a a @sddlZddlZddlZddlZddlZddlmZddlmZddlm Z ddl m Z m Z ddlmZddlmZddlmZmZdd lmZdd lmZmZmZmZmZmZmZmZm Z dd l!m"Z"m#Z#dd l$m%Z%m&Z&m'Z'm(Z(ej)d ddZ*ee+dddZ,e-dddZ.Gddde/Z0Gddde/Z1Gdddej2dZ3Gddde4Z5Gddde3Z6Gd d!d!e3Z7Gd"d#d#e3Z8Gd$d%d%e3Z9Gd&d'd'e3Z:Gd(d)d)e4Z;Gd*d+d+e3ZGd0d1d1e3Z?Gd2d3d3e4Z@Gd4d5d5ejAZBeBjCeBjDeBjEeBjFeBjGeBjHeBjIeBjJd6ZKGd7d8d8e3ZLGd9d:d:e3ZMGd;d<dd>e4ZOGd?d@d@e4ZPGdAdBdBe3ZQGdCdDdDe3ZRGdEdFdFe3ZSGdGdHdHe3ZTGdIdJdJejAZUdKdLeUDZVGdMdNdNe3ZWGdOdPdPe3ZXGdQdRdRe3ZYGdSdTdTejZe*Z[GdUdVdVe4Z\GdWdXdXe3Z]GdYdZdZe3Z^Gd[d\d\e3Z_Gd]d^d^e3Z`Gd_d`d`e3ZaGdadbdbe3ZbGdcdddde3ZcGdedfdfe3ZdGdgdhdhe3ZeGdidjdje3ZfdS)kN)utils)asn1)x509) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)CERTIFICATE_PUBLIC_KEY_TYPESPUBLIC_KEY_TYPES)SignedCertificateTimestamp) DNSName DirectoryName GeneralName IPAddress OtherName RFC822Name RegisteredIDUniformResourceIdentifier_IPADDRESS_TYPES)NameRelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifierExtensionTypeVar ExtensionType)bound public_keyreturncCslt|tr |tjjtjj}n>t|tr@|tjj tjj }n|tjjtjj }t |}t|SN) isinstancer public_bytesrZEncodingZDERZ PublicFormatZPKCS1rZX962ZUncompressedPointZSubjectPublicKeyInforZparse_spki_for_datahashlibZsha1digest)rdataZ serializedr'B/usr/lib64/python3.9/site-packages/cryptography/x509/extensions.py_key_identifier_from_public_key/s    r) field_namecs4tdfdd }fdd}fdd}|||fS)Nr cstt|Sr!)lengetattrselfr*r'r( len_methodHsz*_make_sequence_methods..len_methodcstt|Sr!)iterr.r/r*r'r( iter_methodKsz+_make_sequence_methods..iter_methodcst||Sr!)r.)r0idxr*r'r(getitem_methodNsz._make_sequence_methods..getitem_method)int)r+r1r3r5r'r*r(_make_sequence_methodsGs  r7cs&eZdZeeddfdd ZZS)DuplicateExtensionNmsgoidr cstt||||_dSr!)superr8__init__r;r0r:r; __class__r'r(r=UszDuplicateExtension.__init____name__ __module__ __qualname__strrr= __classcell__r'r'r?r(r8Tsr8cs&eZdZeeddfdd ZZS)ExtensionNotFoundNr9cstt||||_dSr!)r<rGr=r;r>r?r'r(r=[szExtensionNotFound.__init__rAr'r'r?r(rGZsrGc@s*eZdZUejeed<edddZdS)rr;r,cCstd|dS)z7 Serializes the extension type to DER. z8public_bytes is not implemented for extension type {0!r}N)NotImplementedErrorformatr/r'r'r(r#cs zExtensionType.public_bytesN) rBrCrDtypingClassVarr__annotations__bytesr#r'r'r'r(r`s ) metaclassc@sdeZdZejdddddZeddddZeje d d d d Z e d \Z Z ZedddZdS) ExtensionszExtension[ExtensionType]N) extensionsr cCst||_dSr!)list _extensions)r0rPr'r'r(r=oszExtensions.__init__)r;r cCs0|D]}|j|kr|Sqtd||dS)NNo {} extension was found)r;rGrI)r0r;extr'r'r(get_extension_for_oidts  z Extensions.get_extension_for_oidzExtension[ExtensionTypeVar])extclassr cCsD|turtd|D]}t|j|r|Sqtd||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.rS)UnrecognizedExtension TypeErrorr"valuerGrIr;)r0rVrTr'r'r(get_extension_for_class}s   z"Extensions.get_extension_for_classrRr,cCs d|jS)Nz)rIrRr/r'r'r(__repr__szExtensions.__repr__)rBrCrDrJIterabler=rrUTyperrZr7__len____iter__ __getitem__rEr[r'r'r'r(rOns   rOc@seZdZejZeddddZej e dddZ ej e ddd Z ed d d Z ed d dZeed ddZed ddZdS) CRLNumberN crl_numberr cCst|tstd||_dSNzcrl_number must be an integerr"r6rX _crl_numberr0rcr'r'r(r=s zCRLNumber.__init__otherr cCst|tstS|j|jkSr!)r"raNotImplementedrcr0rir'r'r(__eq__s zCRLNumber.__eq__cCs ||k Sr!r'rkr'r'r(__ne__szCRLNumber.__ne__r,cCs t|jSr!hashrcr/r'r'r(__hash__szCRLNumber.__hash__cCs d|jS)Nz)rIrcr/r'r'r(r[szCRLNumber.__repr__cCs|jSr!rfr/r'r'r(rcszCRLNumber.crl_numbercCs t|Sr! rust_x509Zencode_extension_valuer/r'r'r(r#szCRLNumber.public_bytes)rBrCrDrZ CRL_NUMBERr;r6r=rJAnyboolrlrmrprEr[propertyrcrMr#r'r'r'r(rasrac@seZdZejZejeejej e eje ddddZ e eddddZe ddd d d Zed d dZejedddZejedddZe d ddZeejed ddZeejeje d ddZeeje d ddZed ddZdS)AuthorityKeyIdentifierN)key_identifierauthority_cert_issuerauthority_cert_serial_numberr cCsr|du|dukrtd|durBt|}tdd|DsBtd|dur\t|ts\td||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdSr!r"r.0xr'r'r( sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) ValueErrorrQallrXr"r6_key_identifier_authority_cert_issuer_authority_cert_serial_number)r0rxryrzr'r'r(r=s* zAuthorityKeyIdentifier.__init__rcCst|}||dddSN)rxryrzr))clsrr%r'r'r(from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keySubjectKeyIdentifier)skir cCs||jdddSr)r%)rrr'r'r("from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifierr,cCs d|S)NzrIr/r'r'r(r[szAuthorityKeyIdentifier.__repr__rhcCs2t|tstS|j|jko0|j|jko0|j|jkSr!)r"rwrjrxryrzrkr'r'r(rls   zAuthorityKeyIdentifier.__eq__cCs ||k Sr!r'rkr'r'r(rmszAuthorityKeyIdentifier.__ne__cCs,|jdurd}n t|j}t|j||jfSr!)rytuplerorxrz)r0Zacir'r'r(rp s    zAuthorityKeyIdentifier.__hash__cCs|jSr!)rr/r'r'r(rxsz%AuthorityKeyIdentifier.key_identifiercCs|jSr!)rr/r'r'r(rysz,AuthorityKeyIdentifier.authority_cert_issuercCs|jSr!)rr/r'r'r(rzsz3AuthorityKeyIdentifier.authority_cert_serial_numbercCs t|Sr!rrr/r'r'r(r# sz#AuthorityKeyIdentifier.public_bytes)rBrCrDrZAUTHORITY_KEY_IDENTIFIERr;rJOptionalrMr\rr6r= classmethodr rrrEr[rtrurlrmrprvrxListryrzr#r'r'r'r(rws4 &    rwc@seZdZejZeddddZee ddddZ e edd d Z e edd d Z edd dZejedddZejedddZedddZedddZdS)rN)r%r cCs ||_dSr!Z_digest)r0r%r'r'r(r='szSubjectKeyIdentifier.__init__rcCs |t|Sr!r)rrr'r'r(from_public_key*sz$SubjectKeyIdentifier.from_public_keyr,cCs|jSr!rr/r'r'r(r%0szSubjectKeyIdentifier.digestcCs|jSr!rr/r'r'r(rx4sz#SubjectKeyIdentifier.key_identifiercCs d|jS)Nz$)rIr%r/r'r'r(r[8szSubjectKeyIdentifier.__repr__rhcCst|tstSt|j|jSr!)r"rrjrZbytes_eqr%rkr'r'r(rl;s zSubjectKeyIdentifier.__eq__cCs ||k Sr!r'rkr'r'r(rmAszSubjectKeyIdentifier.__ne__cCs t|jSr!)ror%r/r'r'r(rpDszSubjectKeyIdentifier.__hash__cCs t|Sr!rrr/r'r'r(r#Gsz!SubjectKeyIdentifier.public_bytes)rBrCrDrZSUBJECT_KEY_IDENTIFIERr;rMr=rr rrvr%rxrEr[rJrtrurlrmr6rpr#r'r'r'r(r$src@seZdZejZejdddddZe d\Z Z Z e ddd Zejed d d Zejed d dZedddZedddZdS)AuthorityInformationAccessAccessDescriptionN descriptionsr cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!r"rr|r'r'r(rRz6AuthorityInformationAccess.__init__..@Every item in the descriptions list must be an AccessDescriptionrQrrX _descriptionsr0rr'r'r(r=Ns z#AuthorityInformationAccess.__init__rr,cCs d|jS)Nz rIrr/r'r'r(r[\sz#AuthorityInformationAccess.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rl_s z!AuthorityInformationAccess.__eq__cCs ||k Sr!r'rkr'r'r(rmesz!AuthorityInformationAccess.__ne__cCstt|jSr!rorrr/r'r'r(rphsz#AuthorityInformationAccess.__hash__cCs t|Sr!rrr/r'r'r(r#ksz'AuthorityInformationAccess.public_bytes)rBrCrDrZAUTHORITY_INFORMATION_ACCESSr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(rKs rc@seZdZejZejdddddZe d\Z Z Z e ddd Zejed d d Zejed d dZedddZedddZdS)SubjectInformationAccessrNrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!rr|r'r'r(rvrz4SubjectInformationAccess.__init__..rrrr'r'r(r=rs z!SubjectInformationAccess.__init__rr,cCs d|jS)Nzrr/r'r'r(r[sz!SubjectInformationAccess.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rls zSubjectInformationAccess.__eq__cCs ||k Sr!r'rkr'r'r(rmszSubjectInformationAccess.__ne__cCstt|jSr!rr/r'r'r(rpsz!SubjectInformationAccess.__hash__cCs t|Sr!rrr/r'r'r(r#sz%SubjectInformationAccess.public_bytes)rBrCrDrZSUBJECT_INFORMATION_ACCESSr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(ros rc@seZdZeeddddZedddZej e dd d Z ej e dd d Z e dd dZeedddZeedddZdS)rN) access_methodaccess_locationr cCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)r"rrXr_access_method_access_location)r0rrr'r'r(r=s   zAccessDescription.__init__r,cCs d|S)NzYrr/r'r'r(r[szAccessDescription.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rls    zAccessDescription.__eq__cCs ||k Sr!r'rkr'r'r(rmszAccessDescription.__ne__cCst|j|jfSr!)rorrr/r'r'r(rpszAccessDescription.__hash__cCs|jSr!)rr/r'r'r(rszAccessDescription.access_methodcCs|jSr!)rr/r'r'r(rsz!AccessDescription.access_location)rBrCrDrrr=rEr[rJrtrurlrmr6rprvrrr'r'r'r(rs  rc@seZdZejZeeje ddddZ e edddZ e eje ddd Z edd d Zejed d dZejed ddZe dddZedddZdS)BasicConstraintsN)ca path_lengthr cCsXt|tstd|dur&|s&td|durHt|tr@|dkrHtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)r"rurXrr6_ca _path_length)r0rrr'r'r(r=s  zBasicConstraints.__init__r,cCs|jSr!)rr/r'r'r(rszBasicConstraints.cacCs|jSr!)rr/r'r'r(rszBasicConstraints.path_lengthcCs d|S)Nz:rr/r'r'r(r[szBasicConstraints.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rls zBasicConstraints.__eq__cCs ||k Sr!r'rkr'r'r(rmszBasicConstraints.__ne__cCst|j|jfSr!)rorrr/r'r'r(rpszBasicConstraints.__hash__cCs t|Sr!rrr/r'r'r(r#szBasicConstraints.public_bytes)rBrCrDrZBASIC_CONSTRAINTSr;rurJrr6r=rvrrrEr[rtrlrmrprMr#r'r'r'r(rsrc@seZdZejZeddddZeedddZ e j e dd d Z e j e dd d Zedd dZedddZedddZdS)DeltaCRLIndicatorNrbcCst|tstd||_dSrdrergr'r'r(r=s zDeltaCRLIndicator.__init__r,cCs|jSr!rqr/r'r'r(rcszDeltaCRLIndicator.crl_numberrhcCst|tstS|j|jkSr!)r"rrjrcrkr'r'r(rls zDeltaCRLIndicator.__eq__cCs ||k Sr!r'rkr'r'r(rmszDeltaCRLIndicator.__ne__cCs t|jSr!rnr/r'r'r(rpszDeltaCRLIndicator.__hash__cCs d|S)Nz.rr/r'r'r(r[szDeltaCRLIndicator.__repr__cCs t|Sr!rrr/r'r'r(r# szDeltaCRLIndicator.public_bytes)rBrCrDrZDELTA_CRL_INDICATORr;r6r=rvrcrJrtrurlrmrprEr[rMr#r'r'r'r(rsrc@seZdZejZejdddddZe d\Z Z Z e ddd Zejed d d Zejed d dZedddZedddZdS)CRLDistributionPointsDistributionPointNdistribution_pointsr cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!r"rr|r'r'r(rsz1CRLDistributionPoints.__init__..?distribution_points must be a list of DistributionPoint objectsrQrrX_distribution_pointsr0rr'r'r(r=szCRLDistributionPoints.__init__rr,cCs d|jS)NzrIrr/r'r'r(r[$szCRLDistributionPoints.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rl's zCRLDistributionPoints.__eq__cCs ||k Sr!r'rkr'r'r(rm-szCRLDistributionPoints.__ne__cCstt|jSr!rorrr/r'r'r(rp0szCRLDistributionPoints.__hash__cCs t|Sr!rrr/r'r'r(r#3sz"CRLDistributionPoints.public_bytes)rBrCrDrZCRL_DISTRIBUTION_POINTSr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(rs  rc@seZdZejZejdddddZe d\Z Z Z e ddd Zejed d d Zejed d dZedddZedddZdS) FreshestCRLrNrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!rr|r'r'r(r>sz'FreshestCRL.__init__..rrrr'r'r(r=:szFreshestCRL.__init__rr,cCs d|jS)Nzrr/r'r'r(r[LszFreshestCRL.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rlOs zFreshestCRL.__eq__cCs ||k Sr!r'rkr'r'r(rmUszFreshestCRL.__ne__cCstt|jSr!rr/r'r'r(rpXszFreshestCRL.__hash__cCs t|Sr!rrr/r'r'r(r#[szFreshestCRL.public_bytes)rBrCrDrZ FRESHEST_CRLr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r7s  rc@seZdZejejeejeejejdejejeddddZ e dddZ ej e d d d Zej e d d d ZedddZeejejedddZeejedddZeejejddddZeejejedddZdS)r ReasonFlagsN) full_name relative_namereasons crl_issuerr cCs|r|rtd|dur:t|}tdd|Ds:td|rPt|tsPtd|durzt|}tdd|Dsztd|rt|trtdd|Dstd |rtj|vstj |vrtd |r|s|s|std ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdSr!r{r|r'r'r(rorz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdSr!r{r|r'r'r(r|rz2crl_issuer must be None or a list of general namescss|]}t|tVqdSr!r"rr|r'r'r(rrz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)rrQrrXr"r frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r0rrrrr'r'r(r=`sV zDistributionPoint.__init__r,cCs d|S)Nz}rr/r'r'r(r[szDistributionPoint.__repr__rhcCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkSr!)r"rrjrrrrrkr'r'r(rls     zDistributionPoint.__eq__cCs ||k Sr!r'rkr'r'r(rmszDistributionPoint.__ne__cCsH|jdurt|j}nd}|jdur0t|j}nd}t||j|j|fSr!)rrrrorr)r0fnrr'r'r(rps  zDistributionPoint.__hash__cCs|jSr!rr/r'r'r(rszDistributionPoint.full_namecCs|jSr!rr/r'r'r(rszDistributionPoint.relative_namecCs|jSr!)rr/r'r'r(rszDistributionPoint.reasonscCs|jSr!)rr/r'r'r(rszDistributionPoint.crl_issuer)rBrCrDrJrr\rr FrozenSetr=rEr[rtrurlrmr6rprvrrrrrr'r'r'r(r_s$ ; rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rrZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) rBrCrDrkey_compromise ca_compromiseaffiliation_changedrcessation_of_operationcertificate_holdprivilege_withdrawn aa_compromiserr'r'r'r(rsr)c@seZdZejZejeejeddddZ e dddZ ej e dd d Zej e dd d Zedd dZeejedddZeejedddZedddZdS)PolicyConstraintsN)require_explicit_policyinhibit_policy_mappingr cCs\|durt|tstd|dur4t|ts4td|durL|durLtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)r"r6rXr_require_explicit_policy_inhibit_policy_mapping)r0rrr'r'r(r=s$  zPolicyConstraints.__init__r,cCs d|S)Nz{rr/r'r'r(r[szPolicyConstraints.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rls    zPolicyConstraints.__eq__cCs ||k Sr!r'rkr'r'r(rm'szPolicyConstraints.__ne__cCst|j|jfSr!)rorrr/r'r'r(rp*s zPolicyConstraints.__hash__cCs|jSr!)rr/r'r'r(r/sz)PolicyConstraints.require_explicit_policycCs|jSr!)rr/r'r'r(r3sz(PolicyConstraints.inhibit_policy_mappingcCs t|Sr!rrr/r'r'r(r#7szPolicyConstraints.public_bytes)rBrCrDrZPOLICY_CONSTRAINTSr;rJrr6r=rEr[rtrurlrmrprvrrrMr#r'r'r'r(rs  rc@seZdZejZejdddddZe d\Z Z Z e ddd Zejed d d Zejed d dZedddZedddZdS)CertificatePoliciesPolicyInformationN)policiesr cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!)r"rr|r'r'r(r@rz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rQrrX _policies)r0rr'r'r(r=>s zCertificatePolicies.__init__rr,cCs d|jS)Nz)rIrr/r'r'r(r[JszCertificatePolicies.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rlMs zCertificatePolicies.__eq__cCs ||k Sr!r'rkr'r'r(rmSszCertificatePolicies.__ne__cCstt|jSr!)rorrr/r'r'r(rpVszCertificatePolicies.__hash__cCs t|Sr!rrr/r'r'r(r#Ysz CertificatePolicies.public_bytes)rBrCrDrZCERTIFICATE_POLICIESr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(r;s rc@seZdZeejejejedfddddZ edddZ ej e d d d Z ej e d d d ZedddZeedddZeejejejedfdddZdS)r UserNoticeN)policy_identifierpolicy_qualifiersr cCsLt|tstd||_|durBt|}tdd|DsBtd||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|ttfVqdSr!)r"rErr|r'r'r(rlsz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)r"rrX_policy_identifierrQr_policy_qualifiers)r0rrr'r'r(r=^s zPolicyInformation.__init__r,cCs d|S)Nzerr/r'r'r(r[vszPolicyInformation.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rl|s    zPolicyInformation.__eq__cCs ||k Sr!r'rkr'r'r(rmszPolicyInformation.__ne__cCs(|jdurt|j}nd}t|j|fSr!)rrror)r0Zpqr'r'r(rps  zPolicyInformation.__hash__cCs|jSr!)rr/r'r'r(rsz#PolicyInformation.policy_identifiercCs|jSr!)rr/r'r'r(rsz#PolicyInformation.policy_qualifiers)rBrCrDrrJrr\UnionrEr=r[rtrurlrmr6rprvrrrr'r'r'r(r]s   rc@seZdZejdejeddddZedddZeje d d d Z eje d d d Z e dddZ eejddddZeejedddZdS)rNoticeReferenceN)notice_reference explicit_textr cCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)r"rrX_notice_reference_explicit_text)r0rrr'r'r(r=szUserNotice.__init__r,cCs d|S)NzVrr/r'r'r(r[szUserNotice.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rls    zUserNotice.__eq__cCs ||k Sr!r'rkr'r'r(rmszUserNotice.__ne__cCst|j|jfSr!)rorrr/r'r'r(rpszUserNotice.__hash__cCs|jSr!)rr/r'r'r(rszUserNotice.notice_referencecCs|jSr!)rr/r'r'r(rszUserNotice.explicit_text)rBrCrDrJrrEr=r[rtrurlrmr6rprvrrr'r'r'r(rs  rc@seZdZejeejeddddZedddZ ej e dd d Z ej e dd d Z edd dZeejedddZeejedddZdS)rN) organizationnotice_numbersr cCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdSr!)r"r6r|r'r'r(rrz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrQrrX_notice_numbers)r0rrr'r'r(r=s zNoticeReference.__init__r,cCs d|S)NzUrr/r'r'r(r[szNoticeReference.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rls    zNoticeReference.__eq__cCs ||k Sr!r'rkr'r'r(rmszNoticeReference.__ne__cCst|jt|jfSr!)rorrrr/r'r'r(rpszNoticeReference.__hash__cCs|jSr!)rr/r'r'r(rszNoticeReference.organizationcCs|jSr!)rr/r'r'r(rszNoticeReference.notice_numbers)rBrCrDrJrrEr\r6r=r[rtrurlrmrprvrrrr'r'r'r(rs  rc@seZdZejZejeddddZ e d\Z Z Z edddZejed d d Zejed d d ZedddZedddZdS)ExtendedKeyUsageN)usagesr cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!)r"rr|r'r'r(rrz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rQrrX_usages)r0rr'r'r(r=s zExtendedKeyUsage.__init__rr,cCs d|jS)Nz)rIrr/r'r'r(r[szExtendedKeyUsage.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rls zExtendedKeyUsage.__eq__cCs ||k Sr!r'rkr'r'r(rm szExtendedKeyUsage.__ne__cCstt|jSr!)rorrr/r'r'r(rpszExtendedKeyUsage.__hash__cCs t|Sr!rrr/r'r'r(r#szExtendedKeyUsage.public_bytes)rBrCrDrZEXTENDED_KEY_USAGEr;rJr\rr=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(rs rc@s`eZdZejZejedddZ ejedddZ e dddZ e dd d Zedd d Zd S) OCSPNoCheckrhcCst|tstSdSNT)r"rrjrkr'r'r(rls zOCSPNoCheck.__eq__cCs ||k Sr!r'rkr'r'r(rm szOCSPNoCheck.__ne__r,cCsttSr!)rorr/r'r'r(rp#szOCSPNoCheck.__hash__cCsdS)Nzr'r/r'r'r(r[&szOCSPNoCheck.__repr__cCs t|Sr!rrr/r'r'r(r#)szOCSPNoCheck.public_bytesN)rBrCrDrZ OCSP_NO_CHECKr;rJrtrurlrmr6rprEr[rMr#r'r'r'r(rs rc@s`eZdZejZejedddZ ejedddZ e dddZ e dd d Zedd d Zd S) PrecertPoisonrhcCst|tstSdSr)r"rrjrkr'r'r(rl0s zPrecertPoison.__eq__cCs ||k Sr!r'rkr'r'r(rm6szPrecertPoison.__ne__r,cCsttSr!)rorr/r'r'r(rp9szPrecertPoison.__hash__cCsdS)Nzr'r/r'r'r(r[<szPrecertPoison.__repr__cCs t|Sr!rrr/r'r'r(r#?szPrecertPoison.public_bytesN)rBrCrDrZPRECERT_POISONr;rJrtrurlrmr6rprEr[rMr#r'r'r'r(r-s rc@seZdZejZejdddddZe d\Z Z Z e ddd Zejed d d Zejed d dZedddZedddZdS) TLSFeatureTLSFeatureTypeN)featuresr cCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdSr!)r"rr|r'r'r(rIrz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rQrr-rX _features)r0rr'r'r(r=Fs zTLSFeature.__init__rr,cCs d|S)Nz$rr/r'r'r(r[UszTLSFeature.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rlXs zTLSFeature.__eq__cCs ||k Sr!r'rkr'r'r(rm^szTLSFeature.__ne__cCstt|jSr!)rorrr/r'r'r(rpaszTLSFeature.__hash__cCs t|Sr!rrr/r'r'r(r#dszTLSFeature.public_bytes)rBrCrDrZ TLS_FEATUREr;rJr\r=r7r^r_r`rEr[rtrurlrmr6rprMr#r'r'r'r(rCs rc@seZdZdZdZdS)rrN)rBrCrDZstatus_requestZstatus_request_v2r'r'r'r(rhsrcCsi|] }|j|qSr'rYr|r'r'r( srrc@seZdZejZeddddZedddZ e j e dd d Z e j e dd d Zedd dZeedddZedddZdS)InhibitAnyPolicyN) skip_certsr cCs,t|tstd|dkr"td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)r"r6rXr _skip_certs)r0rr'r'r(r=ys  zInhibitAnyPolicy.__init__r,cCs d|S)Nz-rr/r'r'r(r[szInhibitAnyPolicy.__repr__rhcCst|tstS|j|jkSr!)r"rrjrrkr'r'r(rls zInhibitAnyPolicy.__eq__cCs ||k Sr!r'rkr'r'r(rmszInhibitAnyPolicy.__ne__cCs t|jSr!)rorr/r'r'r(rpszInhibitAnyPolicy.__hash__cCs|jSr!)rr/r'r'r(rszInhibitAnyPolicy.skip_certscCs t|Sr!rrr/r'r'r(r#szInhibitAnyPolicy.public_bytes)rBrCrDrZINHIBIT_ANY_POLICYr;r6r=rEr[rJrtrurlrmrprvrrMr#r'r'r'r(rvs rc @s"eZdZejZeeeeeeeeedd ddZeedddZ eeddd Z eedd d Z eedd d Z eedddZ eedddZeedddZeedddZeedddZedddZejedddZejedddZeddd Zedd!d"ZdS)#KeyUsageN) digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyr c CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r0rrrrrrrrrr'r'r(r=s zKeyUsage.__init__r,cCs|jSr!)r r/r'r'r(rszKeyUsage.digital_signaturecCs|jSr!)r r/r'r'r(rszKeyUsage.content_commitmentcCs|jSr!)r r/r'r'r(rszKeyUsage.key_enciphermentcCs|jSr!)r r/r'r'r(rszKeyUsage.data_enciphermentcCs|jSr!)r r/r'r'r(rszKeyUsage.key_agreementcCs|jSr!)rr/r'r'r(rszKeyUsage.key_cert_signcCs|jSr!)rr/r'r'r(rszKeyUsage.crl_signcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrrr/r'r'r(rs zKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrrr/r'r'r(rs zKeyUsage.decipher_onlycCs:z|j}|j}Wnty*d}d}Yn0d|||S)NFa-)rrrrI)r0rrr'r'r(r[s   zKeyUsage.__repr__rhcCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kSr!) r"rrjrrrrrrrrrrkr'r'r(rls&          zKeyUsage.__eq__cCs ||k Sr!r'rkr'r'r(rm szKeyUsage.__ne__c Cs,t|j|j|j|j|j|j|j|j|j f Sr!) rorrrrrrrrrr/r'r'r(rpszKeyUsage.__hash__cCs t|Sr!rrr/r'r'r(r#szKeyUsage.public_bytes)rBrCrDrZ KEY_USAGEr;rur=rvrrrrrrrrrrEr[rJrtrlrmr6rprMr#r'r'r'r(rsF rc@seZdZejZejeje ejeje ddddZ ej e dddZ ej e ddd Zeje dd d d Zed ddZed ddZeejeje d ddZeejeje d ddZed ddZdS)NameConstraintsN)permitted_subtreesexcluded_subtreesr cCs|dur4t|}tdd|Ds*td|||durht|}tdd|Ds^td|||dur|durtd||_||_dS)Ncss|]}t|tVqdSr!r{r|r'r'r(r+rz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonecss|]}t|tVqdSr!r{r|r'r'r(r5rz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rQrrX_validate_ip_namer_permitted_subtrees_excluded_subtrees)r0rrr'r'r(r=$s(  zNameConstraints.__init__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rrjrrrkr'r'r(rlFs    zNameConstraints.__eq__cCs ||k Sr!r'rkr'r'r(rmOszNameConstraints.__ne__)treer cCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdSr!)r"rrY ipaddress IPv4Network IPv6Network)r}namer'r'r(rSs  z4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyrX)r0rr'r'r(rRs z!NameConstraints._validate_ip_namer,cCs d|S)Nzerr/r'r'r(r[_szNameConstraints.__repr__cCs@|jdurt|j}nd}|jdur0t|j}nd}t||fSr!)rrrro)r0Zpsesr'r'r(rpes  zNameConstraints.__hash__cCs|jSr!)rr/r'r'r(rvsz"NameConstraints.permitted_subtreescCs|jSr!)rr/r'r'r(r|sz!NameConstraints.excluded_subtreescCs t|Sr!rrr/r'r'r(r#szNameConstraints.public_bytes)rBrCrDrZNAME_CONSTRAINTSr;rJrr\rr=rtrurlrmrrEr[r6rprvrrrrMr#r'r'r'r(r!s" "  rc@seZdZeeeddddZeedddZeeddd Z eedd d Z e dd d Z e jedddZe jedddZedddZdS) ExtensionN)r;criticalrYr cCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)r"rrXru_oid _critical_value)r0r;r rYr'r'r(r=s  zExtension.__init__r,cCs|jSr!r!r/r'r'r(r;sz Extension.oidcCs|jSr!)r"r/r'r'r(r szExtension.criticalcCs|jSr!r#r/r'r'r(rYszExtension.valuecCs d|S)Nz@rr/r'r'r(r[szExtension.__repr__rhcCs2t|tstS|j|jko0|j|jko0|j|jkSr!)r"rrjr;r rYrkr'r'r(rls    zExtension.__eq__cCs ||k Sr!r'rkr'r'r(rmszExtension.__ne__cCst|j|j|jfSr!)ror;r rYr/r'r'r(rpszExtension.__hash__)rBrCrDrrurr=rvr;r rYrEr[rJrtrlrmr6rpr'r'r'r(rs  rc @seZdZejeddddZed\ZZ Z ej ej ej eej eej efejedddZej ej eejedd dZej ej eejedd dZej ej eejedd dZej ej eejedd dZej ej eej eej eej eej eej eej efej ejeejeejeejeejefdd dZedddZejedddZejedddZe dddZ!dS) GeneralNamesN general_namesr cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!r{r|r'r'r(rrz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rQrrX_general_namesr0r(r'r'r(r=s zGeneralNames.__init__r)typer cCsdSr!r'r0r,r'r'r(get_values_for_types z GeneralNames.get_values_for_typecCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scs0fdd|D}tkr(dd|DSt|S)Nc3s|]}t|r|VqdSr!)r"r}ir,r'r(rrz3GeneralNames.get_values_for_type..cSsg|] }|jqSr'rr/r'r'r( rz4GeneralNames.get_values_for_type..)rrQ)r0r,Zobjsr'r1r(r.sr,cCs d|jS)NzrIr)r/r'r'r(r[szGeneralNames.__repr__rhcCst|tstS|j|jkSr!)r"r&rjr)rkr'r'r(rls zGeneralNames.__eq__cCs ||k Sr!r'rkr'r'r(rmszGeneralNames.__ne__cCstt|jSr!)rorr)r/r'r'r(rpszGeneralNames.__hash__)"rBrCrDrJr\rr=r7r^r_r`overloadrr]r rrrrEr.r rrrrrrr[rtrurlrmr6rpr'r'r'r(r&sd    r&c @seZdZejZejeddddZ e d\Z Z Z ejejejeejeejefejedddZejejeejedd dZejejeejedd dZejejeejedd dZejejeejedd dZejejeejeejeejeejeejeejefejejeejeejeejeejefdd dZedddZeje dddZ!eje dddZ"e#dddZ$e%dddZ&dS)SubjectAlternativeNameNr'cCst||_dSr!r&r)r*r'r'r(r=szSubjectAlternativeName.__init__r)r+cCsdSr!r'r-r'r'r(r.s z*SubjectAlternativeName.get_values_for_typecCsdSr!r'r-r'r'r(r.(scCsdSr!r'r-r'r'r(r./scCsdSr!r'r-r'r'r(r.6scCsdSr!r'r-r'r'r(r.<scCs |j|Sr!r)r.r-r'r'r(r.Bsr,cCs d|jS)Nzr3r/r'r'r(r[VszSubjectAlternativeName.__repr__rhcCst|tstS|j|jkSr!)r"r5rjr)rkr'r'r(rlYs zSubjectAlternativeName.__eq__cCs ||k Sr!r'rkr'r'r(rm_szSubjectAlternativeName.__ne__cCs t|jSr!ror)r/r'r'r(rpbszSubjectAlternativeName.__hash__cCs t|Sr!rrr/r'r'r(r#esz#SubjectAlternativeName.public_bytes)'rBrCrDrZSUBJECT_ALTERNATIVE_NAMEr;rJr\rr=r7r^r_r`r4rr]r rrrrEr.r rrrrrrr[rtrurlrmr6rprMr#r'r'r'r(r5sh   r5c @seZdZejZejeddddZ e d\Z Z Z ejejejeejeejefejedddZejejeejedd dZejejeejedd dZejejeejedd dZejejeejedd dZejejeejeejeejeejeejeejefejejeejeejeejeejefdd dZedddZeje dddZ!eje dddZ"e#dddZ$e%dddZ&dS)IssuerAlternativeNameNr'cCst||_dSr!r6r*r'r'r(r=lszIssuerAlternativeName.__init__r)r+cCsdSr!r'r-r'r'r(r.qs z)IssuerAlternativeName.get_values_for_typecCsdSr!r'r-r'r'r(r.|scCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCs |j|Sr!r7r-r'r'r(r.sr,cCs d|jS)Nzr3r/r'r'r(r[szIssuerAlternativeName.__repr__rhcCst|tstS|j|jkSr!)r"r9rjr)rkr'r'r(rls zIssuerAlternativeName.__eq__cCs ||k Sr!r'rkr'r'r(rmszIssuerAlternativeName.__ne__cCs t|jSr!r8r/r'r'r(rpszIssuerAlternativeName.__hash__cCs t|Sr!rrr/r'r'r(r#sz"IssuerAlternativeName.public_bytes)'rBrCrDrZISSUER_ALTERNATIVE_NAMEr;rJr\rr=r7r^r_r`r4rr]r rrrrEr.r rrrrrrr[rtrurlrmr6rprMr#r'r'r'r(r9ish   r9c @seZdZejZejeddddZ e d\Z Z Z ejejejeejeejefejedddZejejeejedd dZejejeejedd dZejejeejedd dZejejeejedd dZejejeejeejeejeejeejeejefejejeejeejeejeejefdd dZedddZeje dddZ!eje dddZ"e#dddZ$e%dddZ&dS)CertificateIssuerNr'cCst||_dSr!r6r*r'r'r(r=szCertificateIssuer.__init__r)r+cCsdSr!r'r-r'r'r(r.s z%CertificateIssuer.get_values_for_typecCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCsdSr!r'r-r'r'r(r.scCs |j|Sr!r7r-r'r'r(r.sr,cCs d|jS)Nzr3r/r'r'r(r[szCertificateIssuer.__repr__rhcCst|tstS|j|jkSr!)r"r:rjr)rkr'r'r(rls zCertificateIssuer.__eq__cCs ||k Sr!r'rkr'r'r(rmszCertificateIssuer.__ne__cCs t|jSr!r8r/r'r'r(rp szCertificateIssuer.__hash__cCs t|Sr!rrr/r'r'r(r# szCertificateIssuer.public_bytes)'rBrCrDrZCERTIFICATE_ISSUERr;rJr\rr=r7r^r_r`r4rr]r rrrrEr.r rrrrrrr[rtrurlrmr6rprMr#r'r'r'r(r:sh   r:c@seZdZejZeddddZedddZ e j e dd d Z e j e dd d Zedd dZeedddZedddZdS) CRLReasonN)reasonr cCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)r"rrX_reason)r0r<r'r'r(r=s zCRLReason.__init__r,cCs d|jS)Nz)rIr=r/r'r'r(r[szCRLReason.__repr__rhcCst|tstS|j|jkSr!)r"r;rjr<rkr'r'r(rls zCRLReason.__eq__cCs ||k Sr!r'rkr'r'r(rm#szCRLReason.__ne__cCs t|jSr!)ror<r/r'r'r(rp&szCRLReason.__hash__cCs|jSr!)r=r/r'r'r(r<)szCRLReason.reasoncCs t|Sr!rrr/r'r'r(r#-szCRLReason.public_bytes)rBrCrDrZ CRL_REASONr;rr=rEr[rJrtrurlrmr6rprvr<rMr#r'r'r'r(r;sr;c@seZdZejZejddddZedddZ e j e dd d Z e j e dd d Zedd dZeejdddZedddZdS)InvalidityDateN)invalidity_dater cCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)r"datetimerX_invalidity_date)r0r?r'r'r(r=4s zInvalidityDate.__init__r,cCs d|jS)Nz$)rIrAr/r'r'r(r[:szInvalidityDate.__repr__rhcCst|tstS|j|jkSr!)r"r>rjr?rkr'r'r(rl?s zInvalidityDate.__eq__cCs ||k Sr!r'rkr'r'r(rmEszInvalidityDate.__ne__cCs t|jSr!)ror?r/r'r'r(rpHszInvalidityDate.__hash__cCs|jSr!)rAr/r'r'r(r?KszInvalidityDate.invalidity_datecCs t|Sr!rrr/r'r'r(r#OszInvalidityDate.public_bytes)rBrCrDrZINVALIDITY_DATEr;r@r=rEr[rJrtrurlrmr6rprvr?rMr#r'r'r'r(r>1sr>c@seZdZejZejeddddZ e d\Z Z Z edddZedd d Zejed d d Zejed ddZedddZdS))PrecertificateSignedCertificateTimestampsNsigned_certificate_timestampsr cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!r"r r}Zsctr'r'r(r]szEPrecertificateSignedCertificateTimestamps.__init__..YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamprQrrX_signed_certificate_timestampsr0rDr'r'r(r=Vsz2PrecertificateSignedCertificateTimestamps.__init__rIr,cCsdt|S)Nz/rIrQr/r'r'r(r[ksz2PrecertificateSignedCertificateTimestamps.__repr__cCstt|jSr!rorrIr/r'r'r(rppsz2PrecertificateSignedCertificateTimestamps.__hash__rhcCst|tstS|j|jkSr!)r"rBrjrIrkr'r'r(rlss  z0PrecertificateSignedCertificateTimestamps.__eq__cCs ||k Sr!r'rkr'r'r(rm|sz0PrecertificateSignedCertificateTimestamps.__ne__cCs t|Sr!rrr/r'r'r(r#sz6PrecertificateSignedCertificateTimestamps.public_bytes)rBrCrDrZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr;rJr\r r=r7r^r_r`rEr[r6rprtrurlrmrMr#r'r'r'r(rBSs   rBc@seZdZejZejeddddZ e d\Z Z Z edddZedd d Zejed d d Zejed ddZedddZdS)SignedCertificateTimestampsNrCcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr!rErFr'r'r(rsz7SignedCertificateTimestamps.__init__..rGrHrJr'r'r(r=sz$SignedCertificateTimestamps.__init__rIr,cCsdt|S)Nz!rKr/r'r'r(r[sz$SignedCertificateTimestamps.__repr__cCstt|jSr!rLr/r'r'r(rpsz$SignedCertificateTimestamps.__hash__rhcCst|tstS|j|jkSr!)r"rMrjrIrkr'r'r(rls  z"SignedCertificateTimestamps.__eq__cCs ||k Sr!r'rkr'r'r(rmsz"SignedCertificateTimestamps.__ne__cCs t|Sr!rrr/r'r'r(r#sz(SignedCertificateTimestamps.public_bytes)rBrCrDrZSIGNED_CERTIFICATE_TIMESTAMPSr;rJr\r r=r7r^r_r`rEr[r6rprtrurlrmrMr#r'r'r'r(rMs   rMc@seZdZejZeddddZej e dddZ ej e ddd Z e d d d Zed d dZeed ddZed ddZdS) OCSPNonceN)noncer cCst|tstd||_dS)Nznonce must be bytes)r"rMrX_nonce)r0rOr'r'r(r=s zOCSPNonce.__init__rhcCst|tstS|j|jkSr!)r"rNrjrOrkr'r'r(rls zOCSPNonce.__eq__cCs ||k Sr!r'rkr'r'r(rmszOCSPNonce.__ne__r,cCs t|jSr!)rorOr/r'r'r(rpszOCSPNonce.__hash__cCs d|S)Nzrr/r'r'r(r[szOCSPNonce.__repr__cCs|jSr!)rPr/r'r'r(rOszOCSPNonce.noncecCs t|Sr!rrr/r'r'r(r#szOCSPNonce.public_bytes)rBrCrDrZNONCEr;rMr=rJrtrurlrmr6rprEr[rvrOr#r'r'r'r(rNsrNc @s6eZdZejZejeje eje e e ejej e e e ddddZedddZeje dd d Zeje dd d Zedd dZeejeje dddZeeje dddZee dddZee dddZeejej e dddZee dddZee dddZedddZ dS)IssuingDistributionPointN)rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsr c Cs|durt|}|r8t|tr0tdd|Ds8td|rXtj|vsPtj|vrXtdt|t rt|t rt|t rt|t std||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_||_||_||_||_dS) Ncss|]}t|tVqdSr!rr|r'r'r(rrz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSr'r'r|r'r'r(r2rz5IssuingDistributionPoint.__init__..rzOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rQr"rrrXrrrrrur-r_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r0rrrRrSrTrUrVZcrl_constraintsr'r'r(r=st  z!IssuingDistributionPoint.__init__r,cCs d|S)NaGrr/r'r'r(r['sz!IssuingDistributionPoint.__repr__rhcCsbt|tstS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j |j kSr!) r"rQrjrrrRrSrTrUrVrkr'r'r(rl3s"       zIssuingDistributionPoint.__eq__cCs ||k Sr!r'rkr'r'r(rmBszIssuingDistributionPoint.__ne__cCs$t|j|j|j|j|j|j|jfSr!)rorrrRrSrTrUrVr/r'r'r(rpEsz!IssuingDistributionPoint.__hash__cCs|jSr!rr/r'r'r(rRsz"IssuingDistributionPoint.full_namecCs|jSr!rr/r'r'r(rVsz&IssuingDistributionPoint.relative_namecCs|jSr!)rWr/r'r'r(rRZsz1IssuingDistributionPoint.only_contains_user_certscCs|jSr!)rXr/r'r'r(rS^sz/IssuingDistributionPoint.only_contains_ca_certscCs|jSr!)r[r/r'r'r(rTbsz*IssuingDistributionPoint.only_some_reasonscCs|jSr!)rYr/r'r'r(rUhsz%IssuingDistributionPoint.indirect_crlcCs|jSr!)rZr/r'r'r(rVlsz6IssuingDistributionPoint.only_contains_attribute_certscCs t|Sr!rrr/r'r'r(r#psz%IssuingDistributionPoint.public_bytes)!rBrCrDrZISSUING_DISTRIBUTION_POINTr;rJrr\rrrurrr=rEr[rtrlrmr6rprvrrrrRrSrTrUrVrMr#r'r'r'r(rQs< S  rQc@seZdZeeddddZeedddZeeddd Ze dd d Z e j e d d dZe j e d ddZedddZedddZdS)rWN)r;rYr cCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)r"rrXr!r#)r0r;rYr'r'r(r=us zUnrecognizedExtension.__init__r,cCs|jSr!r$r/r'r'r(r;{szUnrecognizedExtension.oidcCs|jSr!r%r/r'r'r(rYszUnrecognizedExtension.valuecCs d|S)Nz7rr/r'r'r(r[szUnrecognizedExtension.__repr__rhcCs&t|tstS|j|jko$|j|jkSr!)r"rWrjr;rYrkr'r'r(rls zUnrecognizedExtension.__eq__cCs ||k Sr!r'rkr'r'r(rmszUnrecognizedExtension.__ne__cCst|j|jfSr!)ror;rYr/r'r'r(rpszUnrecognizedExtension.__hash__cCs|jSr!rr/r'r'r(r#sz"UnrecognizedExtension.public_bytes)rBrCrDrrMr=rvr;rYrEr[rJrtrurlrmr6rpr#r'r'r'r(rWtsrW)gabcr@r$rrJZ cryptographyrZ"cryptography.hazmat.bindings._rustrrrsZcryptography.hazmat.primitivesrrZ,cryptography.hazmat.primitives.asymmetric.ecrZ-cryptography.hazmat.primitives.asymmetric.rsarZ/cryptography.hazmat.primitives.asymmetric.typesr r Z*cryptography.x509.certificate_transparencyr Zcryptography.x509.general_namer r rrrrrrrZcryptography.x509.namerrZcryptography.x509.oidrrrrTypeVarrrMr)rEr7 Exceptionr8rGABCMetarobjectrOrarwrrrrrrrrrEnumrrrrrrrrrZ_REASON_BIT_MAPPINGrrrrrrrrrrZ_TLS_FEATURE_TYPE_TO_ENUMrrrGenericrr&r5r9r:r;r>rBrMrNrQrWr'r'r'r(s      ,   ' o'$$+1 ((s D"@.+!% # e3\TTT "0. $