrrrrfrom_public_keysz$SubjectKeyIdentifier.from_public_keyr\cCs d|jS)Nz$)r0r)r"rrrr=szSubjectKeyIdentifier.__repr__cCst|tstSt|j|jS)N)rr[rBrZbytes_eqr)r"rCrrrrDs zSubjectKeyIdentifier.__eq__cCs ||k S)Nr)r"rCrrrrEszSubjectKeyIdentifier.__ne__cCs t|jS)N)rFr)r"rrrrGszSubjectKeyIdentifier.__hash__N)r%r&r'rZSUBJECT_KEY_IDENTIFIERr!r rZr]rrHrr=rDrErGrrrrr[s  r[c@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS)AuthorityInformationAccesscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rAccessDescription)rJrKrrrrL sz6AuthorityInformationAccess.__init__..z@Every item in the descriptions list must be an AccessDescription)rNrOr4 _descriptions)r"Z descriptionsrrrr s z#AuthorityInformationAccess.__init__cCs t|jS)N)r7r`)r"rrrr8sz#AuthorityInformationAccess.__iter__cCs t|jS)N)r9r`)r"rrrr:sz"AuthorityInformationAccess.__len__cCs d|jS)Nz!)r0r`)r"rrrr=sz#AuthorityInformationAccess.__repr__cCst|tstS|j|jkS)N)rr^rBr`)r"rCrrrrDs z!AuthorityInformationAccess.__eq__cCs ||k S)Nr)r"rCrrrrE"sz!AuthorityInformationAccess.__ne__cCs |j|S)N)r`)r"r;rrrr<%sz&AuthorityInformationAccess.__getitem__cCstt|jS)N)rFrYr`)r"rrrrG(sz#AuthorityInformationAccess.__hash__N)r%r&r'rZAUTHORITY_INFORMATION_ACCESSr!r r8r:r=rDrEr<rGrrrrr^s r^c@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)r_cCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)rrr4r _access_method_access_location)r" access_methodaccess_locationrrrr -s   zAccessDescription.__init__cCs d|S)NzY)r0)r"rrrr=7szAccessDescription.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rr_rBrcrd)r"rCrrrrD=s  zAccessDescription.__eq__cCs ||k S)Nr)r"rCrrrrEFszAccessDescription.__ne__cCst|j|jfS)N)rFrcrd)r"rrrrGIszAccessDescription.__hash__rarbN) r%r&r'r r=rDrErGrrHrcrdrrrrr_,s   r_c@sNeZdZejZddZedZ edZ ddZ ddZ d d Z d d Zd S)BasicConstraintscCsZt|tstd|dk r&|s&td|dk rJt|tjrB|dkrJtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)rboolr4rMrr?_ca _path_length)r"ca path_lengthrrrr Ts  zBasicConstraints.__init__rgrhcCs d|S)Nz:)r0)r"rrrr=iszBasicConstraints.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrerBrirj)r"rCrrrrDms zBasicConstraints.__eq__cCs ||k S)Nr)r"rCrrrrEsszBasicConstraints.__ne__cCst|j|jfS)N)rFrirj)r"rrrrGvszBasicConstraints.__hash__N)r%r&r'rZBASIC_CONSTRAINTSr!r rrHrirjr=rDrErGrrrrrePs  rec@sDeZdZejZddZedZ ddZ ddZ dd Z d d Z d S) DeltaCRLIndicatorcCst|tjstd||_dS)Nzcrl_number must be an integer)rrr?r4r@)r"rArrrr ~s zDeltaCRLIndicator.__init__r@cCst|tstS|j|jkS)N)rrkrBrA)r"rCrrrrDs zDeltaCRLIndicator.__eq__cCs ||k S)Nr)r"rCrrrrEszDeltaCRLIndicator.__ne__cCs t|jS)N)rFrA)r"rrrrGszDeltaCRLIndicator.__hash__cCs d|S)Nz.)r0)r"rrrr=szDeltaCRLIndicator.__repr__N)r%r&r'rZDELTA_CRL_INDICATORr!r rrHrArDrErGr=rrrrrkzs rkc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS)CRLDistributionPointscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rDistributionPoint)rJrKrrrrLsz1CRLDistributionPoints.__init__..z?distribution_points must be a list of DistributionPoint objects)rNrOr4_distribution_points)r"distribution_pointsrrrr s zCRLDistributionPoints.__init__cCs t|jS)N)r7rn)r"rrrr8szCRLDistributionPoints.__iter__cCs t|jS)N)r9rn)r"rrrr:szCRLDistributionPoints.__len__cCs d|jS)Nz)r0rn)r"rrrr=szCRLDistributionPoints.__repr__cCst|tstS|j|jkS)N)rrlrBrn)r"rCrrrrDs zCRLDistributionPoints.__eq__cCs ||k S)Nr)r"rCrrrrEszCRLDistributionPoints.__ne__cCs |j|S)N)rn)r"r;rrrr<sz!CRLDistributionPoints.__getitem__cCstt|jS)N)rFrYrn)r"rrrrGszCRLDistributionPoints.__hash__N)r%r&r'rZCRL_DISTRIBUTION_POINTSr!r r8r:r=rDrEr<rGrrrrrls rlc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS) FreshestCRLcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rrm)rJrKrrrrLsz'FreshestCRL.__init__..z?distribution_points must be a list of DistributionPoint objects)rNrOr4rn)r"rorrrr s zFreshestCRL.__init__cCs t|jS)N)r7rn)r"rrrr8szFreshestCRL.__iter__cCs t|jS)N)r9rn)r"rrrr:szFreshestCRL.__len__cCs d|jS)Nz)r0rn)r"rrrr=szFreshestCRL.__repr__cCst|tstS|j|jkS)N)rrprBrn)r"rCrrrrDs zFreshestCRL.__eq__cCs ||k S)Nr)r"rCrrrrEszFreshestCRL.__ne__cCs |j|S)N)rn)r"r;rrrr<szFreshestCRL.__getitem__cCstt|jS)N)rFrYrn)r"rrrrGszFreshestCRL.__hash__N)r%r&r'rZ FRESHEST_CRLr!r r8r:r=rDrEr<rGrrrrrps rpc@s\eZdZddZddZddZddZd d Ze d Z e d Z e d Z e dZ dS)rmcCs|r|rtd|r6t|}tdd|Ds6td|rLt|tsLtd|rrt|}tdd|Dsrtd|rt|trtdd|Dstd |rtj|kstj |krtd |r|s|s|std ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdS)N)rr )rJrKrrrrLsz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdS)N)rr )rJrKrrrrLsz2crl_issuer must be None or a list of general namescss|]}t|tVqdS)N)r ReasonFlags)rJrKrrrrLsz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)rMrNrOr4rr frozensetrq unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r" full_name relative_namereasons crl_issuerrrrr s@   zDistributionPoint.__init__cCs d|S)Nz})r0)r"rrrr=szDistributionPoint.__repr__cCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkS)N)rrmrBryrzr{r|)r"rCrrrrD$s     zDistributionPoint.__eq__cCs ||k S)Nr)r"rCrrrrE/szDistributionPoint.__ne__cCsH|jdk rt|j}nd}|jdk r0t|j}nd}t||j|j|fS)N)ryrYr|rFrzr{)r"fnr|rrrrG2s    zDistributionPoint.__hash__rurvrwrxN)r%r&r'r r=rDrErGrrHryrzr{r|rrrrrms4    rmc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rqrsZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) r%r&r'rsZkey_compromiseZ ca_compromiseZaffiliation_changedr~Zcessation_of_operationZcertificate_holdZprivilege_withdrawnZ aa_compromisertrrrrrqEsrqc@sNeZdZejZddZddZddZddZ d d Z e d Z e d Zd S)PolicyConstraintscCs`|dk rt|tjstd|dk r8t|tjs8td|dkrP|dkrPtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)rrr?r4rM_require_explicit_policy_inhibit_policy_mapping)r"require_explicit_policyinhibit_policy_mappingrrrr Vs    zPolicyConstraints.__init__cCs d|S)Nz{)r0)r"rrrr=oszPolicyConstraints.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrBrr)r"rCrrrrDvs  zPolicyConstraints.__eq__cCs ||k S)Nr)r"rCrrrrEszPolicyConstraints.__ne__cCst|j|jfS)N)rFrr)r"rrrrGszPolicyConstraints.__hash__rrN)r%r&r'rZPOLICY_CONSTRAINTSr!r r=rDrErGrrHrrrrrrrRs rc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS)CertificatePoliciescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rPolicyInformation)rJrKrrrrLsz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rNrOr4 _policies)r"Zpoliciesrrrr s zCertificatePolicies.__init__cCs t|jS)N)r7r)r"rrrr8szCertificatePolicies.__iter__cCs t|jS)N)r9r)r"rrrr:szCertificatePolicies.__len__cCs d|jS)Nz)r0r)r"rrrr=szCertificatePolicies.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDs zCertificatePolicies.__eq__cCs ||k S)Nr)r"rCrrrrEszCertificatePolicies.__ne__cCs |j|S)N)r)r"r;rrrr<szCertificatePolicies.__getitem__cCstt|jS)N)rFrYr)r"rrrrGszCertificatePolicies.__hash__N)r%r&r'rZCERTIFICATE_POLICIESr!r r8r:r=rDrEr<rGrrrrrs rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)rcCsHt|tstd||_|r>t|}tdd|Ds>td||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|tjtfVqdS)N)rrZ text_type UserNotice)rJrKrrrrLsz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)rrr4_policy_identifierrNrO_policy_qualifiers)r"policy_identifierpolicy_qualifiersrrrr s  zPolicyInformation.__init__cCs d|S)Nze)r0)r"rrrr=szPolicyInformation.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrBrr)r"rCrrrrDs  zPolicyInformation.__eq__cCs ||k S)Nr)r"rCrrrrEszPolicyInformation.__ne__cCs(|jdk rt|j}nd}t|j|fS)N)rrYrFr)r"ZpqrrrrGs  zPolicyInformation.__hash__rrN) r%r&r'r r=rDrErGrrHrrrrrrrs  rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)rcCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)rNoticeReferencer4_notice_reference_explicit_text)r"notice_reference explicit_textrrrr s zUserNotice.__init__cCs d|S)NzV)r0)r"rrrr=szUserNotice.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrBrr)r"rCrrrrDs  zUserNotice.__eq__cCs ||k S)Nr)r"rCrrrrEszUserNotice.__ne__cCst|j|jfS)N)rFrr)r"rrrrGszUserNotice.__hash__rrN) r%r&r'r r=rDrErGrrHrrrrrrrs   rc@sHeZdZddZddZddZddZd d Ze d Z e d Z d S)rcCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdS)N)rint)rJrKrrrrLsz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrNrOr4_notice_numbers)r" organizationnotice_numbersrrrr s zNoticeReference.__init__cCs d|S)NzU)r0)r"rrrr=szNoticeReference.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rrrBrr)r"rCrrrrDs  zNoticeReference.__eq__cCs ||k S)Nr)r"rCrrrrE'szNoticeReference.__ne__cCst|jt|jfS)N)rFrrYr)r"rrrrG*szNoticeReference.__hash__rrN) r%r&r'r r=rDrErGrrHrrrrrrr s   rc@sJeZdZejZddZddZddZddZ d d Z d d Z d dZ dS)ExtendedKeyUsagecCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr)rJrKrrrrL7sz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rNrOr4_usages)r"Zusagesrrrr 5s zExtendedKeyUsage.__init__cCs t|jS)N)r7r)r"rrrr8>szExtendedKeyUsage.__iter__cCs t|jS)N)r9r)r"rrrr:AszExtendedKeyUsage.__len__cCs d|jS)Nz)r0r)r"rrrr=DszExtendedKeyUsage.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDGs zExtendedKeyUsage.__eq__cCs ||k S)Nr)r"rCrrrrEMszExtendedKeyUsage.__ne__cCstt|jS)N)rFrYr)r"rrrrGPszExtendedKeyUsage.__hash__N) r%r&r'rZEXTENDED_KEY_USAGEr!r r8r:r=rDrErGrrrrr1s rc@seZdZejZdS) OCSPNoCheckN)r%r&r'rZ OCSP_NO_CHECKr!rrrrrTsrc@sReZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ dS) TLSFeaturecCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdS)N)rTLSFeatureType)rJrKrrrrL`sz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rNrOr9r4 _features)r"Zfeaturesrrrr ]s  zTLSFeature.__init__cCs t|jS)N)r7r)r"rrrr8jszTLSFeature.__iter__cCs t|jS)N)r9r)r"rrrr:mszTLSFeature.__len__cCs d|S)Nz$)r0)r"rrrr=pszTLSFeature.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDss zTLSFeature.__eq__cCs |j|S)N)r)r"r;rrrr<yszTLSFeature.__getitem__cCs ||k S)Nr)r"rCrrrrE|szTLSFeature.__ne__cCstt|jS)N)rFrYr)r"rrrrGszTLSFeature.__hash__N)r%r&r'rZ TLS_FEATUREr!r r8r:r=rDr<rErGrrrrrYs rc@seZdZdZdZdS)rN)r%r&r'Zstatus_requestZstatus_request_v2rrrrrsrccs|]}|j|fVqdS)N)r5)rJrKrrrrLsrLc@sDeZdZejZddZddZddZddZ d d Z e d Z d S) InhibitAnyPolicycCs.t|tjstd|dkr$td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)rrr?r4rM _skip_certs)r" skip_certsrrrr s  zInhibitAnyPolicy.__init__cCs d|S)Nz-)r0)r"rrrr=szInhibitAnyPolicy.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDs zInhibitAnyPolicy.__eq__cCs ||k S)Nr)r"rCrrrrEszInhibitAnyPolicy.__ne__cCs t|jS)N)rFr)r"rrrrGszInhibitAnyPolicy.__hash__rN)r%r&r'rZINHIBIT_ANY_POLICYr!r r=rDrErGrrHrrrrrrs rc@seZdZejZddZedZ edZ edZ edZ edZ edZed Zed d Zed d ZddZddZddZddZdS)KeyUsagec CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) rM_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r"digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyrrrr s zKeyUsage.__init__rrrrrrrcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrMr)r"rrrrszKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrMr)r"rrrrszKeyUsage.decipher_onlycCs<y|j}|j}Wntk r,d}d}YnXd|||S)Na-)rrrMr0)r"rrrrrr=s  zKeyUsage.__repr__cCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kS)N) rrrBrrrrrrrrr)r"rCrrrrDs         zKeyUsage.__eq__cCs ||k S)Nr)r"rCrrrrEszKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f S)N) rFrrrrrrrrr)r"rrrrGs zKeyUsage.__hash__N)r%r&r'rZ KEY_USAGEr!r rrHrrrrrrrpropertyrrr=rDrErGrrrrrs        rc@sVeZdZejZddZddZddZddZ d d Z d d Z e d Ze dZdS)NameConstraintscCs|dk r4t|}tdd|Ds*td|||dk rht|}tdd|Ds^td|||dkr|dkrtd||_||_dS)Ncss|]}t|tVqdS)N)rr )rJrKrrrrLsz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|tVqdS)N)rr )rJrKrrrrL#sz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rNrOr4_validate_ip_namerM_permitted_subtrees_excluded_subtrees)r"permitted_subtreesexcluded_subtreesrrrr s&  zNameConstraints.__init__cCs&t|tstS|j|jko$|j|jkS)N)rrrBrr)r"rCrrrrD5s  zNameConstraints.__eq__cCs ||k S)Nr)r"rCrrrrE>szNameConstraints.__ne__cCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdS)N)rrr5 ipaddressZ IPv4NetworkZ IPv6Network)rJnamerrrrLBsz4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyr4)r"ZtreerrrrAs z!NameConstraints._validate_ip_namecCs d|S)Nze)r0)r"rrrr=JszNameConstraints.__repr__cCs@|jdk rt|j}nd}|jdk r0t|j}nd}t||fS)N)rrYrrF)r"ZpsZesrrrrGPs    zNameConstraints.__hash__rrN)r%r&r'rZNAME_CONSTRAINTSr!r rDrErr=rGrrHrrrrrrrs"   rc@sReZdZddZedZedZedZddZ dd Z d d Z d d Z dS) ExtensioncCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)rrr4rf_oid _critical_value)r"r!criticalr5rrrr bs  zExtension.__init__rrrcCs d|S)Nz@)r0)r"rrrr=sszExtension.__repr__cCs2t|tstS|j|jko0|j|jko0|j|jkS)N)rrrBr!rr5)r"rCrrrrDws    zExtension.__eq__cCs ||k S)Nr)r"rCrrrrEszExtension.__ne__cCst|j|j|jfS)N)rFr!rr5)r"rrrrGszExtension.__hash__N) r%r&r'r rrHr!rr5r=rDrErGrrrrras    rc@sTeZdZddZddZddZddZd d Zd d Zd dZ ddZ ddZ dS) GeneralNamescCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr )rJrKrrrrLsz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rNrOr4_general_names)r" general_namesrrrr s zGeneralNames.__init__cCs t|jS)N)r7r)r"rrrr8szGeneralNames.__iter__cCs t|jS)N)r9r)r"rrrr:szGeneralNames.__len__cs0fdd|D}tkr(dd|D}t|S)Nc3s|]}t|r|VqdS)N)r)rJi)typerrrLsz3GeneralNames.get_values_for_type..css|] }|jVqdS)N)r5)rJrrrrrLs)rrN)r"rZobjsr)rrget_values_for_typesz GeneralNames.get_values_for_typecCs d|jS)Nz)r0r)r"rrrr=szGeneralNames.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDs zGeneralNames.__eq__cCs ||k S)Nr)r"rCrrrrEszGeneralNames.__ne__cCs |j|S)N)r)r"r;rrrr<szGeneralNames.__getitem__cCstt|jS)N)rFrYr)r"rrrrGszGeneralNames.__hash__N) r%r&r'r r8r:rr=rDrEr<rGrrrrrs  rc@sZeZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ ddZdS)SubjectAlternativeNamecCst||_dS)N)rr)r"rrrrr szSubjectAlternativeName.__init__cCs t|jS)N)r7r)r"rrrr8szSubjectAlternativeName.__iter__cCs t|jS)N)r9r)r"rrrr:szSubjectAlternativeName.__len__cCs |j|S)N)rr)r"rrrrrsz*SubjectAlternativeName.get_values_for_typecCs d|jS)Nz)r0r)r"rrrr=szSubjectAlternativeName.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDs zSubjectAlternativeName.__eq__cCs |j|S)N)r)r"r;rrrr<sz"SubjectAlternativeName.__getitem__cCs ||k S)Nr)r"rCrrrrEszSubjectAlternativeName.__ne__cCs t|jS)N)rFr)r"rrrrGszSubjectAlternativeName.__hash__N)r%r&r'rZSUBJECT_ALTERNATIVE_NAMEr!r r8r:rr=rDr<rErGrrrrrsrc@sZeZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ ddZdS)IssuerAlternativeNamecCst||_dS)N)rr)r"rrrrr szIssuerAlternativeName.__init__cCs t|jS)N)r7r)r"rrrr8szIssuerAlternativeName.__iter__cCs t|jS)N)r9r)r"rrrr:szIssuerAlternativeName.__len__cCs |j|S)N)rr)r"rrrrrsz)IssuerAlternativeName.get_values_for_typecCs d|jS)Nz)r0r)r"rrrr=szIssuerAlternativeName.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDs zIssuerAlternativeName.__eq__cCs ||k S)Nr)r"rCrrrrEszIssuerAlternativeName.__ne__cCs |j|S)N)r)r"r;rrrr<sz!IssuerAlternativeName.__getitem__cCs t|jS)N)rFr)r"rrrrGszIssuerAlternativeName.__hash__N)r%r&r'rZISSUER_ALTERNATIVE_NAMEr!r r8r:rr=rDrEr<rGrrrrrsrc@sZeZdZejZddZddZddZddZ d d Z d d Z d dZ ddZ ddZdS)CertificateIssuercCst||_dS)N)rr)r"rrrrr szCertificateIssuer.__init__cCs t|jS)N)r7r)r"rrrr8szCertificateIssuer.__iter__cCs t|jS)N)r9r)r"rrrr:szCertificateIssuer.__len__cCs |j|S)N)rr)r"rrrrrsz%CertificateIssuer.get_values_for_typecCs d|jS)Nz)r0r)r"rrrr= szCertificateIssuer.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDs zCertificateIssuer.__eq__cCs ||k S)Nr)r"rCrrrrEszCertificateIssuer.__ne__cCs |j|S)N)r)r"r;rrrr<szCertificateIssuer.__getitem__cCs t|jS)N)rFr)r"rrrrGszCertificateIssuer.__hash__N)r%r&r'rZCERTIFICATE_ISSUERr!r r8r:rr=rDrEr<rGrrrrrsrc@sDeZdZejZddZddZddZddZ d d Z e d Z d S) CRLReasoncCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)rrqr4_reason)r"reasonrrrr "s zCRLReason.__init__cCs d|jS)Nz)r0r)r"rrrr=(szCRLReason.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrD+s zCRLReason.__eq__cCs ||k S)Nr)r"rCrrrrE1szCRLReason.__ne__cCs t|jS)N)rFr)r"rrrrG4szCRLReason.__hash__rN)r%r&r'rZ CRL_REASONr!r r=rDrErGrrHrrrrrrsrc@sDeZdZejZddZddZddZddZ d d Z e d Z d S) InvalidityDatecCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)rdatetimer4_invalidity_date)r"invalidity_daterrrr >s zInvalidityDate.__init__cCs d|jS)Nz%)r0r)r"rrrr=DszInvalidityDate.__repr__cCst|tstS|j|jkS)N)rrrBr)r"rCrrrrDIs zInvalidityDate.__eq__cCs ||k S)Nr)r"rCrrrrEOszInvalidityDate.__ne__cCs t|jS)N)rFr)r"rrrrGRszInvalidityDate.__hash__rN)r%r&r'rZINVALIDITY_DATEr!r r=rDrErGrrHrrrrrr:src@s:eZdZejZddZddZddZddZ d d Z d S) )PrecertificateSignedCertificateTimestampscCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdS)N)rr )rJZsctrrrrL_szEPrecertificateSignedCertificateTimestamps.__init__..zYEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamp)rNrOr4_signed_certificate_timestamps)r"Zsigned_certificate_timestampsrrrr \s z2PrecertificateSignedCertificateTimestamps.__init__cCs t|jS)N)r7r)r"rrrr8hsz2PrecertificateSignedCertificateTimestamps.__iter__cCs t|jS)N)r9r)r"rrrr:ksz1PrecertificateSignedCertificateTimestamps.__len__cCs |j|S)N)r)r"r;rrrr<nsz5PrecertificateSignedCertificateTimestamps.__getitem__cCsdt|S)Nz0)r0rN)r"rrrr=qsz2PrecertificateSignedCertificateTimestamps.__repr__N) r%r&r'rZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr!r r8r:r<r=rrrrrXs  rc@sHeZdZddZedZedZddZddZ d d Z d d Z d S)r3cCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)rrr4rr)r"r!r5rrrr {s zUnrecognizedExtension.__init__rrcCs d|S)Nz7)r0)r"rrrr=szUnrecognizedExtension.__repr__cCs&t|tstS|j|jko$|j|jkS)N)rr3rBr!r5)r"rCrrrrDs zUnrecognizedExtension.__eq__cCs ||k S)Nr)r"rCrrrrEszUnrecognizedExtension.__ne__cCst|j|jfS)N)rFr!r5)r"rrrrGszUnrecognizedExtension.__hash__N) r%r&r'r rrHr!r5r=rDrErGrrrrr3ys  r3)NZ __future__rrrr+rrrenumrZasn1crypto.keysrrZ cryptographyrZcryptography.hazmat.primitivesrr Z,cryptography.hazmat.primitives.asymmetric.ecr Z-cryptography.hazmat.primitives.asymmetric.rsar Z*cryptography.x509.certificate_transparencyr Zcryptography.x509.general_namer rrZcryptography.x509.namerZcryptography.x509.oidrrrr Exceptionrr)Z add_metaclassABCMetaobjectr*r-Zregister_interfacer>rIr[r^r_rerkrlrprmrqrrrrrrrrrdictZ_TLS_FEATURE_TYPE_TO_ENUMrrrrrrrrrrrr3rrrrs       *Y&$)((] <&2%$") ^Q'-"""