a ϏPf)@s:ddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z ddl mZmZddlmZddlmZdd lmZmZdd lmZdd lmZmZmZmZmZmZm Z m!Z!m"Z"dd l#m$Z$m%Z%dd l&m'Z'm(Z(m)Z)m*Z*ej+ddddZ,dddddZ-ddddZ.Gddde/Z0Gddde/Z1Gdddej2d Z3Gd!d"d"Z4Gd#d$d$e3Z5Gd%d&d&e3Z6Gd'd(d(e3Z7Gd)d*d*e3Z8Gd+d,d,e3Z9Gd-d.d.Z:Gd/d0d0e3Z;Gd1d2d2e3ZGd7d8d8Z?Gd9d:d:ej@ZAeAjBeAjCeAjDeAjEeAjFeAjGeAjHeAjId;ZJeAjBdeAjEd?eAjFd@eAjGdAeAjHdBeAjIdCiZKGdDdEdEe3ZLGdFdGdGe3ZMGdHdIdIZNGdJdKdKZOGdLdMdMZPGdNdOdOe3ZQGdPdQdQe3ZRGdRdSdSe3ZSGdTdUdUe3ZTGdVdWdWej@ZUdXdYeUDZVGdZd[d[e3ZWGd\d]d]e3ZXGd^d_d_e3ZYGd`dadaejZe,Z[GdbdcdcZ\Gdddedee3Z]Gdfdgdge3Z^Gdhdidie3Z_Gdjdkdke3Z`Gdldmdme3ZaGdndodoe3ZbGdpdqdqe3ZcGdrdsdse3ZdGdtdudue3ZeGdvdwdwe3ZfGdxdydye3ZgGdzd{d{e3ZhdS)|) annotationsN)utils)asn1)x509) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)CertificateIssuerPublicKeyTypesCertificatePublicKeyTypes)SignedCertificateTimestamp) DirectoryNameDNSName GeneralName IPAddress OtherName RegisteredID RFC822NameUniformResourceIdentifier_IPAddressTypes)NameRelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDObjectIdentifierOCSPExtensionOIDExtensionTypeVar ExtensionTypeT)bound covariantr bytes public_keyreturncCslt|tr |tjjtjj}n>t|tr@|tjj tjj }n|tjjtjj }t |}t|SN) isinstancer public_bytesrZEncodingZDERZ PublicFormatZPKCS1rZX962ZUncompressedPointZSubjectPublicKeyInforZparse_spki_for_datahashlibsha1digest)r"dataZ serializedr+]/var/www/html/python-backend/venv/lib/python3.9/site-packages/cryptography/x509/extensions.py_key_identifier_from_public_key2s    r-str field_namecs4ddfdd }fdd}fdd}|||fS) Nintr#cstt|Sr$)lengetattrselfr/r+r, len_methodKsz*_make_sequence_methods..len_methodcstt|Sr$)iterr4r5r/r+r, iter_methodNsz+_make_sequence_methods..iter_methodcst||Sr$)r4)r6idxr/r+r,getitem_methodQsz._make_sequence_methods..getitem_methodr+)r0r7r9r;r+r/r,_make_sequence_methodsJs  r<cs&eZdZddddfdd ZZS)DuplicateExtensionr.rNonemsgoidr#cst|||_dSr$super__init__rAr6r@rA __class__r+r,rDXs zDuplicateExtension.__init____name__ __module__ __qualname__rD __classcell__r+r+rFr,r=Wsr=cs&eZdZddddfdd ZZS)ExtensionNotFoundr.rr>r?cst|||_dSr$rBrErFr+r,rD^s zExtensionNotFound.__init__rHr+r+rFr,rM]srMc@s$eZdZUded<ddddZdS)rz!typing.ClassVar[ObjectIdentifier]rAr r2cCstd|dS)z7 Serializes the extension type to DER. z3public_bytes is not implemented for extension type N)NotImplementedErrorr5r+r+r,r&fszExtensionType.public_bytesN)rIrJrK__annotations__r&r+r+r+r,rcs ) metaclassc@sXeZdZdddddZdddd d Zd d d ddZed\ZZZ ddddZ dS) Extensionsz)typing.Iterable[Extension[ExtensionType]]r>) extensionsr#cCst||_dSr$)list _extensions)r6rRr+r+r,rDpszExtensions.__init__rzExtension[ExtensionType])rAr#cCs2|D]}|j|kr|Sqtd|d|dS)NNo  extension was found)rArM)r6rAextr+r+r,get_extension_for_oidus  z Extensions.get_extension_for_oidztype[ExtensionTypeVar]zExtension[ExtensionTypeVar])extclassr#cCsF|turtd|D]}t|j|r|Sqtd|d|jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.rUrV)UnrecognizedExtension TypeErrorr%valuerMrA)r6rYrWr+r+r,get_extension_for_class~s  z"Extensions.get_extension_for_classrTr.r2cCsd|jdS)Nz )rTr5r+r+r,__repr__szExtensions.__repr__N) rIrJrKrDrXr]r<__len____iter__ __getitem__r_r+r+r+r,rQos  rQc@sneZdZejZdddddZdddd d Zdd d d Zdd ddZ e dd ddZ dd ddZ dS) CRLNumberr1r> crl_numberr#cCst|tstd||_dSNzcrl_number must be an integerr%r1r[ _crl_numberr6rer+r+r,rDs zCRLNumber.__init__objectboolotherr#cCst|tstS|j|jkSr$)r%rcNotImplementedrer6rmr+r+r,__eq__s zCRLNumber.__eq__r2cCs t|jSr$hashrer5r+r+r,__hash__szCRLNumber.__hash__r.cCsd|jdS)Nz )key_identifierauthority_cert_issuerauthority_cert_serial_numberr#cCsr|du|dukrtd|durBt|}tdd|DsBtd|dur\t|ts\td||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdSr$r%r.0xr+r+r, sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) ValueErrorrSallr[r%r1_key_identifier_authority_cert_issuer_authority_cert_serial_number)r6r|r}r~r+r+r,rDs* zAuthorityKeyIdentifier.__init__r r!cCst|}||dddSNr|r}r~r-)clsr"r)r+r+r,from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keySubjectKeyIdentifier)skir#cCs||jdddSrr))rrr+r+r,"from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifierr.r2cCsd|jd|jd|jdS)Nz')r)r#cCs ||_dSr$Z_digest)r6r)r+r+r,rD"szSubjectKeyIdentifier.__init__r r!cCs |t|Sr$r)rr"r+r+r,from_public_key%sz$SubjectKeyIdentifier.from_public_keyr2cCs|jSr$rr5r+r+r,r)+szSubjectKeyIdentifier.digestcCs|jSr$rr5r+r+r,r|/sz#SubjectKeyIdentifier.key_identifierr.cCsd|jdS)Nz descriptionsr#cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$r%AccessDescriptionrr+r+r,rJz6AuthorityInformationAccess.__init__..@Every item in the descriptions list must be an AccessDescriptionrSrr[ _descriptionsr6rr+r+r,rDFs z#AuthorityInformationAccess.__init__rr.r2cCsd|jdS)NzrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$rrr+r+r,rkrz4SubjectInformationAccess.__init__..rrrr+r+r,rDgs z!SubjectInformationAccess.__init__rr.r2cCsd|jdS)Nz) access_methodaccess_locationr#cCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)r%rr[r_access_method_access_location)r6rrr+r+r,rDs   zAccessDescription.__init__r.r2cCs d|S)NzYformatr5r+r+r,r_szAccessDescription.__repr__rjrkrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rps    zAccessDescription.__eq__r1cCst|j|jfSr$)rrrrr5r+r+r,rsszAccessDescription.__hash__cCs|jSr$)rr5r+r+r,rszAccessDescription.access_methodcCs|jSr$)rr5r+r+r,rsz!AccessDescription.access_locationN) rIrJrKrDr_rprsrxrrr+r+r+r,rs  rc@seZdZejZddddddZedddd Zeddd d Z d dd dZ dddddZ ddddZ ddddZ dS)BasicConstraintsrkr{r>)ca path_lengthr#cCsXt|tstd|dur&|s&td|durHt|tr@|dkrHtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)r%rkr[rr1_ca _path_length)r6rrr+r+r,rDs  zBasicConstraints.__init__r2cCs|jSr$)rr5r+r+r,rszBasicConstraints.cacCs|jSr$)rr5r+r+r,rszBasicConstraints.path_lengthr.cCs d|S)Nz:rr5r+r+r,r_szBasicConstraints.__repr__rjrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rps zBasicConstraints.__eq__r1cCst|j|jfSr$)rrrrr5r+r+r,rsszBasicConstraints.__hash__r cCs t|Sr$rvr5r+r+r,r&szBasicConstraints.public_bytesN)rIrJrKrZBASIC_CONSTRAINTSrArDrxrrr_rprsr&r+r+r+r,rsrc@sneZdZejZdddddZeddddZd d d d d Z ddddZ ddddZ ddddZ dS)DeltaCRLIndicatorr1r>rdcCst|tstd||_dSrfrgrir+r+r,rDs zDeltaCRLIndicator.__init__r2cCs|jSr$rur5r+r+r,reszDeltaCRLIndicator.crl_numberrjrkrlcCst|tstS|j|jkSr$)r%rrnreror+r+r,rps zDeltaCRLIndicator.__eq__cCs t|jSr$rqr5r+r+r,rsszDeltaCRLIndicator.__hash__r.cCsd|jdS)Nzdistribution_pointsr#cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$r%DistributionPointrr+r+r,rsz1CRLDistributionPoints.__init__..?distribution_points must be a list of DistributionPoint objectsrSrr[_distribution_pointsr6rr+r+r,rDszCRLDistributionPoints.__init__rr.r2cCsd|jdS)NzrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$rrr+r+r,r$sz'FreshestCRL.__init__..rrrr+r+r,rD szFreshestCRL.__init__rr.r2cCsd|jdS)Nz szFreshestCRL.public_bytesN)rIrJrKrZ FRESHEST_CRLrArDr<r`rarbr_rprsr&r+r+r+r,rs rc@seZdZddddddddZdd d d Zd d dddZdd ddZedd ddZedd ddZ edd ddZ edd ddZ dS)rrz RelativeDistinguishedName | Nonefrozenset[ReasonFlags] | Noner>) full_name relative_namereasons crl_issuerr#cCs|r|rtd|s$|s$|s$td|durNt|}tdd|DsNtd|rdt|tsdtd|durt|}tdd|Dstd|rt|trtd d|Dstd |rtj|vstj |vrtd ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.z?Either full_name, relative_name or crl_issuer must be provided.css|]}t|tVqdSr$rrr+r+r,rWrz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdSr$rrr+r+r,rdrz2crl_issuer must be None or a list of general namescss|]}t|tVqdSr$r% ReasonFlagsrr+r+r,rkrz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPoint)rrSrr[r%r frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r6rrrrr+r+r,rDCsV  zDistributionPoint.__init__r.r2cCs d|S)Nz}rr5r+r+r,r_}szDistributionPoint.__repr__rjrkrlcCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkSr$)r%rrnrrrrror+r+r,rps     zDistributionPoint.__eq__r1cCsH|jdurt|j}nd}|jdur0t|j}nd}t||j|j|fSr$)rrrrrrr)r6fnrr+r+r,rss    zDistributionPoint.__hash__rcCs|jSr$rr5r+r+r,rszDistributionPoint.full_namecCs|jSr$rr5r+r+r,rszDistributionPoint.relative_namecCs|jSr$)rr5r+r+r,rszDistributionPoint.reasonscCs|jSr$)rr5r+r+r,rszDistributionPoint.crl_issuerN) rIrJrKrDr_rprsrxrrrrr+r+r+r,rBs:  rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rrZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) rIrJrKrkey_compromise ca_compromiseaffiliation_changedrcessation_of_operationcertificate_holdprivilege_withdrawn aa_compromiserr+r+r+r,rsr)rrrrrrrrc@seZdZejZddddddZdddd Zd d d d dZddddZ e ddddZ e ddddZ ddddZ dS)PolicyConstraintsr{r>)require_explicit_policyinhibit_policy_mappingr#cCs\|durt|tstd|dur4t|ts4td|durL|durLtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)r%r1r[r_require_explicit_policy_inhibit_policy_mapping)r6rrr+r+r,rDs$  zPolicyConstraints.__init__r.r2cCs d|S)Nz{rr5r+r+r,r_szPolicyConstraints.__repr__rjrkrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rps    zPolicyConstraints.__eq__r1cCst|j|jfSr$)rrrrr5r+r+r,rs s zPolicyConstraints.__hash__cCs|jSr$)rr5r+r+r,rsz)PolicyConstraints.require_explicit_policycCs|jSr$)rr5r+r+r,rsz(PolicyConstraints.inhibit_policy_mappingr cCs t|Sr$rvr5r+r+r,r&szPolicyConstraints.public_bytesN)rIrJrKrZPOLICY_CONSTRAINTSrArDr_rprsrxrrr&r+r+r+r,rs rc@sjeZdZejZdddddZed\ZZ Z ddd d Z d d d ddZ ddddZ ddddZdS)CertificatePoliciesz"typing.Iterable[PolicyInformation]r>)policiesr#cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$)r%PolicyInformationrr+r+r,r#rz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rSrr[ _policies)r6rr+r+r,rD!s zCertificatePolicies.__init__rr.r2cCsd|jdS)Nz)policy_identifierpolicy_qualifiersr#cCsLt|tstd||_|durBt|}tdd|DsBtd||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|ttfVqdSr$)r%r. UserNoticerr+r+r,rJsz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)r%rr[_policy_identifierrSr_policy_qualifiers)r6rrr+r+r,rD>s zPolicyInformation.__init__r.r2cCs d|S)Nzerr5r+r+r,r_TszPolicyInformation.__repr__rjrkrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rpZs    zPolicyInformation.__eq__r1cCs(|jdurt|j}nd}t|j|fSr$)rrrrr)r6Zpqr+r+r,rscs  zPolicyInformation.__hash__cCs|jSr$)rr5r+r+r,rmsz#PolicyInformation.policy_identifierzlist[str | UserNotice] | NonecCs|jSr$)rr5r+r+r,rqsz#PolicyInformation.policy_qualifiersN) rIrJrKrDr_rprsrxrrr+r+r+r,r=s  rc@sneZdZddddddZddd d Zd d d ddZddddZeddddZeddddZ dS)rzNoticeReference | None str | Noner>)notice_reference explicit_textr#cCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)r%NoticeReferencer[_notice_reference_explicit_text)r6rrr+r+r,rDyszUserNotice.__init__r.r2cCs d|S)NzVrr5r+r+r,r_szUserNotice.__repr__rjrkrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rps    zUserNotice.__eq__r1cCst|j|jfSr$)rrrrr5r+r+r,rsszUserNotice.__hash__cCs|jSr$)rr5r+r+r,rszUserNotice.notice_referencecCs|jSr$)rr5r+r+r,rszUserNotice.explicit_textN) rIrJrKrDr_rprsrxrrr+r+r+r,rxs rc@sneZdZddddddZddd d Zd d d ddZddddZeddddZeddddZ dS)rrztyping.Iterable[int]r>) organizationnotice_numbersr#cCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdSr$)r%r1rr+r+r,rrz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrSrr[_notice_numbers)r6rrr+r+r,rDs zNoticeReference.__init__r.r2cCs d|S)NzUrr5r+r+r,r_szNoticeReference.__repr__rjrkrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rps    zNoticeReference.__eq__r1cCst|jt|jfSr$)rrrrrr5r+r+r,rsszNoticeReference.__hash__cCs|jSr$)rr5r+r+r,rszNoticeReference.organizationz list[int]cCs|jSr$)rr5r+r+r,rszNoticeReference.notice_numbersN) rIrJrKrDr_rprsrxrrr+r+r+r,rs  rc@sjeZdZejZdddddZed\ZZ Z ddd d Z d d d ddZ ddddZ ddddZdS)ExtendedKeyUsage!typing.Iterable[ObjectIdentifier]r>)usagesr#cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$r%rrr+r+r,rrz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rSrr[_usages)r6rr+r+r,rDs zExtendedKeyUsage.__init__rr.r2cCsd|jdS)Nzr+r5r+r+r,r_szOCSPNoCheck.__repr__r cCs t|Sr$rvr5r+r+r,r&szOCSPNoCheck.public_bytesN) rIrJrKrZ OCSP_NO_CHECKrArprsr_r&r+r+r+r,rs rc@sLeZdZejZdddddZdddd Zd dd d Zd dddZ dS) PrecertPoisonrjrkrlcCst|tstSdSr)r%rrnror+r+r,rps zPrecertPoison.__eq__r1r2cCsttSr$)rrrr5r+r+r,rsszPrecertPoison.__hash__r.cCsdS)Nzr+r5r+r+r,r_szPrecertPoison.__repr__r cCs t|Sr$rvr5r+r+r,r& szPrecertPoison.public_bytesN) rIrJrKrZPRECERT_POISONrArprsr_r&r+r+r+r,rs rc@sjeZdZejZdddddZed\ZZ Z ddd d Z d d d ddZ ddddZ ddddZdS) TLSFeatureztyping.Iterable[TLSFeatureType]r>)featuresr#cCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdSr$)r%TLSFeatureTyperr+r+r,rrz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rSrr3r[ _features)r6rr+r+r,rDs zTLSFeature.__init__rr.r2cCsd|jdS)Nz<rrc@sneZdZejZdddddZdddd Zd d d d dZddddZ e ddddZ ddddZ dS)InhibitAnyPolicyr1r>) skip_certsr#cCs,t|tstd|dkr"td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)r%r1r[r _skip_certs)r6rr+r+r,rDBs  zInhibitAnyPolicy.__init__r.r2cCsd|jdS)Nz) digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyr#c CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r6r r r rrrrrrr+r+r,rDbs zKeyUsage.__init__r2cCs|jSr$)rr5r+r+r,r ~szKeyUsage.digital_signaturecCs|jSr$)rr5r+r+r,r szKeyUsage.content_commitmentcCs|jSr$)rr5r+r+r,r szKeyUsage.key_enciphermentcCs|jSr$)rr5r+r+r,rszKeyUsage.data_enciphermentcCs|jSr$)rr5r+r+r,rszKeyUsage.key_agreementcCs|jSr$)rr5r+r+r,rszKeyUsage.key_cert_signcCs|jSr$)rr5r+r+r,rszKeyUsage.crl_signcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rrrr5r+r+r,rs zKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rrrr5r+r+r,rs zKeyUsage.decipher_onlyr.cCsvz|j}|j}Wnty*d}d}Yn0d|jd|jd|jd|jd|jd|jd|j d |d |d S) NFz)permitted_subtreesexcluded_subtreesr#cCs|dur@t|}|stdtdd|Ds6td|||durt|}|s\tdtdd|Dsvtd|||dur|durtd||_||_dS) Nz3permitted_subtrees must be a non-empty list or Nonecss|]}t|tVqdSr$rrr+r+r,rrz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonez2excluded_subtrees must be a non-empty list or Nonecss|]}t|tVqdSr$rrr+r+r,rrz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rSrrr[_validate_tree_permitted_subtrees_excluded_subtrees)r6rrr+r+r,rDs8  zNameConstraints.__init__rjrkrlcCs&t|tstS|j|jko$|j|jkSr$)r%rrnrrror+r+r,rps    zNameConstraints.__eq__typing.Iterable[GeneralName])treer#cCs||||dSr$)_validate_ip_name_validate_dns_namer6r$r+r+r,r s zNameConstraints._validate_treecCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdSr$)r%rr\ ipaddress IPv4Network IPv6Networkrnamer+r+r,rs  z4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyr[r'r+r+r,r%s z!NameConstraints._validate_ip_namecCstdd|DrtddS)Ncss"|]}t|tod|jvVqdS)*N)r%rr\r+r+r+r,r,sz5NameConstraints._validate_dns_name..zDDNSName name constraints must not contain the '*' wildcard character)r-rr'r+r+r,r&+s z"NameConstraints._validate_dns_namer.r2cCsd|jd|jdS)Nz$)rAcriticalr\r#cCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)r%rr[rk_oid _critical_value)r6rAr1r\r+r+r,rDXs  zExtension.__init__r2cCs|jSr$r2r5r+r+r,rAgsz Extension.oidcCs|jSr$)r3r5r+r+r,r1kszExtension.criticalcCs|jSr$r4r5r+r+r,r\oszExtension.valuer.cCsd|jd|jd|jdS)Nz general_namesr#cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$rrr+r+r,rrz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rSrr[_general_namesr6r:r+r+r,rDs zGeneralNames.__init__r;Btype[DNSName] | type[UniformResourceIdentifier] | type[RFC822Name] list[str]typer#cCsdSr$r+r6r@r+r+r,get_values_for_typesz GeneralNames.get_values_for_typetype[DirectoryName] list[Name]cCsdSr$r+rAr+r+r,rBstype[RegisteredID]list[ObjectIdentifier]cCsdSr$r+rAr+r+r,rBstype[IPAddress]list[_IPAddressTypes]cCsdSr$r+rAr+r+r,rBstype[OtherName]list[OtherName]cCsdSr$r+rAr+r+r,rBstype[DNSName] | type[DirectoryName] | type[IPAddress] | type[OtherName] | type[RFC822Name] | type[RegisteredID] | type[UniformResourceIdentifier]Ylist[_IPAddressTypes] | list[str] | list[OtherName] | list[Name] | list[ObjectIdentifier]cs0fdd|D}tkr(dd|DSt|S)Nc3s|]}t|r|VqdSr$)r%rir@r+r,rrz3GeneralNames.get_values_for_type..cSsg|] }|jqSr+rrMr+r+r, rz4GeneralNames.get_values_for_type..)rrS)r6r@Zobjsr+rOr,rBsr.r2cCsd|jdS)Nzr9cCst||_dSr$r8r;r<r+r+r,rDszSubjectAlternativeName.__init__r;r=r>r?cCsdSr$r+rAr+r+r,rBsz*SubjectAlternativeName.get_values_for_typerCrDcCsdSr$r+rAr+r+r,rBsrErFcCsdSr$r+rAr+r+r,rBsrGrHcCsdSr$r+rAr+r+r,rBsrIrJcCsdSr$r+rAr+r+r,rBsrKrLcCs |j|Sr$r;rBrAr+r+r,rBsr.r2cCsd|jdS)Nzr9cCst||_dSr$rUr<r+r+r,rD(szIssuerAlternativeName.__init__r;r=r>r?cCsdSr$r+rAr+r+r,rB-sz)IssuerAlternativeName.get_values_for_typerCrDcCsdSr$r+rAr+r+r,rB6srErFcCsdSr$r+rAr+r+r,rB=srGrHcCsdSr$r+rAr+r+r,rBDsrIrJcCsdSr$r+rAr+r+r,rBJsrKrLcCs |j|Sr$rVrAr+r+r,rBNsr.r2cCsd|jdS)Nzr9cCst||_dSr$rUr<r+r+r,rDsszCertificateIssuer.__init__r;r=r>r?cCsdSr$r+rAr+r+r,rBxsz%CertificateIssuer.get_values_for_typerCrDcCsdSr$r+rAr+r+r,rBsrErFcCsdSr$r+rAr+r+r,rBsrGrHcCsdSr$r+rAr+r+r,rBsrIrJcCsdSr$r+rAr+r+r,rBsrKrLcCs |j|Sr$rVrAr+r+r,rBsr.r2cCsd|jdS)Nz)reasonr#cCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)r%rr[_reason)r6r[r+r+r,rDs zCRLReason.__init__r.r2cCsd|jdS)Nz)invalidity_dater#cCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)r%datetimer[_invalidity_date)r6r_r+r+r,rDs zInvalidityDate.__init__r.r2cCsd|jdS)Nz signed_certificate_timestampsr#cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$r%r rZsctr+r+r,rszEPrecertificateSignedCertificateTimestamps.__init__..YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamprSrr[_signed_certificate_timestampsr6rfr+r+r,rDsz2PrecertificateSignedCertificateTimestamps.__init__rkr.r2cCsdt|dS)Nz+recCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr$rgrhr+r+r,r*sz7SignedCertificateTimestamps.__init__..rirjrlr+r+r,rD#sz$SignedCertificateTimestamps.__init__rkr.r2cCsdt|dS)Nzs  z"SignedCertificateTimestamps.__eq__r cCs t|Sr$rvr5r+r+r,r&Gsz(SignedCertificateTimestamps.public_bytesN)rIrJrKrZSIGNED_CERTIFICATE_TIMESTAMPSrArDr<r`rarbr_rsrpr&r+r+r+r,ro s  roc@sneZdZejZdddddZdddd d Zd d d dZdd ddZ e dd ddZ dd ddZ dS) OCSPNoncer r>)noncer#cCst|tstd||_dS)Nznonce must be bytes)r%r r[_nonce)r6rqr+r+r,rDNs zOCSPNonce.__init__rjrkrlcCst|tstS|j|jkSr$)r%rprnrqror+r+r,rpTs zOCSPNonce.__eq__r1r2cCs t|jSr$)rrrqr5r+r+r,rsZszOCSPNonce.__hash__r.cCsd|jdS)Nz) responsesr#cCs,t|}tdd|Dr"td||_dS)Ncss|]}t|t VqdSr$r)rrr+r+r,rmrz3OCSPAcceptableResponses.__init__..z'All responses must be ObjectIdentifiers)rSr-r[ _responses)r6rtr+r+r,rDksz OCSPAcceptableResponses.__init__rjrkrlcCst|tstS|j|jkSr$)r%rsrnrvror+r+r,rprs zOCSPAcceptableResponses.__eq__r1r2cCstt|jSr$)rrrrvr5r+r+r,rsxsz OCSPAcceptableResponses.__hash__r.cCsd|jdS)Nz#)rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsr#c Cs|durt|}|r8t|tr0tdd|Ds8td|rXtj|vsPtj|vrXtdt|t rt|t rt|t rt|t std||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_||_||_||_||_dS) Ncss|]}t|tVqdSr$rrr+r+r,rrz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSr+r+rr+r+r,rPrz5IssuingDistributionPoint.__init__..rzOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rSr%rrr[rrrrrkr3r-_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r6rrrxryrzr{r|Zcrl_constraintsr+r+r,rDst  z!IssuingDistributionPoint.__init__r.r2cCs>d|jd|jd|jd|jd|jd|jd|jdS) Nz$) template_id major_version minor_versionr#cCsTt|tstd||_|dur*t|tr<|durDt|tsDtd||_||_dS)Noid must be an ObjectIdentifierz8major_version and minor_version must be integers or None)r%rr[ _template_idr1_major_version_minor_version)r6rrrr+r+r,rD(s  zMSCertificateTemplate.__init__r2cCs|jSr$)rr5r+r+r,r<sz!MSCertificateTemplate.template_idcCs|jSr$)rr5r+r+r,r@sz#MSCertificateTemplate.major_versioncCs|jSr$)rr5r+r+r,rDsz#MSCertificateTemplate.minor_versionr.cCsd|jd|jd|jdS)Nz#)rAr\r#cCs"t|tstd||_||_dS)Nr)r%rr[r2r4)r6rAr\r+r+r,rDas zUnrecognizedExtension.__init__r2cCs|jSr$r5r5r+r+r,rAgszUnrecognizedExtension.oidcCs|jSr$r6r5r+r+r,r\kszUnrecognizedExtension.valuer.cCsd|jd|jdS)Nzs       ,   'l$!!(.%%k  A;+("  s0SKKK++!;