Current File : //kunden/lib64/python3.9/site-packages/cryptography/x509/__pycache__/extensions.cpython-39.pyc
a

�a��	@s�ddlZddlZddlZddlZddlZddlmZddlmZddlm	Z
ddlmZm
Z
ddlmZddlmZddlmZmZdd	lmZdd
lmZmZmZmZmZmZmZmZm Z ddl!m"Z"m#Z#ddl$m%Z%m&Z&m'Z'm(Z(ej)d
dd�Z*ee+d�dd�Z,e-d�dd�Z.Gdd�de/�Z0Gdd�de/�Z1Gdd�dej2d�Z3Gdd�de4�Z5Gdd�de3�Z6Gd d!�d!e3�Z7Gd"d#�d#e3�Z8Gd$d%�d%e3�Z9Gd&d'�d'e3�Z:Gd(d)�d)e4�Z;Gd*d+�d+e3�Z<Gd,d-�d-e3�Z=Gd.d/�d/e3�Z>Gd0d1�d1e3�Z?Gd2d3�d3e4�Z@Gd4d5�d5ejA�ZBeBjCeBjDeBjEeBjFeBjGeBjHeBjIeBjJd6�ZKGd7d8�d8e3�ZLGd9d:�d:e3�ZMGd;d<�d<e4�ZNGd=d>�d>e4�ZOGd?d@�d@e4�ZPGdAdB�dBe3�ZQGdCdD�dDe3�ZRGdEdF�dFe3�ZSGdGdH�dHe3�ZTGdIdJ�dJejA�ZUdKdL�eUD�ZVGdMdN�dNe3�ZWGdOdP�dPe3�ZXGdQdR�dRe3�ZYGdSdT�dTejZe*�Z[GdUdV�dVe4�Z\GdWdX�dXe3�Z]GdYdZ�dZe3�Z^Gd[d\�d\e3�Z_Gd]d^�d^e3�Z`Gd_d`�d`e3�ZaGdadb�dbe3�ZbGdcdd�dde3�ZcGdedf�dfe3�ZdGdgdh�dhe3�ZeGdidj�dje3�ZfdS)k�N)�utils)�asn1)�x509)�
constant_time�
serialization)�EllipticCurvePublicKey)�RSAPublicKey)�CERTIFICATE_PUBLIC_KEY_TYPES�PUBLIC_KEY_TYPES)�SignedCertificateTimestamp)	�DNSName�
DirectoryName�GeneralName�	IPAddress�	OtherName�
RFC822Name�RegisteredID�UniformResourceIdentifier�_IPADDRESS_TYPES)�Name�RelativeDistinguishedName)�CRLEntryExtensionOID�ExtensionOID�OCSPExtensionOID�ObjectIdentifier�ExtensionTypeVar�
ExtensionType)�bound��
public_key�returncCslt|t�r |�tjjtjj�}n>t|t�r@|�tjj	tjj
�}n|�tjjtjj�}t�
|�}t�|���S�N)�
isinstancer�public_bytesrZEncodingZDERZPublicFormatZPKCS1rZX962ZUncompressedPointZSubjectPublicKeyInforZparse_spki_for_data�hashlibZsha1�digest)r�dataZ
serialized�r'�B/usr/lib64/python3.9/site-packages/cryptography/x509/extensions.py�_key_identifier_from_public_key/s 
�
��
r)��
field_namecs4td��fdd�}�fdd�}�fdd�}|||fS)N�r cstt|���Sr!)�len�getattr��selfr*r'r(�
len_methodHsz*_make_sequence_methods.<locals>.len_methodcstt|���Sr!)�iterr.r/r*r'r(�iter_methodKsz+_make_sequence_methods.<locals>.iter_methodcst|��|Sr!)r.)r0�idxr*r'r(�getitem_methodNsz._make_sequence_methods.<locals>.getitem_method)�int)r+r1r3r5r'r*r(�_make_sequence_methodsGsr7cs&eZdZeedd��fdd�Z�ZS)�DuplicateExtensionN��msg�oidr cstt|��|�||_dSr!)�superr8�__init__r;�r0r:r;��	__class__r'r(r=UszDuplicateExtension.__init__��__name__�
__module__�__qualname__�strrr=�
__classcell__r'r'r?r(r8Tsr8cs&eZdZeedd��fdd�Z�ZS)�ExtensionNotFoundNr9cstt|��|�||_dSr!)r<rGr=r;r>r?r'r(r=[szExtensionNotFound.__init__rAr'r'r?r(rGZsrGc@s*eZdZUejeed<ed�dd�ZdS)rr;r,cCstd�|���dS)z7
        Serializes the extension type to DER.
        z8public_bytes is not implemented for extension type {0!r}N)�NotImplementedError�formatr/r'r'r(r#cs
��zExtensionType.public_bytesN)	rBrCrD�typing�ClassVarr�__annotations__�bytesr#r'r'r'r(r`s
)�	metaclassc@sdeZdZejddd�dd�Zedd�dd�Zeje	d	d
�dd�Z
ed
�\ZZ
Zed�dd�ZdS)�
ExtensionszExtension[ExtensionType]N)�
extensionsr cCst|�|_dSr!)�list�_extensions)r0rPr'r'r(r=oszExtensions.__init__)r;r cCs0|D]}|j|kr|Sqtd�|�|��dS)N�No {} extension was found)r;rGrI)r0r;�extr'r'r(�get_extension_for_oidts

z Extensions.get_extension_for_oidzExtension[ExtensionTypeVar])�extclassr cCsD|turtd��|D]}t|j|�r|Sqtd�|�|j��dS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.rS)�UnrecognizedExtension�	TypeErrorr"�valuerGrIr;)r0rVrTr'r'r(�get_extension_for_class}s�
�z"Extensions.get_extension_for_classrRr,cCsd�|j�S)Nz<Extensions({})>)rIrRr/r'r'r(�__repr__�szExtensions.__repr__)rBrCrDrJ�Iterabler=rrU�TyperrZr7�__len__�__iter__�__getitem__rEr[r'r'r'r(rOns��
�rOc@s�eZdZejZedd�dd�Zej	e
d�dd�Zej	e
d�dd	�Zed
�dd�Z
ed
�d
d�Zeed
�dd��Zed
�dd�ZdS)�	CRLNumberN��
crl_numberr cCst|t�std��||_dS�Nzcrl_number must be an integer�r"r6rX�_crl_number�r0rcr'r'r(r=�s
zCRLNumber.__init__��otherr cCst|t�stS|j|jkSr!)r"ra�NotImplementedrc�r0rir'r'r(�__eq__�s
zCRLNumber.__eq__cCs
||kSr!r'rkr'r'r(�__ne__�szCRLNumber.__ne__r,cCs
t|j�Sr!��hashrcr/r'r'r(�__hash__�szCRLNumber.__hash__cCsd�|j�S)Nz<CRLNumber({})>)rIrcr/r'r'r(r[�szCRLNumber.__repr__cCs|jSr!�rfr/r'r'r(rc�szCRLNumber.crl_numbercCs
t�|�Sr!��	rust_x509Zencode_extension_valuer/r'r'r(r#�szCRLNumber.public_bytes)rBrCrDrZ
CRL_NUMBERr;r6r=rJ�Any�boolrlrmrprEr[�propertyrcrMr#r'r'r'r(ra�srac@seZdZejZejeejej	e
ejedd�dd�Ze
edd�dd��Ze
ddd	�d
d��Zed�d
d�Zejed�dd�Zejed�dd�Zed�dd�Zeejed�dd��Zeejeje
d�dd��Zeejed�dd��Zed�dd�ZdS)�AuthorityKeyIdentifierN)�key_identifier�authority_cert_issuer�authority_cert_serial_numberr cCsr|du|dukrtd��|durBt|�}tdd�|D��sBtd��|dur\t|t�s\td��||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|t�VqdSr!�r"r��.0�xr'r'r(�	<genexpr>�sz2AuthorityKeyIdentifier.__init__.<locals>.<genexpr>z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer)	�
ValueErrorrQ�allrXr"r6�_key_identifier�_authority_cert_issuer�_authority_cert_serial_number)r0rxryrzr'r'r(r=�s*����
�zAuthorityKeyIdentifier.__init__rcCst|�}||ddd�S�N)rxryrz�r))�clsrr%r'r'r(�from_issuer_public_key�s�z-AuthorityKeyIdentifier.from_issuer_public_key�SubjectKeyIdentifier)�skir cCs||jddd�Sr�)r%)r�r�r'r'r(�"from_issuer_subject_key_identifier�s
�z9AuthorityKeyIdentifier.from_issuer_subject_key_identifierr,cCs
d�|�S)Nz�<AuthorityKeyIdentifier(key_identifier={0.key_identifier!r}, authority_cert_issuer={0.authority_cert_issuer}, authority_cert_serial_number={0.authority_cert_serial_number})>�rIr/r'r'r(r[�s��zAuthorityKeyIdentifier.__repr__rhcCs2t|t�stS|j|jko0|j|jko0|j|jkSr!)r"rwrjrxryrzrkr'r'r(rl�s

���zAuthorityKeyIdentifier.__eq__cCs
||kSr!r'rkr'r'r(rmszAuthorityKeyIdentifier.__ne__cCs,|jdurd}n
t|j�}t|j||jf�Sr!)ry�tuplerorxrz)r0Zacir'r'r(rp	s

�zAuthorityKeyIdentifier.__hash__cCs|jSr!)r�r/r'r'r(rxsz%AuthorityKeyIdentifier.key_identifiercCs|jSr!)r�r/r'r'r(rysz,AuthorityKeyIdentifier.authority_cert_issuercCs|jSr!)r�r/r'r'r(rzsz3AuthorityKeyIdentifier.authority_cert_serial_numbercCs
t�|�Sr!rrr/r'r'r(r# sz#AuthorityKeyIdentifier.public_bytes)rBrCrDrZAUTHORITY_KEY_IDENTIFIERr;rJ�OptionalrMr\rr6r=�classmethodr
r�r�rEr[rtrurlrmrprvrx�Listryrzr#r'r'r'r(rw�s4�&�
�		�rwc@s�eZdZejZedd�dd�Zee	dd�dd��Z
eed�d	d
��Zeed�dd��Z
ed�d
d�Zejed�dd�Zejed�dd�Zed�dd�Zed�dd�ZdS)r�N)r%r cCs
||_dSr!�Z_digest)r0r%r'r'r(r='szSubjectKeyIdentifier.__init__rcCs|t|��Sr!r�)r�rr'r'r(�from_public_key*sz$SubjectKeyIdentifier.from_public_keyr,cCs|jSr!r�r/r'r'r(r%0szSubjectKeyIdentifier.digestcCs|jSr!r�r/r'r'r(rx4sz#SubjectKeyIdentifier.key_identifiercCsd�|j�S)Nz$<SubjectKeyIdentifier(digest={0!r})>)rIr%r/r'r'r(r[8szSubjectKeyIdentifier.__repr__rhcCst|t�stSt�|j|j�Sr!)r"r�rjrZbytes_eqr%rkr'r'r(rl;s
zSubjectKeyIdentifier.__eq__cCs
||kSr!r'rkr'r'r(rmAszSubjectKeyIdentifier.__ne__cCs
t|j�Sr!)ror%r/r'r'r(rpDszSubjectKeyIdentifier.__hash__cCs
t�|�Sr!rrr/r'r'r(r#Gsz!SubjectKeyIdentifier.public_bytes)rBrCrDrZSUBJECT_KEY_IDENTIFIERr;rMr=r�r	r�rvr%rxrEr[rJrtrurlrmr6rpr#r'r'r'r(r�$s�r�c@s�eZdZejZejddd�dd�Ze	d�\Z
ZZe
d�dd	�Zejed
�dd�Zejed
�d
d�Zed�dd�Zed�dd�ZdS)�AuthorityInformationAccess�AccessDescriptionN��descriptionsr cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!�r"r�r|r'r'r(rR�z6AuthorityInformationAccess.__init__.<locals>.<genexpr>�@Every item in the descriptions list must be an AccessDescription�rQr�rX�
_descriptions�r0r�r'r'r(r=Ns�z#AuthorityInformationAccess.__init__r�r,cCsd�|j�S)Nz <AuthorityInformationAccess({})>�rIr�r/r'r'r(r[\sz#AuthorityInformationAccess.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rl_s
z!AuthorityInformationAccess.__eq__cCs
||kSr!r'rkr'r'r(rmesz!AuthorityInformationAccess.__ne__cCstt|j��Sr!�ror�r�r/r'r'r(rphsz#AuthorityInformationAccess.__hash__cCs
t�|�Sr!rrr/r'r'r(r#ksz'AuthorityInformationAccess.public_bytes)rBrCrDrZAUTHORITY_INFORMATION_ACCESSr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r�Ks�r�c@s�eZdZejZejddd�dd�Ze	d�\Z
ZZe
d�dd	�Zejed
�dd�Zejed
�d
d�Zed�dd�Zed�dd�ZdS)�SubjectInformationAccessr�Nr�cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!r�r|r'r'r(rvr�z4SubjectInformationAccess.__init__.<locals>.<genexpr>r�r�r�r'r'r(r=rs�z!SubjectInformationAccess.__init__r�r,cCsd�|j�S)Nz<SubjectInformationAccess({})>r�r/r'r'r(r[�sz!SubjectInformationAccess.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rl�s
zSubjectInformationAccess.__eq__cCs
||kSr!r'rkr'r'r(rm�szSubjectInformationAccess.__ne__cCstt|j��Sr!r�r/r'r'r(rp�sz!SubjectInformationAccess.__hash__cCs
t�|�Sr!rrr/r'r'r(r#�sz%SubjectInformationAccess.public_bytes)rBrCrDrZSUBJECT_INFORMATION_ACCESSr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r�os�r�c@s�eZdZeedd�dd�Zed�dd�Zej	e
d�d	d
�Zej	e
d�dd�Ze
d�d
d�Zeed�dd��Zeed�dd��ZdS)r�N)�
access_method�access_locationr cCs4t|t�std��t|t�s$td��||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)r"rrXr�_access_method�_access_location)r0r�r�r'r'r(r=�s

zAccessDescription.__init__r,cCs
d�|�S)NzY<AccessDescription(access_method={0.access_method}, access_location={0.access_location})>r�r/r'r'r(r[�s��zAccessDescription.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"r�rjr�r�rkr'r'r(rl�s


�zAccessDescription.__eq__cCs
||kSr!r'rkr'r'r(rm�szAccessDescription.__ne__cCst|j|jf�Sr!)ror�r�r/r'r'r(rp�szAccessDescription.__hash__cCs|jSr!)r�r/r'r'r(r��szAccessDescription.access_methodcCs|jSr!)r�r/r'r'r(r��sz!AccessDescription.access_location)rBrCrDrrr=rEr[rJrtrurlrmr6rprvr�r�r'r'r'r(r��s�	r�c@s�eZdZejZeeje	dd�dd�Z
eed�dd��Zeeje	d�dd	��Z
ed�d
d�Zejed�d
d�Zejed�dd�Ze	d�dd�Zed�dd�ZdS)�BasicConstraintsN)�ca�path_lengthr cCsXt|t�std��|dur&|s&td��|durHt|t�r@|dkrHtd��||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)r"rurXr�r6�_ca�_path_length)r0r�r�r'r'r(r=�s
���zBasicConstraints.__init__r,cCs|jSr!)r�r/r'r'r(r��szBasicConstraints.cacCs|jSr!)r�r/r'r'r(r��szBasicConstraints.path_lengthcCs
d�|�S)Nz:<BasicConstraints(ca={0.ca}, path_length={0.path_length})>r�r/r'r'r(r[�s��zBasicConstraints.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"r�rjr�r�rkr'r'r(rl�s
zBasicConstraints.__eq__cCs
||kSr!r'rkr'r'r(rm�szBasicConstraints.__ne__cCst|j|jf�Sr!)ror�r�r/r'r'r(rp�szBasicConstraints.__hash__cCs
t�|�Sr!rrr/r'r'r(r#�szBasicConstraints.public_bytes)rBrCrDrZBASIC_CONSTRAINTSr;rurJr�r6r=rvr�r�rEr[rtrlrmrprMr#r'r'r'r(r��sr�c@s�eZdZejZedd�dd�Zeed�dd��Z	e
jed�d	d
�Z
e
jed�dd�Zed�d
d�Zed�dd�Zed�dd�ZdS)�DeltaCRLIndicatorNrbcCst|t�std��||_dSrdrergr'r'r(r=�s
zDeltaCRLIndicator.__init__r,cCs|jSr!rqr/r'r'r(rc�szDeltaCRLIndicator.crl_numberrhcCst|t�stS|j|jkSr!)r"r�rjrcrkr'r'r(rl�s
zDeltaCRLIndicator.__eq__cCs
||kSr!r'rkr'r'r(rmszDeltaCRLIndicator.__ne__cCs
t|j�Sr!rnr/r'r'r(rpszDeltaCRLIndicator.__hash__cCs
d�|�S)Nz.<DeltaCRLIndicator(crl_number={0.crl_number})>r�r/r'r'r(r[szDeltaCRLIndicator.__repr__cCs
t�|�Sr!rrr/r'r'r(r#szDeltaCRLIndicator.public_bytes)rBrCrDrZDELTA_CRL_INDICATORr;r6r=rvrcrJrtrurlrmrprEr[rMr#r'r'r'r(r��sr�c@s�eZdZejZejddd�dd�Ze	d�\Z
ZZe
d�dd	�Zejed
�dd�Zejed
�d
d�Zed�dd�Zed�dd�ZdS)�CRLDistributionPoints�DistributionPointN��distribution_pointsr cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!�r"r�r|r'r'r(rsz1CRLDistributionPoints.__init__.<locals>.<genexpr>�?distribution_points must be a list of DistributionPoint objects�rQr�rX�_distribution_points�r0r�r'r'r(r=s��zCRLDistributionPoints.__init__r�r,cCsd�|j�S)Nz<CRLDistributionPoints({})>�rIr�r/r'r'r(r[$szCRLDistributionPoints.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rl's
zCRLDistributionPoints.__eq__cCs
||kSr!r'rkr'r'r(rm-szCRLDistributionPoints.__ne__cCstt|j��Sr!�ror�r�r/r'r'r(rp0szCRLDistributionPoints.__hash__cCs
t�|�Sr!rrr/r'r'r(r#3sz"CRLDistributionPoints.public_bytes)rBrCrDrZCRL_DISTRIBUTION_POINTSr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r�s��
r�c@s�eZdZejZejddd�dd�Ze	d�\Z
ZZe
d�dd	�Zejed
�dd�Zejed
�d
d�Zed�dd�Zed�dd�ZdS)�FreshestCRLr�Nr�cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!r�r|r'r'r(r>sz'FreshestCRL.__init__.<locals>.<genexpr>r�r�r�r'r'r(r=:s��zFreshestCRL.__init__r�r,cCsd�|j�S)Nz<FreshestCRL({})>r�r/r'r'r(r[LszFreshestCRL.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rlOs
zFreshestCRL.__eq__cCs
||kSr!r'rkr'r'r(rmUszFreshestCRL.__ne__cCstt|j��Sr!r�r/r'r'r(rpXszFreshestCRL.__hash__cCs
t�|�Sr!rrr/r'r'r(r#[szFreshestCRL.public_bytes)rBrCrDrZFRESHEST_CRLr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r�7s��
r�c@s�eZdZejejeejeejejdejejedd�dd�Z	e
d�dd�Zeje
d	�d
d�Zeje
d	�dd
�Zed�dd�Zeejejed�dd��Zeejed�dd��Zeejejdd�dd��Zeejejed�dd��ZdS)r��ReasonFlagsN)�	full_name�
relative_name�reasons�
crl_issuerr cCs�|r|rtd��|dur:t|�}tdd�|D��s:td��|rPt|t�sPtd��|durzt|�}tdd�|D��sztd��|r�t|t�r�tdd�|D��s�td	��|r�tj|vs�tj	|vr�td
��|r�|s�|s�|s�td��||_
||_||_||_
dS)NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|t�VqdSr!r{r|r'r'r(ror�z-DistributionPoint.__init__.<locals>.<genexpr>z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|t�VqdSr!r{r|r'r'r(r|r�z2crl_issuer must be None or a list of general namescss|]}t|t�VqdSr!�r"r�r|r'r'r(r�r�z0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)r�rQr�rXr"r�	frozensetr��unspecified�remove_from_crl�
_full_name�_relative_name�_reasons�_crl_issuer)r0r�r�r�r�r'r'r(r=`sV��
��������zDistributionPoint.__init__r,cCs
d�|�S)Nz}<DistributionPoint(full_name={0.full_name}, relative_name={0.relative_name}, reasons={0.reasons}, crl_issuer={0.crl_issuer})>r�r/r'r'r(r[�s��zDistributionPoint.__repr__rhcCs>t|t�stS|j|jko<|j|jko<|j|jko<|j|jkSr!)r"r�rjr�r�r�r�rkr'r'r(rl�s

�
�
�zDistributionPoint.__eq__cCs
||kSr!r'rkr'r'r(rm�szDistributionPoint.__ne__cCsH|jdurt|j�}nd}|jdur0t|j�}nd}t||j|j|f�Sr!)r�r�r�ror�r�)r0�fnr�r'r'r(rp�s
�
�zDistributionPoint.__hash__cCs|jSr!�r�r/r'r'r(r��szDistributionPoint.full_namecCs|jSr!�r�r/r'r'r(r��szDistributionPoint.relative_namecCs|jSr!)r�r/r'r'r(r��szDistributionPoint.reasonscCs|jSr!)r�r/r'r'r(r��szDistributionPoint.crl_issuer)rBrCrDrJr�r\rr�	FrozenSetr=rEr[rtrurlrmr6rprvr�r�r�r�r�r'r'r'r(r�_s$�;r�c@s4eZdZdZdZdZdZdZdZdZ	dZ
d	Zd
ZdS)r�r�Z
keyCompromiseZcACompromiseZaffiliationChanged�
supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZaACompromiseZ
removeFromCRLN)
rBrCrDr��key_compromise�
ca_compromise�affiliation_changedr��cessation_of_operation�certificate_hold�privilege_withdrawn�
aa_compromiser�r'r'r'r(r��sr�)��������c@s�eZdZejZejeejedd�dd�Z	e
d�dd�Zeje
d�d	d
�Zeje
d�dd�Zed�d
d�Zeejed�dd��Zeejed�dd��Zed�dd�ZdS)�PolicyConstraintsN)�require_explicit_policy�inhibit_policy_mappingr cCs\|durt|t�std��|dur4t|t�s4td��|durL|durLtd��||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)r"r6rXr��_require_explicit_policy�_inhibit_policy_mapping)r0r�r�r'r'r(r=�s$
��
���zPolicyConstraints.__init__r,cCs
d�|�S)Nz{<PolicyConstraints(require_explicit_policy={0.require_explicit_policy}, inhibit_policy_mapping={0.inhibit_policy_mapping})>r�r/r'r'r(r[s��zPolicyConstraints.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"r�rjr�r�rkr'r'r(rls


�zPolicyConstraints.__eq__cCs
||kSr!r'rkr'r'r(rm'szPolicyConstraints.__ne__cCst|j|jf�Sr!)ror�r�r/r'r'r(rp*s
�zPolicyConstraints.__hash__cCs|jSr!)r�r/r'r'r(r�/sz)PolicyConstraints.require_explicit_policycCs|jSr!)r�r/r'r'r(r�3sz(PolicyConstraints.inhibit_policy_mappingcCs
t�|�Sr!rrr/r'r'r(r#7szPolicyConstraints.public_bytes)rBrCrDrZPOLICY_CONSTRAINTSr;rJr�r6r=rEr[rtrurlrmrprvr�r�rMr#r'r'r'r(r��s�	r�c@s�eZdZejZejddd�dd�Ze	d�\Z
ZZe
d�dd	�Zejed
�dd�Zejed
�d
d�Zed�dd�Zed�dd�ZdS)�CertificatePolicies�PolicyInformationN)�policiesr cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!)r"r�r|r'r'r(r@r�z/CertificatePolicies.__init__.<locals>.<genexpr>z;Every item in the policies list must be a PolicyInformation)rQr�rX�	_policies)r0r�r'r'r(r=>s�zCertificatePolicies.__init__r�r,cCsd�|j�S)Nz<CertificatePolicies({})>)rIr�r/r'r'r(r[JszCertificatePolicies.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rlMs
zCertificatePolicies.__eq__cCs
||kSr!r'rkr'r'r(rmSszCertificatePolicies.__ne__cCstt|j��Sr!)ror�r�r/r'r'r(rpVszCertificatePolicies.__hash__cCs
t�|�Sr!rrr/r'r'r(r#Ysz CertificatePolicies.public_bytes)rBrCrDrZCERTIFICATE_POLICIESr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r�;s
r�c@s�eZdZeejejejedfdd�dd�Z	ed�dd�Z
ejed	�d
d�Z
ejed	�dd
�Zed�dd�Zeed�dd��Zeejejejedfd�dd��ZdS)r��
UserNoticeN)�policy_identifier�policy_qualifiersr cCsLt|t�std��||_|durBt|�}tdd�|D��sBtd��||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|ttf�VqdSr!)r"rEr�r|r'r'r(rlsz-PolicyInformation.__init__.<locals>.<genexpr>zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)r"rrX�_policy_identifierrQr��_policy_qualifiers)r0r�r�r'r'r(r=^s
��zPolicyInformation.__init__r,cCs
d�|�S)Nze<PolicyInformation(policy_identifier={0.policy_identifier}, policy_qualifiers={0.policy_qualifiers})>r�r/r'r'r(r[vs��zPolicyInformation.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"r�rjr�r�rkr'r'r(rl|s


�zPolicyInformation.__eq__cCs
||kSr!r'rkr'r'r(rm�szPolicyInformation.__ne__cCs(|jdurt|j�}nd}t|j|f�Sr!)r�r�ror�)r0Zpqr'r'r(rp�s

�zPolicyInformation.__hash__cCs|jSr!)r�r/r'r'r(r��sz#PolicyInformation.policy_identifiercCs|jSr!)r�r/r'r'r(r��sz#PolicyInformation.policy_qualifiers)rBrCrDrrJr�r\�UnionrEr=r[rtrurlrmr6rprvr�r�r�r'r'r'r(r�]s��	
�r�c@s�eZdZejdejedd�dd�Zed�dd�Zeje	d	�d
d�Z
eje	d	�dd
�Zed�dd�Z
eejdd�dd��Zeejed�dd��ZdS)r��NoticeReferenceN)�notice_reference�
explicit_textr cCs&|rt|t�std��||_||_dS)Nz2notice_reference must be None or a NoticeReference)r"r�rX�_notice_reference�_explicit_text)r0r�r�r'r'r(r=�s��zUserNotice.__init__r,cCs
d�|�S)NzV<UserNotice(notice_reference={0.notice_reference}, explicit_text={0.explicit_text!r})>r�r/r'r'r(r[�s��zUserNotice.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"r�rjr�r�rkr'r'r(rl�s


�zUserNotice.__eq__cCs
||kSr!r'rkr'r'r(rm�szUserNotice.__ne__cCst|j|jf�Sr!)ror�r�r/r'r'r(rp�szUserNotice.__hash__cCs|jSr!)r�r/r'r'r(r��szUserNotice.notice_referencecCs|jSr!)r�r/r'r'r(r��szUserNotice.explicit_text)rBrCrDrJr�rEr=r[rtrurlrmr6rprvr�r�r'r'r'r(r��s�	r�c@s�eZdZejeejedd�dd�Zed�dd�Z	ej
ed�d	d
�Zej
ed�dd�Z
ed�d
d�Zeejed�dd��Zeejed�dd��ZdS)r�N)�organization�notice_numbersr cCs2||_t|�}tdd�|D��s(td��||_dS)Ncss|]}t|t�VqdSr!)r"r6r|r'r'r(r�r�z+NoticeReference.__init__.<locals>.<genexpr>z)notice_numbers must be a list of integers)�
_organizationrQr�rX�_notice_numbers)r0r�r�r'r'r(r=�s
zNoticeReference.__init__r,cCs
d�|�S)NzU<NoticeReference(organization={0.organization!r}, notice_numbers={0.notice_numbers})>r�r/r'r'r(r[�s��zNoticeReference.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"r�rjr�r�rkr'r'r(rl�s


�zNoticeReference.__eq__cCs
||kSr!r'rkr'r'r(rm�szNoticeReference.__ne__cCst|jt|j�f�Sr!)ror�r�r�r/r'r'r(rp�szNoticeReference.__hash__cCs|jSr!)r�r/r'r'r(r��szNoticeReference.organizationcCs|jSr!)r�r/r'r'r(r��szNoticeReference.notice_numbers)rBrCrDrJr�rEr\r6r=r[rtrurlrmrprvr�r�r�r'r'r'r(r��s�	r�c@s�eZdZejZejedd�dd�Z	e
d�\ZZZ
ed�dd�Zejed	�d
d�Zejed	�dd
�Zed�dd�Zed�dd�ZdS)�ExtendedKeyUsageN)�usagesr cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!)r"rr|r'r'r(r�r�z,ExtendedKeyUsage.__init__.<locals>.<genexpr>z9Every item in the usages list must be an ObjectIdentifier)rQr�rX�_usages)r0r�r'r'r(r=�s�zExtendedKeyUsage.__init__r�r,cCsd�|j�S)Nz<ExtendedKeyUsage({})>)rIr�r/r'r'r(r[szExtendedKeyUsage.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rls
zExtendedKeyUsage.__eq__cCs
||kSr!r'rkr'r'r(rm
szExtendedKeyUsage.__ne__cCstt|j��Sr!)ror�r�r/r'r'r(rpszExtendedKeyUsage.__hash__cCs
t�|�Sr!rrr/r'r'r(r#szExtendedKeyUsage.public_bytes)rBrCrDrZEXTENDED_KEY_USAGEr;rJr\rr=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r��s	r�c@s`eZdZejZejed�dd�Z	ejed�dd�Z
ed�dd�Ze
d�d	d
�Zed�dd�Zd
S)�OCSPNoCheckrhcCst|t�stSdS�NT)r"r�rjrkr'r'r(rls
zOCSPNoCheck.__eq__cCs
||kSr!r'rkr'r'r(rm szOCSPNoCheck.__ne__r,cCstt�Sr!)ror�r/r'r'r(rp#szOCSPNoCheck.__hash__cCsdS)Nz<OCSPNoCheck()>r'r/r'r'r(r[&szOCSPNoCheck.__repr__cCs
t�|�Sr!rrr/r'r'r(r#)szOCSPNoCheck.public_bytesN)rBrCrDrZ
OCSP_NO_CHECKr;rJrtrurlrmr6rprEr[rMr#r'r'r'r(r�sr�c@s`eZdZejZejed�dd�Z	ejed�dd�Z
ed�dd�Ze
d�d	d
�Zed�dd�Zd
S)�
PrecertPoisonrhcCst|t�stSdSr�)r"r�rjrkr'r'r(rl0s
zPrecertPoison.__eq__cCs
||kSr!r'rkr'r'r(rm6szPrecertPoison.__ne__r,cCstt�Sr!)ror�r/r'r'r(rp9szPrecertPoison.__hash__cCsdS)Nz<PrecertPoison()>r'r/r'r'r(r[<szPrecertPoison.__repr__cCs
t�|�Sr!rrr/r'r'r(r#?szPrecertPoison.public_bytesN)rBrCrDrZPRECERT_POISONr;rJrtrurlrmr6rprEr[rMr#r'r'r'r(r�-sr�c@s�eZdZejZejddd�dd�Ze	d�\Z
ZZe
d�dd	�Zejed
�dd�Zejed
�d
d�Zed�dd�Zed�dd�ZdS)�
TLSFeature�TLSFeatureTypeN)�featuresr cCs8t|�}tdd�|D��r&t|�dkr.td��||_dS)Ncss|]}t|t�VqdSr!)r"r�r|r'r'r(rIr�z&TLSFeature.__init__.<locals>.<genexpr>rz@features must be a list of elements from the TLSFeatureType enum)rQr�r-rX�	_features)r0r�r'r'r(r=Fs�
��zTLSFeature.__init__r�r,cCs
d�|�S)Nz$<TLSFeature(features={0._features})>r�r/r'r'r(r[UszTLSFeature.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rlXs
zTLSFeature.__eq__cCs
||kSr!r'rkr'r'r(rm^szTLSFeature.__ne__cCstt|j��Sr!)ror�r�r/r'r'r(rpaszTLSFeature.__hash__cCs
t�|�Sr!rrr/r'r'r(r#dszTLSFeature.public_bytes)rBrCrDrZTLS_FEATUREr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r�Cs
r�c@seZdZdZdZdS)r�r��N)rBrCrDZstatus_requestZstatus_request_v2r'r'r'r(r�hsr�cCsi|]}|j|�qSr'�rYr|r'r'r(�
<dictcomp>sr�r�c@s�eZdZejZedd�dd�Zed�dd�Z	e
jed�d	d
�Z
e
jed�dd�Zed�d
d�Zeed�dd��Zed�dd�ZdS)�InhibitAnyPolicyN)�
skip_certsr cCs,t|t�std��|dkr"td��||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)r"r6rXr��_skip_certs)r0r�r'r'r(r=ys

zInhibitAnyPolicy.__init__r,cCs
d�|�S)Nz-<InhibitAnyPolicy(skip_certs={0.skip_certs})>r�r/r'r'r(r[�szInhibitAnyPolicy.__repr__rhcCst|t�stS|j|jkSr!)r"r�rjr�rkr'r'r(rl�s
zInhibitAnyPolicy.__eq__cCs
||kSr!r'rkr'r'r(rm�szInhibitAnyPolicy.__ne__cCs
t|j�Sr!)ror�r/r'r'r(rp�szInhibitAnyPolicy.__hash__cCs|jSr!)r�r/r'r'r(r��szInhibitAnyPolicy.skip_certscCs
t�|�Sr!rrr/r'r'r(r#�szInhibitAnyPolicy.public_bytes)rBrCrDrZINHIBIT_ANY_POLICYr;r6r=rEr[rJrtrurlrmrprvr�rMr#r'r'r'r(r�vs	r�c@s"eZdZejZeeeeeeeeedd�
dd�Zeed�dd��Z	eed�dd	��Z
eed�d
d��Zeed�dd
��Zeed�dd��Z
eed�dd��Zeed�dd��Zeed�dd��Zeed�dd��Zed�dd�Zejed�dd�Zejed�dd�Zed�dd �Zed�d!d"�ZdS)#�KeyUsageN)
�digital_signature�content_commitment�key_encipherment�data_encipherment�
key_agreement�
key_cert_sign�crl_sign�
encipher_only�
decipher_onlyr c

CsN|s|s|	rtd��||_||_||_||_||_||_||_||_|	|_	dS)NzKencipher_only and decipher_only can only be true when key_agreement is true)
r��_digital_signature�_content_commitment�_key_encipherment�_data_encipherment�_key_agreement�_key_cert_sign�	_crl_sign�_encipher_only�_decipher_only)
r0rrrrrrrrrr'r'r(r=�s�zKeyUsage.__init__r,cCs|jSr!)r	r/r'r'r(r�szKeyUsage.digital_signaturecCs|jSr!)r
r/r'r'r(r�szKeyUsage.content_commitmentcCs|jSr!)rr/r'r'r(r�szKeyUsage.key_enciphermentcCs|jSr!)rr/r'r'r(r�szKeyUsage.data_enciphermentcCs|jSr!)r
r/r'r'r(r�szKeyUsage.key_agreementcCs|jSr!)rr/r'r'r(r�szKeyUsage.key_cert_signcCs|jSr!)rr/r'r'r(r�szKeyUsage.crl_signcCs|jstd��n|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rr�rr/r'r'r(r�s
�zKeyUsage.encipher_onlycCs|jstd��n|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rr�rr/r'r'r(r�s
�zKeyUsage.decipher_onlycCs:z|j}|j}Wnty*d}d}Yn0d�|||�S)NFa-<KeyUsage(digital_signature={0.digital_signature}, content_commitment={0.content_commitment}, key_encipherment={0.key_encipherment}, data_encipherment={0.data_encipherment}, key_agreement={0.key_agreement}, key_cert_sign={0.key_cert_sign}, crl_sign={0.crl_sign}, encipher_only={1}, decipher_only={2})>)rrr�rI)r0rrr'r'r(r[�s

��zKeyUsage.__repr__rhcCszt|t�stS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j	|j	kox|j
|j
kox|j|jkSr!)r"r�rjrrrrrrrrrrkr'r'r(rl�s&

�
�
�
�
�
�
�
�zKeyUsage.__eq__cCs
||kSr!r'rkr'r'r(rmszKeyUsage.__ne__c
Cs,t|j|j|j|j|j|j|j|j|j	f	�Sr!)
rorrrrrrrrrr/r'r'r(rps��zKeyUsage.__hash__cCs
t�|�Sr!rrr/r'r'r(r#szKeyUsage.public_bytes)rBrCrDrZ	KEY_USAGEr;rur=rvrrrrrrrrrrEr[rJrtrlrmr6rprMr#r'r'r'r(r��sF�r�c@s�eZdZejZejeje	ejeje	dd�dd�Z
ejed�dd�Z
ejed�dd	�Zeje	dd
�dd�Zed
�dd�Zed
�dd�Zeejeje	d
�dd��Zeejeje	d
�dd��Zed
�dd�ZdS)�NameConstraintsN)�permitted_subtrees�excluded_subtreesr cCs�|dur4t|�}tdd�|D��s*td��|�|�|durht|�}tdd�|D��s^td��|�|�|dur�|dur�td��||_||_dS)Ncss|]}t|t�VqdSr!r{r|r'r'r(r+r�z+NameConstraints.__init__.<locals>.<genexpr>z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|t�VqdSr!r{r|r'r'r(r5r�z?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rQr�rX�_validate_ip_namer��_permitted_subtrees�_excluded_subtrees)r0rrr'r'r(r=$s(�
�
�zNameConstraints.__init__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rlFs


�zNameConstraints.__eq__cCs
||kSr!r'rkr'r'r(rmOszNameConstraints.__ne__)�treer cCstdd�|D��rtd��dS)Ncss.|]&}t|t�o$t|jtjtjf�VqdSr!)r"rrY�	ipaddressZIPv4NetworkZIPv6Network)r}�namer'r'r(rSs
�
�z4NameConstraints._validate_ip_name.<locals>.<genexpr>zGIPAddress name constraints must be an IPv4Network or IPv6Network object)�anyrX)r0rr'r'r(rRs��z!NameConstraints._validate_ip_namer,cCs
d�|�S)Nze<NameConstraints(permitted_subtrees={0.permitted_subtrees}, excluded_subtrees={0.excluded_subtrees})>r�r/r'r'r(r[_s��zNameConstraints.__repr__cCs@|jdurt|j�}nd}|jdur0t|j�}nd}t||f�Sr!)rr�rro)r0Zps�esr'r'r(rpes
�
�zNameConstraints.__hash__cCs|jSr!)rr/r'r'r(rvsz"NameConstraints.permitted_subtreescCs|jSr!)rr/r'r'r(r|sz!NameConstraints.excluded_subtreescCs
t�|�Sr!rrr/r'r'r(r#�szNameConstraints.public_bytes)rBrCrDrZNAME_CONSTRAINTSr;rJr�r\rr=rtrurlrmrrEr[r6rprvr�rrrMr#r'r'r'r(r!s"�"	
��rc@s�eZdZeeedd�dd�Zeed�dd��Zeed�dd	��Z	eed�d
d��Z
ed�dd
�Ze
jed�dd�Ze
jed�dd�Zed�dd�ZdS)�	ExtensionN)r;�criticalrYr cCs:t|t�std��t|t�s$td��||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)r"rrXru�_oid�	_critical�_value)r0r;rrYr'r'r(r=�s
�
zExtension.__init__r,cCs|jSr!�rr/r'r'r(r;�sz
Extension.oidcCs|jSr!)r r/r'r'r(r�szExtension.criticalcCs|jSr!�r!r/r'r'r(rY�szExtension.valuecCs
d�|�S)Nz@<Extension(oid={0.oid}, critical={0.critical}, value={0.value})>r�r/r'r'r(r[�s��zExtension.__repr__rhcCs2t|t�stS|j|jko0|j|jko0|j|jkSr!)r"rrjr;rrYrkr'r'r(rl�s

�
�zExtension.__eq__cCs
||kSr!r'rkr'r'r(rm�szExtension.__ne__cCst|j|j|jf�Sr!)ror;rrYr/r'r'r(rp�szExtension.__hash__)rBrCrDrrurr=rvr;rrYrEr[rJrtrlrmr6rpr'r'r'r(r�s�
rc	@s�eZdZejedd�dd�Zed�\ZZ	Z
ejejej
eej
eej
efejed�dd��Zejej
eejed�d	d��Zejej
eejed�d
d��Zejej
eejed�dd��Zejej
eejed�dd��Zejej
eej
eej
eej
eej
eej
eej
efejejeejeejeejeejefd�d
d�Zed�dd�Zejed�dd�Zejed�dd�Ze d�dd�Z!dS)�GeneralNamesN��
general_namesr cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!r{r|r'r'r(r�r�z(GeneralNames.__init__.<locals>.<genexpr>z^Every item in the general_names list must be an object conforming to the GeneralName interface)rQr�rX�_general_names�r0r&r'r'r(r=�s�zGeneralNames.__init__r'��typer cCsdSr!r'�r0r*r'r'r(�get_values_for_type�s	z GeneralNames.get_values_for_typecCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scs0�fdd�|D�}�tkr(dd�|D�St|�S)Nc3s|]}t|��r|VqdSr!)r"�r}�i�r*r'r(rr�z3GeneralNames.get_values_for_type.<locals>.<genexpr>cSsg|]
}|j�qSr'r�r-r'r'r(�
<listcomp>r�z4GeneralNames.get_values_for_type.<locals>.<listcomp>)rrQ)r0r*Zobjsr'r/r(r,�sr,cCsd�|j�S)Nz<GeneralNames({})>�rIr'r/r'r'r(r[szGeneralNames.__repr__rhcCst|t�stS|j|jkSr!)r"r$rjr'rkr'r'r(rls
zGeneralNames.__eq__cCs
||kSr!r'rkr'r'r(rmszGeneralNames.__ne__cCstt|j��Sr!)ror�r'r/r'r'r(rpszGeneralNames.__hash__)"rBrCrDrJr\rr=r7r^r_r`�overloadr�r]rrrr�rEr,r
rrrrrrr[rtrurlrmr6rpr'r'r'r(r$�sd
���
������	���r$c	@s�eZdZejZejedd�dd�Z	e
d�\ZZZ
ejejejeejeejefejed�dd��Zejejeejed�d	d��Zejejeejed�d
d��Zejejeejed�dd��Zejejeejed�dd��Zejejeejeejeejeejeejeejefejejeejeejeejeejefd�d
d�Zed�dd�Zeje d�dd�Z!eje d�dd�Z"e#d�dd�Z$e%d�dd�Z&dS)�SubjectAlternativeNameNr%cCst|�|_dSr!�r$r'r(r'r'r(r=szSubjectAlternativeName.__init__r'r)cCsdSr!r'r+r'r'r(r,s	z*SubjectAlternativeName.get_values_for_typecCsdSr!r'r+r'r'r(r,(scCsdSr!r'r+r'r'r(r,/scCsdSr!r'r+r'r'r(r,6scCsdSr!r'r+r'r'r(r,<scCs|j�|�Sr!�r'r,r+r'r'r(r,Bsr,cCsd�|j�S)Nz<SubjectAlternativeName({})>r1r/r'r'r(r[VszSubjectAlternativeName.__repr__rhcCst|t�stS|j|jkSr!)r"r3rjr'rkr'r'r(rlYs
zSubjectAlternativeName.__eq__cCs
||kSr!r'rkr'r'r(rm_szSubjectAlternativeName.__ne__cCs
t|j�Sr!�ror'r/r'r'r(rpbszSubjectAlternativeName.__hash__cCs
t�|�Sr!rrr/r'r'r(r#esz#SubjectAlternativeName.public_bytes)'rBrCrDrZSUBJECT_ALTERNATIVE_NAMEr;rJr\rr=r7r^r_r`r2r�r]rrrr�rEr,r
rrrrrrr[rtrurlrmr6rprMr#r'r'r'r(r3sh���
������	���r3c	@s�eZdZejZejedd�dd�Z	e
d�\ZZZ
ejejejeejeejefejed�dd��Zejejeejed�d	d��Zejejeejed�d
d��Zejejeejed�dd��Zejejeejed�dd��Zejejeejeejeejeejeejeejefejejeejeejeejeejefd�d
d�Zed�dd�Zeje d�dd�Z!eje d�dd�Z"e#d�dd�Z$e%d�dd�Z&dS)�IssuerAlternativeNameNr%cCst|�|_dSr!r4r(r'r'r(r=lszIssuerAlternativeName.__init__r'r)cCsdSr!r'r+r'r'r(r,qs	z)IssuerAlternativeName.get_values_for_typecCsdSr!r'r+r'r'r(r,|scCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCs|j�|�Sr!r5r+r'r'r(r,�sr,cCsd�|j�S)Nz<IssuerAlternativeName({})>r1r/r'r'r(r[�szIssuerAlternativeName.__repr__rhcCst|t�stS|j|jkSr!)r"r7rjr'rkr'r'r(rl�s
zIssuerAlternativeName.__eq__cCs
||kSr!r'rkr'r'r(rm�szIssuerAlternativeName.__ne__cCs
t|j�Sr!r6r/r'r'r(rp�szIssuerAlternativeName.__hash__cCs
t�|�Sr!rrr/r'r'r(r#�sz"IssuerAlternativeName.public_bytes)'rBrCrDrZISSUER_ALTERNATIVE_NAMEr;rJr\rr=r7r^r_r`r2r�r]rrrr�rEr,r
rrrrrrr[rtrurlrmr6rprMr#r'r'r'r(r7ish���
������	���r7c	@s�eZdZejZejedd�dd�Z	e
d�\ZZZ
ejejejeejeejefejed�dd��Zejejeejed�d	d��Zejejeejed�d
d��Zejejeejed�dd��Zejejeejed�dd��Zejejeejeejeejeejeejeejefejejeejeejeejeejefd�d
d�Zed�dd�Zeje d�dd�Z!eje d�dd�Z"e#d�dd�Z$e%d�dd�Z&dS)�CertificateIssuerNr%cCst|�|_dSr!r4r(r'r'r(r=�szCertificateIssuer.__init__r'r)cCsdSr!r'r+r'r'r(r,�s	z%CertificateIssuer.get_values_for_typecCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCsdSr!r'r+r'r'r(r,�scCs|j�|�Sr!r5r+r'r'r(r,�sr,cCsd�|j�S)Nz<CertificateIssuer({})>r1r/r'r'r(r[�szCertificateIssuer.__repr__rhcCst|t�stS|j|jkSr!)r"r8rjr'rkr'r'r(rls
zCertificateIssuer.__eq__cCs
||kSr!r'rkr'r'r(rmszCertificateIssuer.__ne__cCs
t|j�Sr!r6r/r'r'r(rp
szCertificateIssuer.__hash__cCs
t�|�Sr!rrr/r'r'r(r#
szCertificateIssuer.public_bytes)'rBrCrDrZCERTIFICATE_ISSUERr;rJr\rr=r7r^r_r`r2r�r]rrrr�rEr,r
rrrrrrr[rtrurlrmr6rprMr#r'r'r'r(r8�sh���
������	���r8c@s�eZdZejZedd�dd�Zed�dd�Z	e
jed�d	d
�Z
e
jed�dd�Zed�d
d�Zeed�dd��Zed�dd�ZdS)�	CRLReasonN)�reasonr cCst|t�std��||_dS)Nz*reason must be an element from ReasonFlags)r"r�rX�_reason)r0r:r'r'r(r=s
zCRLReason.__init__r,cCsd�|j�S)Nz<CRLReason(reason={})>)rIr;r/r'r'r(r[szCRLReason.__repr__rhcCst|t�stS|j|jkSr!)r"r9rjr:rkr'r'r(rls
zCRLReason.__eq__cCs
||kSr!r'rkr'r'r(rm#szCRLReason.__ne__cCs
t|j�Sr!)ror:r/r'r'r(rp&szCRLReason.__hash__cCs|jSr!)r;r/r'r'r(r:)szCRLReason.reasoncCs
t�|�Sr!rrr/r'r'r(r#-szCRLReason.public_bytes)rBrCrDrZ
CRL_REASONr;r�r=rEr[rJrtrurlrmr6rprvr:rMr#r'r'r'r(r9sr9c@s�eZdZejZejdd�dd�Zed�dd�Z	e
jed�d	d
�Z
e
jed�dd�Zed�d
d�Zeejd�dd��Zed�dd�ZdS)�InvalidityDateN)�invalidity_dater cCst|tj�std��||_dS)Nz+invalidity_date must be a datetime.datetime)r"�datetimerX�_invalidity_date)r0r=r'r'r(r=4szInvalidityDate.__init__r,cCsd�|j�S)Nz$<InvalidityDate(invalidity_date={})>)rIr?r/r'r'r(r[:s�zInvalidityDate.__repr__rhcCst|t�stS|j|jkSr!)r"r<rjr=rkr'r'r(rl?s
zInvalidityDate.__eq__cCs
||kSr!r'rkr'r'r(rmEszInvalidityDate.__ne__cCs
t|j�Sr!)ror=r/r'r'r(rpHszInvalidityDate.__hash__cCs|jSr!)r?r/r'r'r(r=KszInvalidityDate.invalidity_datecCs
t�|�Sr!rrr/r'r'r(r#OszInvalidityDate.public_bytes)rBrCrDrZINVALIDITY_DATEr;r>r=rEr[rJrtrurlrmr6rprvr=rMr#r'r'r'r(r<1sr<c@s�eZdZejZejedd�dd�Z	e
d�\ZZZ
ed�dd�Zed�d	d
�Zejed�dd
�Zejed�dd�Zed�dd�ZdS)�)PrecertificateSignedCertificateTimestampsN��signed_certificate_timestampsr cCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!�r"r�r}Zsctr'r'r(r]s�zEPrecertificateSignedCertificateTimestamps.__init__.<locals>.<genexpr>�YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamp�rQr�rX�_signed_certificate_timestamps�r0rBr'r'r(r=Vs��z2PrecertificateSignedCertificateTimestamps.__init__rGr,cCsd�t|��S)Nz/<PrecertificateSignedCertificateTimestamps({})>�rIrQr/r'r'r(r[ks�z2PrecertificateSignedCertificateTimestamps.__repr__cCstt|j��Sr!�ror�rGr/r'r'r(rppsz2PrecertificateSignedCertificateTimestamps.__hash__rhcCst|t�stS|j|jkSr!)r"r@rjrGrkr'r'r(rlss
��z0PrecertificateSignedCertificateTimestamps.__eq__cCs
||kSr!r'rkr'r'r(rm|sz0PrecertificateSignedCertificateTimestamps.__ne__cCs
t�|�Sr!rrr/r'r'r(r#sz6PrecertificateSignedCertificateTimestamps.public_bytes)rBrCrDrZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr;rJr\rr=r7r^r_r`rEr[r6rprtrurlrmrMr#r'r'r'r(r@Ss���
	r@c@s�eZdZejZejedd�dd�Z	e
d�\ZZZ
ed�dd�Zed�d	d
�Zejed�dd
�Zejed�dd�Zed�dd�ZdS)�SignedCertificateTimestampsNrAcCs,t|�}tdd�|D��s"td��||_dS)Ncss|]}t|t�VqdSr!rCrDr'r'r(r�s�z7SignedCertificateTimestamps.__init__.<locals>.<genexpr>rErFrHr'r'r(r=�s��z$SignedCertificateTimestamps.__init__rGr,cCsd�t|��S)Nz!<SignedCertificateTimestamps({})>rIr/r'r'r(r[�sz$SignedCertificateTimestamps.__repr__cCstt|j��Sr!rJr/r'r'r(rp�sz$SignedCertificateTimestamps.__hash__rhcCst|t�stS|j|jkSr!)r"rKrjrGrkr'r'r(rl�s
��z"SignedCertificateTimestamps.__eq__cCs
||kSr!r'rkr'r'r(rm�sz"SignedCertificateTimestamps.__ne__cCs
t�|�Sr!rrr/r'r'r(r#�sz(SignedCertificateTimestamps.public_bytes)rBrCrDrZSIGNED_CERTIFICATE_TIMESTAMPSr;rJr\rr=r7r^r_r`rEr[r6rprtrurlrmrMr#r'r'r'r(rK�s���
	rKc@s�eZdZejZedd�dd�Zej	e
d�dd�Zej	e
d�dd	�Ze
d
�dd�Zed
�d
d�Zeed
�dd��Zed
�dd�ZdS)�	OCSPNonceN)�noncer cCst|t�std��||_dS)Nznonce must be bytes)r"rMrX�_nonce)r0rMr'r'r(r=�s
zOCSPNonce.__init__rhcCst|t�stS|j|jkSr!)r"rLrjrMrkr'r'r(rl�s
zOCSPNonce.__eq__cCs
||kSr!r'rkr'r'r(rm�szOCSPNonce.__ne__r,cCs
t|j�Sr!)rorMr/r'r'r(rp�szOCSPNonce.__hash__cCs
d�|�S)Nz<OCSPNonce(nonce={0.nonce!r})>r�r/r'r'r(r[�szOCSPNonce.__repr__cCs|jSr!)rNr/r'r'r(rM�szOCSPNonce.noncecCs
t�|�Sr!rrr/r'r'r(r#�szOCSPNonce.public_bytes)rBrCrDrZNONCEr;rMr=rJrtrurlrmr6rprEr[rvrMr#r'r'r'r(rL�srLc	@s6eZdZejZejeje	eje
eeejeje
eedd�dd�Zed�dd�Zejed�d	d
�Zejed�dd�Zed�d
d�Zeejeje	d�dd��Zeeje
d�dd��Zeed�dd��Zeed�dd��Zeejeje
d�dd��Zeed�dd��Zeed�dd��Zed�dd�Z dS)�IssuingDistributionPointN)r�r��only_contains_user_certs�only_contains_ca_certs�only_some_reasons�indirect_crl�only_contains_attribute_certsr c	Cs�|durt|�}|r8t|t�r0tdd�|D��s8td��|rXtj|vsPtj|vrXtd��t|t	�r�t|t	�r�t|t	�r�t|t	�s�td��||||g}t
dd�|D��dkr�td	��t|||||||g�s�td
��||_||_
||_||_||_||_||_dS)Ncss|]}t|t�VqdSr!r�r|r'r'r(r�r�z4IssuingDistributionPoint.__init__.<locals>.<genexpr>z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|]}|r|�qSr'r'r|r'r'r(r0r�z5IssuingDistributionPoint.__init__.<locals>.<listcomp>r�z�Only one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certsz�Cannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rQr"r�r�rXr�r�r�r�rur-r�_only_contains_user_certs�_only_contains_ca_certs�
_indirect_crl�_only_contains_attribute_certs�_only_some_reasonsr�r�)	r0r�r�rPrQrRrSrTZcrl_constraintsr'r'r(r=�st
����������������z!IssuingDistributionPoint.__init__r,cCs
d�|�S)NaG<IssuingDistributionPoint(full_name={0.full_name}, relative_name={0.relative_name}, only_contains_user_certs={0.only_contains_user_certs}, only_contains_ca_certs={0.only_contains_ca_certs}, only_some_reasons={0.only_some_reasons}, indirect_crl={0.indirect_crl}, only_contains_attribute_certs={0.only_contains_attribute_certs})>r�r/r'r'r(r['s��z!IssuingDistributionPoint.__repr__rhcCsbt|t�stS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j	|j	kSr!)
r"rOrjr�r�rPrQrRrSrTrkr'r'r(rl3s"

�
�
�
�
���zIssuingDistributionPoint.__eq__cCs
||kSr!r'rkr'r'r(rmBszIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jf�Sr!)ror�r�rPrQrRrSrTr/r'r'r(rpEs��z!IssuingDistributionPoint.__hash__cCs|jSr!r�r/r'r'r(r�Rsz"IssuingDistributionPoint.full_namecCs|jSr!r�r/r'r'r(r�Vsz&IssuingDistributionPoint.relative_namecCs|jSr!)rUr/r'r'r(rPZsz1IssuingDistributionPoint.only_contains_user_certscCs|jSr!)rVr/r'r'r(rQ^sz/IssuingDistributionPoint.only_contains_ca_certscCs|jSr!)rYr/r'r'r(rRbsz*IssuingDistributionPoint.only_some_reasonscCs|jSr!)rWr/r'r'r(rShsz%IssuingDistributionPoint.indirect_crlcCs|jSr!)rXr/r'r'r(rTlsz6IssuingDistributionPoint.only_contains_attribute_certscCs
t�|�Sr!rrr/r'r'r(r#psz%IssuingDistributionPoint.public_bytes)!rBrCrDrZISSUING_DISTRIBUTION_POINTr;rJr�r\rrrur�r�r=rEr[rtrlrmr6rprvr�r�r�rPrQrRrSrTrMr#r'r'r'r(rO�s<�S
�rOc@s�eZdZeedd�dd�Zeed�dd��Zeed�dd	��Ze	d�d
d�Z
eje
d�d
d�Zeje
d�dd�Zed�dd�Zed�dd�ZdS)rWN)r;rYr cCs"t|t�std��||_||_dS)Nzoid must be an ObjectIdentifier)r"rrXrr!)r0r;rYr'r'r(r=us
zUnrecognizedExtension.__init__r,cCs|jSr!r"r/r'r'r(r;{szUnrecognizedExtension.oidcCs|jSr!r#r/r'r'r(rYszUnrecognizedExtension.valuecCs
d�|�S)Nz7<UnrecognizedExtension(oid={0.oid}, value={0.value!r})>r�r/r'r'r(r[�s��zUnrecognizedExtension.__repr__rhcCs&t|t�stS|j|jko$|j|jkSr!)r"rWrjr;rYrkr'r'r(rl�s
zUnrecognizedExtension.__eq__cCs
||kSr!r'rkr'r'r(rm�szUnrecognizedExtension.__ne__cCst|j|jf�Sr!)ror;rYr/r'r'r(rp�szUnrecognizedExtension.__hash__cCs|jSr!r�r/r'r'r(r#�sz"UnrecognizedExtension.public_bytes)rBrCrDrrMr=rvr;rYrEr[rJrtrurlrmr6rpr#r'r'r'r(rWtsrW)g�abcr>r$rrJZcryptographyrZ"cryptography.hazmat.bindings._rustrrrsZcryptography.hazmat.primitivesrrZ,cryptography.hazmat.primitives.asymmetric.ecrZ-cryptography.hazmat.primitives.asymmetric.rsarZ/cryptography.hazmat.primitives.asymmetric.typesr	r
Z*cryptography.x509.certificate_transparencyrZcryptography.x509.general_namerr
rrrrrrrZcryptography.x509.namerrZcryptography.x509.oidrrrr�TypeVarrrMr)rEr7�	Exceptionr8rG�ABCMetar�objectrOrarwr�r�r�r�r�r�r�r�r��Enumr�r�r�r�r�r�r�r�r�Z_REASON_BIT_MAPPINGr�r�r�r�r�r�r�r�r�r�Z_TLS_FEATURE_TYPE_TO_ENUMr�r�r�Genericrr$r3r7r8r9r<r@rKrLrOrWr'r'r'r(�<module>s�,�
' o'$$+1 ((s�D"@.+!%#	e3\TTT "0. $