U c$@sddlZddlZddlZddlZddlZddlmZddlmZddlm Z ddl m Z m Z ddlmZddlmZddlmZmZdd lmZdd lmZmZmZmZmZmZmZmZm Z dd l!m"Z"m#Z#dd l$m%Z%m&Z&m'Z'm(Z(ej)d dddZ*ee+dddZ,e-dddZ.Gddde/Z0Gddde/Z1Gdddej2dZ3GdddZ4Gdd d e3Z5Gd!d"d"e3Z6Gd#d$d$e3Z7Gd%d&d&e3Z8Gd'd(d(e3Z9Gd)d*d*Z:Gd+d,d,e3Z;Gd-d.d.e3ZGd3d4d4Z?Gd5d6d6ej@ZAeAjBeAjCeAjDeAjEeAjFeAjGeAjHeAjId7ZJeAjBd8eAjCd9eAjDd:eAjEd;eAjFdeAjId?iZKGd@dAdAe3ZLGdBdCdCe3ZMGdDdEdEZNGdFdGdGZOGdHdIdIZPGdJdKdKe3ZQGdLdMdMe3ZRGdNdOdOe3ZSGdPdQdQe3ZTGdRdSdSej@ZUdTdUeUDZVGdVdWdWe3ZWGdXdYdYe3ZXGdZd[d[e3ZYGd\d]d]ejZe*Z[Gd^d_d_Z\Gd`dadae3Z]Gdbdcdce3Z^Gdddedee3Z_Gdfdgdge3Z`Gdhdidie3ZaGdjdkdke3ZbGdldmdme3ZcGdndodoe3ZdGdpdqdqe3ZeGdrdsdse3ZfdS)tN)utils)asn1)x509) constant_time serialization)EllipticCurvePublicKey) RSAPublicKey)#CERTIFICATE_ISSUER_PUBLIC_KEY_TYPESCERTIFICATE_PUBLIC_KEY_TYPES)SignedCertificateTimestamp) DNSName DirectoryName GeneralName IPAddress OtherName RFC822Name RegisteredIDUniformResourceIdentifier_IPADDRESS_TYPES)NameRelativeDistinguishedName)CRLEntryExtensionOID ExtensionOIDOCSPExtensionOIDObjectIdentifierExtensionTypeVar ExtensionTypeT)ZboundZ covariant public_keyreturncCslt|tr |tjjtjj}n>t|tr@|tjj tjj }n|tjjtjj }t |}t|SN) isinstancer public_bytesrZEncodingZDERZ PublicFormatZPKCS1rZX962ZUncompressedPointZSubjectPublicKeyInforZparse_spki_for_datahashlibZsha1digest)rdataZ serializedr&;lib/python3.8/site-packages/cryptography/x509/extensions.py_key_identifier_from_public_key1s    r( field_namecs4tdfdd }fdd}fdd}|||fS)Nrcstt|Sr )lengetattrselfr)r&r' len_methodJsz*_make_sequence_methods..len_methodcstt|Sr )iterr-r.r)r&r' iter_methodMsz+_make_sequence_methods..iter_methodcst||Sr )r-)r/idxr)r&r'getitem_methodPsz._make_sequence_methods..getitem_method)int)r*r0r2r4r&r)r'_make_sequence_methodsIs  r6cs&eZdZeeddfdd ZZS)DuplicateExtensionNmsgoidrcstt||||_dSr )superr7__init__r:r/r9r: __class__r&r'r<WszDuplicateExtension.__init____name__ __module__ __qualname__strrr< __classcell__r&r&r>r'r7Vsr7cs&eZdZeeddfdd ZZS)ExtensionNotFoundNr8cstt||||_dSr )r;rFr<r:r=r>r&r'r<]szExtensionNotFound.__init__r@r&r&r>r'rF\srFc@s*eZdZUejeed<edddZdS)rr:r+cCstd|dS)z7 Serializes the extension type to DER. z8public_bytes is not implemented for extension type {0!r}N)NotImplementedErrorformatr.r&r&r'r"es zExtensionType.public_bytesN) rArBrCtypingZClassVarr__annotations__bytesr"r&r&r&r'rbs ) metaclassc@sdeZdZejdddddZeddddZeje d d d d Z e d \Z Z ZedddZdS) ExtensionszExtension[ExtensionType]N) extensionsrcCst||_dSr )list _extensions)r/rNr&r&r'r<qszExtensions.__init__)r:rcCs0|D]}|j|kr|Sqtd||dS)NNo {} extension was found)r:rFrH)r/r:extr&r&r'get_extension_for_oidvs  z Extensions.get_extension_for_oidzExtension[ExtensionTypeVar])extclassrcCsD|tkrtd|D]}t|j|r|Sqtd||jdS)Nz|UnrecognizedExtension can't be used with get_extension_for_class because more than one instance of the class may be present.rQ)UnrecognizedExtension TypeErrorr!valuerFrHr:)r/rTrRr&r&r'get_extension_for_classs  z"Extensions.get_extension_for_classrPr+cCs d|jS)Nz)rHrPr.r&r&r'__repr__szExtensions.__repr__)rArBrCrIIterabler<rrSTyperrXr6__len____iter__ __getitem__rDrYr&r&r&r'rMps   rMc@sneZdZejZeddddZee dddZ edd d Z e dd d Z eedd dZedddZdS) CRLNumberN crl_numberrcCst|tstd||_dSNzcrl_number must be an integerr!r5rV _crl_numberr/rar&r&r'r<s zCRLNumber.__init__otherrcCst|tstS|j|jkSr )r!r_NotImplementedrar/rgr&r&r'__eq__s zCRLNumber.__eq__r+cCs t|jSr hashrar.r&r&r'__hash__szCRLNumber.__hash__cCs d|jS)Nz)rHrar.r&r&r'rYszCRLNumber.__repr__cCs|jSr rdr.r&r&r'raszCRLNumber.crl_numbercCs t|Sr  rust_x509Zencode_extension_valuer.r&r&r'r"szCRLNumber.public_bytes)rArBrCrZ CRL_NUMBERr:r5r<objectboolrjrmrDrYpropertyrarKr"r&r&r&r'r_sr_c@seZdZejZejeejej e eje ddddZ e eddddZe ddd d d Zed d dZeedddZe d ddZeejed ddZeejeje d ddZeeje d ddZed ddZdS)AuthorityKeyIdentifierN)key_identifierauthority_cert_issuerauthority_cert_serial_numberrcCsr|dk|dkkrtd|dk rBt|}tdd|DsBtd|dk r\t|ts\td||_||_||_dS)NzXauthority_cert_issuer and authority_cert_serial_number must both be present or both Nonecss|]}t|tVqdSr r!r.0xr&r&r' sz2AuthorityKeyIdentifier.__init__..z;authority_cert_issuer must be a list of GeneralName objectsz/authority_cert_serial_number must be an integer) ValueErrorrOallrVr!r5_key_identifier_authority_cert_issuer_authority_cert_serial_number)r/rurvrwr&r&r'r<s, zAuthorityKeyIdentifier.__init__rcCst|}||dddSN)rurvrwr()clsrr$r&r&r'from_issuer_public_keys z-AuthorityKeyIdentifier.from_issuer_public_keySubjectKeyIdentifier)skircCs||jdddSr)r$)rrr&r&r'"from_issuer_subject_key_identifiers z9AuthorityKeyIdentifier.from_issuer_subject_key_identifierr+cCs d|S)NzrHr.r&r&r'rYszAuthorityKeyIdentifier.__repr__rfcCs2t|tstS|j|jko0|j|jko0|j|jkSr )r!rtrhrurvrwrir&r&r'rjs   zAuthorityKeyIdentifier.__eq__cCs,|jdkrd}n t|j}t|j||jfSr )rvtuplerlrurw)r/Zacir&r&r'rms    zAuthorityKeyIdentifier.__hash__cCs|jSr )rr.r&r&r'rusz%AuthorityKeyIdentifier.key_identifiercCs|jSr )rr.r&r&r'rvsz,AuthorityKeyIdentifier.authority_cert_issuercCs|jSr )rr.r&r&r'rwsz3AuthorityKeyIdentifier.authority_cert_serial_numbercCs t|Sr ror.r&r&r'r"sz#AuthorityKeyIdentifier.public_bytes)rArBrCrZAUTHORITY_KEY_IDENTIFIERr:rIOptionalrKrZrr5r< classmethodr rrrDrYrqrrrjrmrsruListrvrwr"r&r&r&r'rts2 &    rtc@seZdZejZeddddZee ddddZ e edd d Z e edd d Z edd dZeedddZedddZedddZdS)rN)r$rcCs ||_dSr Z_digest)r/r$r&r&r'r<#szSubjectKeyIdentifier.__init__rcCs |t|Sr r)rrr&r&r'from_public_key&sz$SubjectKeyIdentifier.from_public_keyr+cCs|jSr rr.r&r&r'r$,szSubjectKeyIdentifier.digestcCs|jSr rr.r&r&r'ru0sz#SubjectKeyIdentifier.key_identifiercCs d|jS)Nz$)rHr$r.r&r&r'rY4szSubjectKeyIdentifier.__repr__rfcCst|tstSt|j|jSr )r!rrhrZbytes_eqr$rir&r&r'rj7s zSubjectKeyIdentifier.__eq__cCs t|jSr )rlr$r.r&r&r'rm=szSubjectKeyIdentifier.__hash__cCs t|Sr ror.r&r&r'r"@sz!SubjectKeyIdentifier.public_bytes)rArBrCrZSUBJECT_KEY_IDENTIFIERr:rKr<rr rrsr$rurDrYrqrrrjr5rmr"r&r&r&r'r src@speZdZejZejdddddZe d\Z Z Z e ddd Zeed d d Zedd dZedddZdS)AuthorityInformationAccessAccessDescriptionN descriptionsrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr r!rryr&r&r'r|Ksz6AuthorityInformationAccess.__init__..@Every item in the descriptions list must be an AccessDescriptionrOr~rV _descriptionsr/rr&r&r'r<Gs z#AuthorityInformationAccess.__init__rr+cCs d|jS)Nz rHrr.r&r&r'rYUsz#AuthorityInformationAccess.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rjXs z!AuthorityInformationAccess.__eq__cCstt|jSr rlrrr.r&r&r'rm^sz#AuthorityInformationAccess.__hash__cCs t|Sr ror.r&r&r'r"asz'AuthorityInformationAccess.public_bytes)rArBrCrZAUTHORITY_INFORMATION_ACCESSr:rIrZr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'rDs rc@speZdZejZejdddddZe d\Z Z Z e ddd Zeed d d Zedd dZedddZdS)SubjectInformationAccessrNrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr rryr&r&r'r|lsz4SubjectInformationAccess.__init__..rrrr&r&r'r<hs z!SubjectInformationAccess.__init__rr+cCs d|jS)Nzrr.r&r&r'rYvsz!SubjectInformationAccess.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rjys zSubjectInformationAccess.__eq__cCstt|jSr rr.r&r&r'rmsz!SubjectInformationAccess.__hash__cCs t|Sr ror.r&r&r'r"sz%SubjectInformationAccess.public_bytes)rArBrCrZSUBJECT_INFORMATION_ACCESSr:rIrZr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'res rc@sneZdZeeddddZedddZee dd d Z e dd d Z e edd dZe edddZdS)rN) access_methodaccess_locationrcCs4t|tstdt|ts$td||_||_dS)Nz)access_method must be an ObjectIdentifierz%access_location must be a GeneralName)r!rrVr_access_method_access_location)r/rrr&r&r'r<s   zAccessDescription.__init__r+cCs d|S)NzYrr.r&r&r'rYszAccessDescription.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rjs    zAccessDescription.__eq__cCst|j|jfSr )rlrrr.r&r&r'rmszAccessDescription.__hash__cCs|jSr )rr.r&r&r'rszAccessDescription.access_methodcCs|jSr )rr.r&r&r'rsz!AccessDescription.access_location)rArBrCrrr<rDrYrqrrrjr5rmrsrrr&r&r&r'rs  rc@seZdZejZeeje ddddZ e edddZ e eje ddd Z edd d Zeed d dZe dddZedddZdS)BasicConstraintsN)ca path_lengthrcCsXt|tstd|dk r&|s&td|dk rHt|tr@|dkrHtd||_||_dS)Nzca must be a boolean valuez)path_length must be None when ca is Falserz2path_length must be a non-negative integer or None)r!rrrVr}r5_ca _path_length)r/rrr&r&r'r<s  zBasicConstraints.__init__r+cCs|jSr )rr.r&r&r'rszBasicConstraints.cacCs|jSr )rr.r&r&r'rszBasicConstraints.path_lengthcCs d|S)Nz:rr.r&r&r'rYszBasicConstraints.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rjs zBasicConstraints.__eq__cCst|j|jfSr )rlrrr.r&r&r'rmszBasicConstraints.__hash__cCs t|Sr ror.r&r&r'r"szBasicConstraints.public_bytes)rArBrCrZBASIC_CONSTRAINTSr:rrrIrr5r<rsrrrDrYrqrjrmrKr"r&r&r&r'rsrc@sneZdZejZeddddZeedddZ e e dd d Z edd d Z edd dZedddZdS)DeltaCRLIndicatorNr`cCst|tstd||_dSrbrcrer&r&r'r<s zDeltaCRLIndicator.__init__r+cCs|jSr rnr.r&r&r'raszDeltaCRLIndicator.crl_numberrfcCst|tstS|j|jkSr )r!rrhrarir&r&r'rjs zDeltaCRLIndicator.__eq__cCs t|jSr rkr.r&r&r'rmszDeltaCRLIndicator.__hash__cCs d|S)Nz.rr.r&r&r'rYszDeltaCRLIndicator.__repr__cCs t|Sr ror.r&r&r'r"szDeltaCRLIndicator.public_bytes)rArBrCrZDELTA_CRL_INDICATORr:r5r<rsrarqrrrjrmrDrYrKr"r&r&r&r'rsrc@speZdZejZejdddddZe d\Z Z Z e ddd Zeed d d Zedd dZedddZdS)CRLDistributionPointsDistributionPointNdistribution_pointsrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr r!rryr&r&r'r|sz1CRLDistributionPoints.__init__..?distribution_points must be a list of DistributionPoint objectsrOr~rV_distribution_pointsr/rr&r&r'r<szCRLDistributionPoints.__init__rr+cCs d|jS)NzrHrr.r&r&r'rYszCRLDistributionPoints.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rjs zCRLDistributionPoints.__eq__cCstt|jSr rlrrr.r&r&r'rmszCRLDistributionPoints.__hash__cCs t|Sr ror.r&r&r'r"sz"CRLDistributionPoints.public_bytes)rArBrCrZCRL_DISTRIBUTION_POINTSr:rIrZr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'rs  rc@speZdZejZejdddddZe d\Z Z Z e ddd Zeed d d Zedd dZedddZdS) FreshestCRLrNrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr rryr&r&r'r|%sz'FreshestCRL.__init__..rrrr&r&r'r<!szFreshestCRL.__init__rr+cCs d|jS)Nzrr.r&r&r'rY3szFreshestCRL.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rj6s zFreshestCRL.__eq__cCstt|jSr rr.r&r&r'rm<szFreshestCRL.__hash__cCs t|Sr ror.r&r&r'r"?szFreshestCRL.public_bytes)rArBrCrZ FRESHEST_CRLr:rIrZr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'rs  rc@seZdZejejeejeejejdejejeddddZ e dddZ e e d d d Zedd d ZeejejedddZeejedddZeejejddddZeejejedddZdS)r ReasonFlagsN) full_name relative_namereasons crl_issuerrcCs|r|rtd|dk r:t|}tdd|Ds:td|rPt|tsPtd|dk rzt|}tdd|Dsztd|rt|trtdd|Dstd |rtj|kstj |krtd |r|s|s|std ||_ ||_ ||_ ||_ dS) NzOYou cannot provide both full_name and relative_name, at least one must be None.css|]}t|tVqdSr rxryr&r&r'r|Ssz-DistributionPoint.__init__..z/full_name must be a list of GeneralName objectsz1relative_name must be a RelativeDistinguishedNamecss|]}t|tVqdSr rxryr&r&r'r|`sz2crl_issuer must be None or a list of general namescss|]}t|tVqdSr r!rryr&r&r'r|gsz0reasons must be None or frozenset of ReasonFlagszLunspecified and remove_from_crl are not valid reasons in a DistributionPointzPYou must supply crl_issuer, full_name, or relative_name when reasons is not None)r}rOr~rVr!r frozensetr unspecifiedremove_from_crl _full_name_relative_name_reasons _crl_issuer)r/rrrrr&r&r'r<DsV zDistributionPoint.__init__r+cCs d|S)Nz}rr.r&r&r'rYszDistributionPoint.__repr__rfcCs>t|tstS|j|jko<|j|jko<|j|jko<|j|jkSr )r!rrhrrrrrir&r&r'rjs     zDistributionPoint.__eq__cCsH|jdk rt|j}nd}|jdk r0t|j}nd}t||j|j|fSr )rrrrlrr)r/fnrr&r&r'rms  zDistributionPoint.__hash__cCs|jSr rr.r&r&r'rszDistributionPoint.full_namecCs|jSr rr.r&r&r'rszDistributionPoint.relative_namecCs|jSr )rr.r&r&r'rszDistributionPoint.reasonscCs|jSr )rr.r&r&r'rszDistributionPoint.crl_issuer)rArBrCrIrrZrr FrozenSetr<rDrYrqrrrjr5rmrsrrrrrr&r&r&r'rCs" ; rc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) rrZ keyCompromiseZ cACompromiseZaffiliationChanged supersededZcessationOfOperationZcertificateHoldZprivilegeWithdrawnZ aACompromiseZ removeFromCRLN) rArBrCrkey_compromise ca_compromiseaffiliation_changedrcessation_of_operationcertificate_holdprivilege_withdrawn aa_compromiserr&r&r&r'rsr)rrrrrrrrc@seZdZejZejeejeddddZ e dddZ e e dd d Zedd d Zeejedd dZeejedddZedddZdS)PolicyConstraintsN)require_explicit_policyinhibit_policy_mappingrcCs\|dk rt|tstd|dk r4t|ts4td|dkrL|dkrLtd||_||_dS)Nz>require_explicit_policy must be a non-negative integer or Nonez=inhibit_policy_mapping must be a non-negative integer or NonezSAt least one of require_explicit_policy and inhibit_policy_mapping must not be None)r!r5rVr}_require_explicit_policy_inhibit_policy_mapping)r/rrr&r&r'r<s(  zPolicyConstraints.__init__r+cCs d|S)Nz{rr.r&r&r'rYszPolicyConstraints.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rj s    zPolicyConstraints.__eq__cCst|j|jfSr )rlrrr.r&r&r'rms zPolicyConstraints.__hash__cCs|jSr )rr.r&r&r'rsz)PolicyConstraints.require_explicit_policycCs|jSr )rr.r&r&r'rsz(PolicyConstraints.inhibit_policy_mappingcCs t|Sr ror.r&r&r'r" szPolicyConstraints.public_bytes)rArBrCrZPOLICY_CONSTRAINTSr:rIrr5r<rDrYrqrrrjrmrsrrrKr"r&r&r&r'rs  rc@speZdZejZejdddddZe d\Z Z Z e ddd Zeed d d Zedd dZedddZdS)CertificatePoliciesPolicyInformationN)policiesrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr )r!rryr&r&r'r|)sz/CertificatePolicies.__init__..z;Every item in the policies list must be a PolicyInformation)rOr~rV _policies)r/rr&r&r'r<'s zCertificatePolicies.__init__rr+cCs d|jS)Nz)rHrr.r&r&r'rY3szCertificatePolicies.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rj6s zCertificatePolicies.__eq__cCstt|jSr )rlrrr.r&r&r'rm<szCertificatePolicies.__hash__cCs t|Sr ror.r&r&r'r"?sz CertificatePolicies.public_bytes)rArBrCrZCERTIFICATE_POLICIESr:rIrZr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'r$s rc@seZdZeejejejedfddddZ edddZ e e d d d Z edd d ZeedddZeejejejedfdddZdS)r UserNoticeN)policy_identifierpolicy_qualifiersrcCsLt|tstd||_|dk rBt|}tdd|DsBtd||_dS)Nz-policy_identifier must be an ObjectIdentifiercss|]}t|ttfVqdSr )r!rDrryr&r&r'r|Rsz-PolicyInformation.__init__..zMpolicy_qualifiers must be a list of strings and/or UserNotice objects or None)r!rrV_policy_identifierrOr~_policy_qualifiers)r/rrr&r&r'r<Ds zPolicyInformation.__init__r+cCs d|S)Nzerr.r&r&r'rY\szPolicyInformation.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rjbs    zPolicyInformation.__eq__cCs(|jdk rt|j}nd}t|j|fSr )rrrlr)r/Zpqr&r&r'rmks  zPolicyInformation.__hash__cCs|jSr )rr.r&r&r'rusz#PolicyInformation.policy_identifiercCs|jSr )rr.r&r&r'rysz#PolicyInformation.policy_qualifiers)rArBrCrrIrrZUnionrDr<rYrqrrrjr5rmrsrrrr&r&r&r'rCs   rc@seZdZejdejeddddZedddZee d d d Z e dd d Z e ejddddZe ejedddZdS)rNoticeReferenceN)notice_reference explicit_textrcCs&|rt|tstd||_||_dS)Nz2notice_reference must be None or a NoticeReference)r!rrV_notice_reference_explicit_text)r/rrr&r&r'r<szUserNotice.__init__r+cCs d|S)NzVrr.r&r&r'rYszUserNotice.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rjs    zUserNotice.__eq__cCst|j|jfSr )rlrrr.r&r&r'rmszUserNotice.__hash__cCs|jSr )rr.r&r&r'rszUserNotice.notice_referencecCs|jSr )rr.r&r&r'rszUserNotice.explicit_text)rArBrCrIrrDr<rYrqrrrjr5rmrsrrr&r&r&r'rs  rc@seZdZejeejeddddZedddZ e e dd d Z edd d Z eejedd dZeejedddZdS)rN) organizationnotice_numbersrcCs2||_t|}tdd|Ds(td||_dS)Ncss|]}t|tVqdSr )r!r5ryr&r&r'r|sz+NoticeReference.__init__..z)notice_numbers must be a list of integers) _organizationrOr~rV_notice_numbers)r/rrr&r&r'r<s zNoticeReference.__init__r+cCs d|S)NzUrr.r&r&r'rYszNoticeReference.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rjs    zNoticeReference.__eq__cCst|jt|jfSr )rlrrrr.r&r&r'rmszNoticeReference.__hash__cCs|jSr )rr.r&r&r'rszNoticeReference.organizationcCs|jSr )rr.r&r&r'rszNoticeReference.notice_numbers)rArBrCrIrrDrZr5r<rYrqrrrjrmrsrrrr&r&r&r'rs  rc@speZdZejZejeddddZ e d\Z Z Z edddZeed d d Zedd d ZedddZdS)ExtendedKeyUsageN)usagesrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr )r!rryr&r&r'r|sz,ExtendedKeyUsage.__init__..z9Every item in the usages list must be an ObjectIdentifier)rOr~rV_usages)r/rr&r&r'r<s zExtendedKeyUsage.__init__rr+cCs d|jS)Nz)rHrr.r&r&r'rYszExtendedKeyUsage.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rjs zExtendedKeyUsage.__eq__cCstt|jSr )rlrrr.r&r&r'rmszExtendedKeyUsage.__hash__cCs t|Sr ror.r&r&r'r"szExtendedKeyUsage.public_bytes)rArBrCrZEXTENDED_KEY_USAGEr:rIrZrr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'rs rc@sLeZdZejZeedddZe dddZ e dddZ e dd d Zd S) OCSPNoCheckrfcCst|tstSdSNT)r!rrhrir&r&r'rjs zOCSPNoCheck.__eq__r+cCsttSr )rlrr.r&r&r'rmszOCSPNoCheck.__hash__cCsdS)Nzr&r.r&r&r'rYszOCSPNoCheck.__repr__cCs t|Sr ror.r&r&r'r"szOCSPNoCheck.public_bytesN)rArBrCrZ OCSP_NO_CHECKr:rqrrrjr5rmrDrYrKr"r&r&r&r'rs rc@sLeZdZejZeedddZe dddZ e dddZ e dd d Zd S) PrecertPoisonrfcCst|tstSdSr)r!rrhrir&r&r'rjs zPrecertPoison.__eq__r+cCsttSr )rlrr.r&r&r'rm szPrecertPoison.__hash__cCsdS)Nzr&r.r&r&r'rYszPrecertPoison.__repr__cCs t|Sr ror.r&r&r'r"szPrecertPoison.public_bytesN)rArBrCrZPRECERT_POISONr:rqrrrjr5rmrDrYrKr"r&r&r&r'rs rc@speZdZejZejdddddZe d\Z Z Z e ddd Zeed d d Zedd dZedddZdS) TLSFeatureTLSFeatureTypeN)featuresrcCs8t|}tdd|Dr&t|dkr.td||_dS)Ncss|]}t|tVqdSr )r!rryr&r&r'r|sz&TLSFeature.__init__..rz@features must be a list of elements from the TLSFeatureType enum)rOr~r,rV _features)r/rr&r&r'r<s zTLSFeature.__init__rr+cCs d|S)Nz$rr.r&r&r'rY)szTLSFeature.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rj,s zTLSFeature.__eq__cCstt|jSr )rlrrr.r&r&r'rm2szTLSFeature.__hash__cCs t|Sr ror.r&r&r'r"5szTLSFeature.public_bytes)rArBrCrZ TLS_FEATUREr:rIrZr<r6r\r]r^rDrYrqrrrjr5rmrKr"r&r&r&r'rs rc@seZdZdZdZdS)rrN)rArBrCZstatus_requestZstatus_request_v2r&r&r&r'r9srcCsi|] }|j|qSr&rWryr&r&r' Dsrc@sneZdZejZeddddZedddZ e e dd d Z edd d Z eedd dZedddZdS)InhibitAnyPolicyN) skip_certsrcCs,t|tstd|dkr"td||_dS)Nzskip_certs must be an integerrz)skip_certs must be a non-negative integer)r!r5rVr} _skip_certs)r/rr&r&r'r<Js  zInhibitAnyPolicy.__init__r+cCs d|S)Nz-rr.r&r&r'rYSszInhibitAnyPolicy.__repr__rfcCst|tstS|j|jkSr )r!rrhrrir&r&r'rjVs zInhibitAnyPolicy.__eq__cCs t|jSr )rlrr.r&r&r'rm\szInhibitAnyPolicy.__hash__cCs|jSr )rr.r&r&r'r_szInhibitAnyPolicy.skip_certscCs t|Sr ror.r&r&r'r"cszInhibitAnyPolicy.public_bytes)rArBrCrZINHIBIT_ANY_POLICYr:r5r<rDrYrqrrrjrmrsrrKr"r&r&r&r'rGs rc @seZdZejZeeeeeeeeedd ddZeedddZ eeddd Z eedd d Z eedd d Z eedddZ eedddZeedddZeedddZeedddZedddZeedddZedddZeddd ZdS)!KeyUsageN) digital_signaturecontent_commitmentkey_enciphermentdata_encipherment key_agreement key_cert_signcrl_sign encipher_only decipher_onlyrc CsN|s|s | rtd||_||_||_||_||_||_||_||_| |_ dS)NzKencipher_only and decipher_only can only be true when key_agreement is true) r}_digital_signature_content_commitment_key_encipherment_data_encipherment_key_agreement_key_cert_sign _crl_sign_encipher_only_decipher_only) r/rrrrrrrrrr&r&r'r<js zKeyUsage.__init__r+cCs|jSr )rr.r&r&r'rszKeyUsage.digital_signaturecCs|jSr )rr.r&r&r'rszKeyUsage.content_commitmentcCs|jSr )rr.r&r&r'rszKeyUsage.key_enciphermentcCs|jSr )rr.r&r&r'rszKeyUsage.data_enciphermentcCs|jSr )r r.r&r&r'rszKeyUsage.key_agreementcCs|jSr )r r.r&r&r'rszKeyUsage.key_cert_signcCs|jSr )r r.r&r&r'rszKeyUsage.crl_signcCs|jstdn|jSdS)Nz7encipher_only is undefined unless key_agreement is true)rr}r r.r&r&r'rs zKeyUsage.encipher_onlycCs|jstdn|jSdS)Nz7decipher_only is undefined unless key_agreement is true)rr}r r.r&r&r'rs zKeyUsage.decipher_onlycCs<z|j}|j}Wntk r,d}d}YnXd|||S)NFa-)rrr}rH)r/rrr&r&r'rYs  zKeyUsage.__repr__rfcCszt|tstS|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j|jkox|j |j kox|j |j kox|j |j kSr ) r!rrhrrrrrrrr r rir&r&r'rjs&          zKeyUsage.__eq__c Cs,t|j|j|j|j|j|j|j|j|j f Sr ) rlrrrrrrrr r r.r&r&r'rmszKeyUsage.__hash__cCs t|Sr ror.r&r&r'r"szKeyUsage.public_bytes)rArBrCrZ KEY_USAGEr:rrr<rsrrrrrrrrrrDrYrqrjr5rmrKr"r&r&r&r'rgsD rc@seZdZejZejeje ejeje ddddZ e e dddZ eje ddd d Zed d d Zed ddZeejeje d ddZeejeje d ddZed ddZdS)NameConstraintsN)permitted_subtreesexcluded_subtreesrcCs|dk r@t|}|stdtdd|Ds6td|||dk rt|}|s\tdtdd|Dsvtd|||dkr|dkrtd||_||_dS) Nz3permitted_subtrees must be a non-empty list or Nonecss|]}t|tVqdSr rxryr&r&r'r|sz+NameConstraints.__init__..z@permitted_subtrees must be a list of GeneralName objects or Nonez2excluded_subtrees must be a non-empty list or Nonecss|]}t|tVqdSr rxryr&r&r'r|sz?excluded_subtrees must be a list of GeneralName objects or NonezIAt least one of permitted_subtrees and excluded_subtrees must not be None)rOr}r~rV_validate_ip_name_permitted_subtrees_excluded_subtrees)r/rrr&r&r'r<s8  zNameConstraints.__init__rfcCs&t|tstS|j|jko$|j|jkSr )r!rrhrrrir&r&r'rjs    zNameConstraints.__eq__)treercCstdd|DrtddS)Ncss.|]&}t|to$t|jtjtjf VqdSr )r!rrW ipaddressZ IPv4NetworkZ IPv6Network)rznamer&r&r'r|#s   z4NameConstraints._validate_ip_name..zGIPAddress name constraints must be an IPv4Network or IPv6Network object)anyrV)r/rr&r&r'r"s z!NameConstraints._validate_ip_namer+cCs d|S)Nzerr.r&r&r'rY/szNameConstraints.__repr__cCs@|jdk rt|j}nd}|jdk r0t|j}nd}t||fSr )rrrrl)r/ZpsZesr&r&r'rm5s  zNameConstraints.__hash__cCs|jSr )rr.r&r&r'rFsz"NameConstraints.permitted_subtreescCs|jSr )rr.r&r&r'rLsz!NameConstraints.excluded_subtreescCs t|Sr ror.r&r&r'r"RszNameConstraints.public_bytes)rArBrCrZNAME_CONSTRAINTSr:rIrrZrr<rqrrrjrrDrYr5rmrsrrrrKr"r&r&r&r'rs  *  rc@seZdZeeeddddZeedddZeeddd Z eedd d Z e dd d Z e edddZedddZdS) ExtensionN)r:criticalrWrcCs:t|tstdt|ts$td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z critical must be a boolean value)r!rrVrr_oid _critical_value)r/r:rrWr&r&r'r<Ws  zExtension.__init__r+cCs|jSr rr.r&r&r'r:fsz Extension.oidcCs|jSr )rr.r&r&r'rjszExtension.criticalcCs|jSr rr.r&r&r'rWnszExtension.valuecCs d|S)Nz@rr.r&r&r'rYrszExtension.__repr__rfcCs2t|tstS|j|jko0|j|jko0|j|jkSr )r!rrhr:rrWrir&r&r'rjxs    zExtension.__eq__cCst|j|j|jfSr )rlr:rrWr.r&r&r'rmszExtension.__hash__)rArBrCrrrrr<rsr:rrWrDrYrqrjr5rmr&r&r&r'rVs  rc @seZdZejeddddZed\ZZ Z ej ej ej eej eej efejedddZej ej eejedd dZej ej eejedd dZej ej eejedd dZej ej eejedd dZej ej eej eej eej eej eej eej efej ejeejeejeejeejefdd dZedddZeedddZedddZ dS) GeneralNamesN general_namesrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr rxryr&r&r'r|sz(GeneralNames.__init__..z^Every item in the general_names list must be an object conforming to the GeneralName interface)rOr~rV_general_namesr/r!r&r&r'r<s zGeneralNames.__init__r"typercCsdSr r&r/r%r&r&r'get_values_for_types z GeneralNames.get_values_for_typecCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scs0fdd|D}tkr(dd|DSt|S)Nc3s|]}t|r|VqdSr )r!rzir%r&r'r|s z3GeneralNames.get_values_for_type..cSsg|] }|jqSr&rr(r&r&r' sz4GeneralNames.get_values_for_type..)rrO)r/r%Zobjsr&r*r'r'sr+cCs d|jS)NzrHr"r.r&r&r'rYszGeneralNames.__repr__rfcCst|tstS|j|jkSr )r!rrhr"rir&r&r'rjs zGeneralNames.__eq__cCstt|jSr )rlrr"r.r&r&r'rmszGeneralNames.__hash__)!rArBrCrIrZrr<r6r\r]r^overloadrr[r rrrrDr'r rrrrrrrYrqrrrjr5rmr&r&r&r'rsb    rc @seZdZejZejeddddZ e d\Z Z Z ejejejeejeejefejedddZejejeejedd dZejejeejedd dZejejeejedd dZejejeejedd dZejejeejeejeejeejeejeejefejejeejeejeejeejefdd dZedddZee dddZ!e"dddZ#e$dddZ%dS)SubjectAlternativeNameNr cCst||_dSr rr"r#r&r&r'r<szSubjectAlternativeName.__init__r"r$cCsdSr r&r&r&r&r'r's z*SubjectAlternativeName.get_values_for_typecCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCs |j|Sr r"r'r&r&r&r'r' sr+cCs d|jS)Nzr,r.r&r&r'rY szSubjectAlternativeName.__repr__rfcCst|tstS|j|jkSr )r!r.rhr"rir&r&r'rj#s zSubjectAlternativeName.__eq__cCs t|jSr rlr"r.r&r&r'rm)szSubjectAlternativeName.__hash__cCs t|Sr ror.r&r&r'r",sz#SubjectAlternativeName.public_bytes)&rArBrCrZSUBJECT_ALTERNATIVE_NAMEr:rIrZrr<r6r\r]r^r-rr[r rrrrDr'r rrrrrrrYrqrrrjr5rmrKr"r&r&r&r'r.sf   r.c @seZdZejZejeddddZ e d\Z Z Z ejejejeejeejefejedddZejejeejedd dZejejeejedd dZejejeejedd dZejejeejedd dZejejeejeejeejeejeejeejefejejeejeejeejeejefdd dZedddZee dddZ!e"dddZ#e$dddZ%dS)IssuerAlternativeNameNr cCst||_dSr r/r#r&r&r'r<3szIssuerAlternativeName.__init__r"r$cCsdSr r&r&r&r&r'r'8s z)IssuerAlternativeName.get_values_for_typecCsdSr r&r&r&r&r'r'CscCsdSr r&r&r&r&r'r'JscCsdSr r&r&r&r&r'r'QscCsdSr r&r&r&r&r'r'WscCs |j|Sr r0r&r&r&r'r']sr+cCs d|jS)Nzr,r.r&r&r'rYqszIssuerAlternativeName.__repr__rfcCst|tstS|j|jkSr )r!r2rhr"rir&r&r'rjts zIssuerAlternativeName.__eq__cCs t|jSr r1r.r&r&r'rmzszIssuerAlternativeName.__hash__cCs t|Sr ror.r&r&r'r"}sz"IssuerAlternativeName.public_bytes)&rArBrCrZISSUER_ALTERNATIVE_NAMEr:rIrZrr<r6r\r]r^r-rr[r rrrrDr'r rrrrrrrYrqrrrjr5rmrKr"r&r&r&r'r20sf   r2c @seZdZejZejeddddZ e d\Z Z Z ejejejeejeejefejedddZejejeejedd dZejejeejedd dZejejeejedd dZejejeejedd dZejejeejeejeejeejeejeejefejejeejeejeejeejefdd dZedddZee dddZ!e"dddZ#e$dddZ%dS)CertificateIssuerNr cCst||_dSr r/r#r&r&r'r<szCertificateIssuer.__init__r"r$cCsdSr r&r&r&r&r'r's z%CertificateIssuer.get_values_for_typecCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCsdSr r&r&r&r&r'r'scCs |j|Sr r0r&r&r&r'r'sr+cCs d|jS)Nzr,r.r&r&r'rYszCertificateIssuer.__repr__rfcCst|tstS|j|jkSr )r!r3rhr"rir&r&r'rjs zCertificateIssuer.__eq__cCs t|jSr r1r.r&r&r'rmszCertificateIssuer.__hash__cCs t|Sr ror.r&r&r'r"szCertificateIssuer.public_bytes)&rArBrCrZCERTIFICATE_ISSUERr:rIrZrr<r6r\r]r^r-rr[r rrrrDr'r rrrrrrrYrqrrrjr5rmrKr"r&r&r&r'r3sf   r3c@sneZdZejZeddddZedddZ e e dd d Z e dd d Zeedd dZedddZdS) CRLReasonN)reasonrcCst|tstd||_dS)Nz*reason must be an element from ReasonFlags)r!rrV_reason)r/r5r&r&r'r<s zCRLReason.__init__r+cCs d|jS)Nz)rHr6r.r&r&r'rYszCRLReason.__repr__rfcCst|tstS|j|jkSr )r!r4rhr5rir&r&r'rjs zCRLReason.__eq__cCs t|jSr )rlr5r.r&r&r'rmszCRLReason.__hash__cCs|jSr )r6r.r&r&r'r5szCRLReason.reasoncCs t|Sr ror.r&r&r'r"szCRLReason.public_bytes)rArBrCrZ CRL_REASONr:rr<rDrYrqrrrjr5rmrsr5rKr"r&r&r&r'r4sr4c@sreZdZejZejddddZedddZ e e dd d Z e dd d Zeejdd dZedddZdS)InvalidityDateN)invalidity_datercCst|tjstd||_dS)Nz+invalidity_date must be a datetime.datetime)r!datetimerV_invalidity_date)r/r8r&r&r'r<s zInvalidityDate.__init__r+cCs d|jS)Nz$)rHr:r.r&r&r'rYszInvalidityDate.__repr__rfcCst|tstS|j|jkSr )r!r7rhr8rir&r&r'rjs zInvalidityDate.__eq__cCs t|jSr )rlr8r.r&r&r'rmszInvalidityDate.__hash__cCs|jSr )r:r.r&r&r'r8szInvalidityDate.invalidity_datecCs t|Sr ror.r&r&r'r" szInvalidityDate.public_bytes)rArBrCrZINVALIDITY_DATEr:r9r<rDrYrqrrrjr5rmrsr8rKr"r&r&r&r'r7sr7c@speZdZejZejeddddZ e d\Z Z Z edddZedd d Zeed d d ZedddZdS))PrecertificateSignedCertificateTimestampsNsigned_certificate_timestampsrcCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr r!r rzZsctr&r&r'r|szEPrecertificateSignedCertificateTimestamps.__init__..YEvery item in the signed_certificate_timestamps list must be a SignedCertificateTimestamprOr~rV_signed_certificate_timestampsr/r=r&r&r'r<sz2PrecertificateSignedCertificateTimestamps.__init__rBr+cCsdt|S)Nz/rHrOr.r&r&r'rY&sz2PrecertificateSignedCertificateTimestamps.__repr__cCstt|jSr rlrrBr.r&r&r'rm+sz2PrecertificateSignedCertificateTimestamps.__hash__rfcCst|tstS|j|jkSr )r!r;rhrBrir&r&r'rj.s  z0PrecertificateSignedCertificateTimestamps.__eq__cCs t|Sr ror.r&r&r'r"7sz6PrecertificateSignedCertificateTimestamps.public_bytes)rArBrCrZ%PRECERT_SIGNED_CERTIFICATE_TIMESTAMPSr:rIrZr r<r6r\r]r^rDrYr5rmrqrrrjrKr"r&r&r&r'r;s   r;c@speZdZejZejeddddZ e d\Z Z Z edddZedd d Zeed d d ZedddZdS)SignedCertificateTimestampsNr<cCs,t|}tdd|Ds"td||_dS)Ncss|]}t|tVqdSr r>r?r&r&r'r|Esz7SignedCertificateTimestamps.__init__..r@rArCr&r&r'r<>sz$SignedCertificateTimestamps.__init__rBr+cCsdt|S)Nz!rDr.r&r&r'rYSsz$SignedCertificateTimestamps.__repr__cCstt|jSr rEr.r&r&r'rmVsz$SignedCertificateTimestamps.__hash__rfcCst|tstS|j|jkSr )r!rFrhrBrir&r&r'rjYs  z"SignedCertificateTimestamps.__eq__cCs t|Sr ror.r&r&r'r"bsz(SignedCertificateTimestamps.public_bytes)rArBrCrZSIGNED_CERTIFICATE_TIMESTAMPSr:rIrZr r<r6r\r]r^rDrYr5rmrqrrrjrKr"r&r&r&r'rF;s   rFc@sneZdZejZeddddZee dddZ e dd d Z e dd d Zeedd dZedddZdS) OCSPNonceN)noncercCst|tstd||_dS)Nznonce must be bytes)r!rKrV_nonce)r/rHr&r&r'r<is zOCSPNonce.__init__rfcCst|tstS|j|jkSr )r!rGrhrHrir&r&r'rjos zOCSPNonce.__eq__r+cCs t|jSr )rlrHr.r&r&r'rmuszOCSPNonce.__hash__cCs d|S)Nzrr.r&r&r'rYxszOCSPNonce.__repr__cCs|jSr )rIr.r&r&r'rH{szOCSPNonce.noncecCs t|Sr ror.r&r&r'r"szOCSPNonce.public_bytes)rArBrCrZNONCEr:rKr<rqrrrjr5rmrDrYrsrHr"r&r&r&r'rGfsrGc @s"eZdZejZejeje eje e e ejej e e e ddddZedddZee dd d Zedd d Zeejeje dd dZeeje dddZee dddZee dddZeejej e dddZee dddZee dddZedddZdS)IssuingDistributionPointN)rronly_contains_user_certsonly_contains_ca_certsonly_some_reasons indirect_crlonly_contains_attribute_certsrc Cs|dk rt|}|r8t|tr0tdd|Ds8td|rXtj|ksPtj|krXtdt|t rt|t rt|t rt|t std||||g}t dd|Ddkrtd t |||||||gstd ||_ ||_ ||_||_||_||_||_dS) Ncss|]}t|tVqdSr rryr&r&r'r|sz4IssuingDistributionPoint.__init__..z:only_some_reasons must be None or frozenset of ReasonFlagszTunspecified and remove_from_crl are not valid reasons in an IssuingDistributionPointzuonly_contains_user_certs, only_contains_ca_certs, indirect_crl and only_contains_attribute_certs must all be boolean.cSsg|] }|r|qSr&r&ryr&r&r'r+sz5IssuingDistributionPoint.__init__..rzOnly one of the following can be set to True: only_contains_user_certs, only_contains_ca_certs, indirect_crl, only_contains_attribute_certszCannot create empty extension: if only_contains_user_certs, only_contains_ca_certs, indirect_crl, and only_contains_attribute_certs are all False, then either full_name, relative_name, or only_some_reasons must have a value.)rOr!rr~rVrrrr}rrr,r_only_contains_user_certs_only_contains_ca_certs _indirect_crl_only_contains_attribute_certs_only_some_reasonsrr) r/rrrKrLrMrNrOZcrl_constraintsr&r&r'r<st  z!IssuingDistributionPoint.__init__r+cCs d|S)NaGrr.r&r&r'rYsz!IssuingDistributionPoint.__repr__rfcCsbt|tstS|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j|jko`|j |j kSr ) r!rJrhrrrKrLrMrNrOrir&r&r'rjs"       zIssuingDistributionPoint.__eq__cCs$t|j|j|j|j|j|j|jfSr )rlrrrKrLrMrNrOr.r&r&r'rmsz!IssuingDistributionPoint.__hash__cCs|jSr rr.r&r&r'rsz"IssuingDistributionPoint.full_namecCs|jSr rr.r&r&r'rsz&IssuingDistributionPoint.relative_namecCs|jSr )rPr.r&r&r'rK sz1IssuingDistributionPoint.only_contains_user_certscCs|jSr )rQr.r&r&r'rL sz/IssuingDistributionPoint.only_contains_ca_certscCs|jSr )rTr.r&r&r'rMsz*IssuingDistributionPoint.only_some_reasonscCs|jSr )rRr.r&r&r'rNsz%IssuingDistributionPoint.indirect_crlcCs|jSr )rSr.r&r&r'rOsz6IssuingDistributionPoint.only_contains_attribute_certscCs t|Sr ror.r&r&r'r"sz%IssuingDistributionPoint.public_bytes) rArBrCrZISSUING_DISTRIBUTION_POINTr:rIrrZrrrrrrr<rDrYrqrjr5rmrsrrrrKrLrMrNrOrKr"r&r&r&r'rJs: S  rJc@s|eZdZeeddddZeedddZeeddd Ze dd d Z e e d d dZ edddZedddZdS)rUN)r:rWrcCs"t|tstd||_||_dS)Nzoid must be an ObjectIdentifier)r!rrVrr)r/r:rWr&r&r'r<$s zUnrecognizedExtension.__init__r+cCs|jSr rr.r&r&r'r:*szUnrecognizedExtension.oidcCs|jSr rr.r&r&r'rW.szUnrecognizedExtension.valuecCs d|S)Nz7rr.r&r&r'rY2szUnrecognizedExtension.__repr__rfcCs&t|tstS|j|jko$|j|jkSr )r!rUrhr:rWrir&r&r'rj8s zUnrecognizedExtension.__eq__cCst|j|jfSr )rlr:rWr.r&r&r'rm>szUnrecognizedExtension.__hash__cCs|jSr rr.r&r&r'r"Asz"UnrecognizedExtension.public_bytes)rArBrCrrKr<rsr:rWrDrYrqrrrjr5rmr"r&r&r&r'rU#srU)gabcr9r#rrIZ cryptographyrZ"cryptography.hazmat.bindings._rustrrrpZcryptography.hazmat.primitivesrrZ,cryptography.hazmat.primitives.asymmetric.ecrZ-cryptography.hazmat.primitives.asymmetric.rsarZ/cryptography.hazmat.primitives.asymmetric.typesr r Z*cryptography.x509.certificate_transparencyr Zcryptography.x509.general_namer r rrrrrrrZcryptography.x509.namerrZcryptography.x509.oidrrrrZTypeVarrrKr(rDr6 Exceptionr7rFABCMetarrMr_rtrrrrrrrrrEnumrrrrrrrrrZ_REASON_BIT_MAPPINGZ_CRLREASONFLAGSrrrrrrrrrrZ_TLS_FEATURE_TYPE_TO_ENUMrrrZGenericrrr.r2r3r4r7r;rFrGrJrUr&r&r&r's      ,   'l$!!(.%%p  A=+("  j0YQQQ-+!