3Tf:UddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z mZGddejZeDcic]}|j"|c}Ze j&ej(e j*ej(e j,ej(e j.ej(e j0ej2e j4ej2iZded <ej:eefZej:eefZ e jBd e jDd e jFd e jHd e jJde j&de jLde j4de jNdi Z(ded<e(jSDcic]\}}|| c}}Z*ddZ+d dZ,GddZ-GddZ.GddZ/GddZ0ycc}wcc}}w)!) annotationsN)utils)x509)NameOIDObjectIdentifierc<eZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zy ) _ASN1Type N)__name__ __module__ __qualname__ BitString OctetString UTF8String NumericStringPrintableString T61String IA5StringUTCTimeGeneralizedTime VisibleStringUniversalString BMPString8/usr/lib/python3/dist-packages/cryptography/x509/name.pyr r s>IKJMOIIGOMOIr&r z(typing.Dict[ObjectIdentifier, _ASN1Type]_NAMEOID_DEFAULT_TYPECNLSTOOUCSTREETDCUID _OidNameMap_NAMEOID_TO_NAMEc|syt|tr'dtj|j dzS|j dd}|j dd}|j dd }|j d d }|j d d }|j dd}|j dd}|j dd}|ddvrd|z}|ddk(r|dddz}|S)z>Escape special characters in RFC4514 Distinguished Name value.#utf8\z\\"z\"+z\+,z\,;z\;z\>z\00r)r6 r@Nz\ ) isinstancebytesbinasciihexlifydecodereplace)vals r'_escape_dn_valuerI?s #uX%%c*11&999 ++dF #C ++c5 !C ++c5 !C ++c5 !C ++c5 !C ++c5 !C ++c5 !C ++dF #C 1vSj 2w#~#2h Jr&cN|syd}tjj||S)Nr5cn|jd}t|dk(r|Stt|dS)N)grouplenchrint)mrHs r'subz_unescape_dn_value..subds0ggaj s8q=J3sB<  r&)_RFC4514NameParser_PAIR_RErS)rHrSs r'_unescape_dn_valuerV\s(  !  & & * *3 44r&ceZdZ d dd d dZeddZeddZeddZ d ddZdd Z dd Z dd Z y) NameAttributeNT) _validatect|ts td|tjk(r9|t j k7r tdt|ts&tdt|ts td|t jk(s|t jk(rkt|tsJt|jd}|dk7r|dur td|dk7r&tjd j!|d |$t"j%|tj&}t|ts td ||_||_||_y) Nz2oid argument must be an ObjectIdentifier instance.z6oid must be X500_UNIQUE_IDENTIFIER for BitString type.z!value must be bytes for BitStringzvalue argument must be a strr7Tz/Country name must be a 2 character country codezUCountry names should be two characters, but the attribute is {} characters in length.) stacklevelz%_type must be from the _ASN1Type enum)rBr TypeErrorr rrX500_UNIQUE_IDENTIFIERrCstr COUNTRY_NAMEJURISDICTION_COUNTRY_NAMErOencode ValueErrorwarningswarnformatr(getr_oid_value_type)selfoidvaluerjrYc_lens r'__init__zNameAttribute.__init__psJ#/0D  I'' 'g444LeU+ CDDeS) >?? 7'' 'g777eS) )) V,-Ezi4/ E! <)rfrrs r'__repr__zNameAttribute.__repr__s@GGMMr&rq) rlrrmtyping.Union[str, bytes]rjztyping.Optional[_ASN1Type]rYboolreturnNone)rr)rrrr_ryztyping.Optional[_OidNameMap]rr_robjectrrrrQ) rrrropropertyrlrmrvr{rrrr%r&r'rXrXos -1 6  6 6(6* 6  6 6pFFCG=#?= ="C ,Nr&rXc^eZdZd dZ d dZ d d dZddZddZddZddZ dd Z y)RelativeDistinguishedNamect|}|s tdtd|Ds td||_t ||_t|j t|k7r tdy)Nz-a relative distinguished name cannot be emptyc3<K|]}t|tywrqrBrX.0xs r' z5RelativeDistinguishedName.__init__..sDA:a/Dz/attributes must be an iterable of NameAttributez$duplicate attributes are not allowed)listrcallr] _attributes frozenset_attribute_setrOrk attributess r'roz"RelativeDistinguishedName.__init__st*% LM MDDDMN N&' 3 t"" #s: 6CD D 7r&cL|Dcgc]}|j|k(s|c}Scc}wrqrlrkrlis r'get_attributes_for_oidz0RelativeDistinguishedName.get_attributes_for_oid" 0a155C<000!!NcLdjfd|jDS)z Format as RFC4514 Distinguished Name string. Within each RDN, attributes are joined by '+', although that is rarely used in certificates. r:c3@K|]}|jywrqr{rattrrys r'rz;RelativeDistinguishedName.rfc4514_string..%     3 4 joinrrkrys `r'r{z(RelativeDistinguishedName.rfc4514_strings)xx ((   r&c`t|tstS|j|jk(Srq)rBrr}rr~s r'rz RelativeDistinguishedName.__eq__s*%!:;! !""e&:&:::r&c,t|jSrq)rrrrs r'rz"RelativeDistinguishedName.__hash__sD''((r&c,t|jSrq)iterrrrs r'__iter__z"RelativeDistinguishedName.__iter__sD$$%%r&c,t|jSrq)rOrrrs r'__len__z!RelativeDistinguishedName.__len__s4##$$r&c*d|jdS)Nzrrrs r'rz"RelativeDistinguishedName.__repr__s,T-@-@-B,C2FFr&)rtyping.Iterable[NameAttribute]rlrrztyping.List[NameAttribute]rqrrrrztyping.Iterator[NameAttribute]r) rrrrorr{rrrrrr%r&r'rrsS E1#1 #1 CG  #?    ; )&%Gr&rceZdZejddZej ddZ ddZe d ddZ d ddZ ddZ e ddZ ddd Z dd Z dd Zdd Zdd ZddZy)Namecyrqr%rs r'roz Name.__init__ s r&cyrqr%rs r'roz Name.__init__s r&c Rt|}td|Dr8|Dcgc]&}ttjt |g(c}|_ytd|Dr1tjtjt||_ytdcc}w)Nc3<K|]}t|tywrqrrs r'rz Name.__init__..s@z!]+@rc3<K|]}t|tywrq)rBrrs r'rz Name.__init__.."sNaA89NrzNattributes must be a list of NameAttribute or a list RelativeDistinguishedName) rrrtypingcastrXrListr])rkrrs r'roz Name.__init__s *% @Z@ @$ *6;;}a+H*IJ D N:N N%{{ 56  D 7  s+B$Nc>t||xsijSrq)rTparse)clsdatarys r'from_rfc4514_stringzName.from_rfc4514_string,s "$(;(ArBHHJJr&c^djfdt|jDS)a Format as RFC4514 Distinguished Name string. For example 'CN=foobar.com,O=Foo Corp,C=US' An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in real world certificates. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. r;c3@K|]}|jywrqrrs r'rz&Name.rfc4514_string..Arr)rreversedrrs `r'r{zName.rfc4514_string4s.xx  !1!12   r&cL|Dcgc]}|j|k(s|c}Scc}wrqrrs r'rzName.get_attributes_for_oidFrrc|jSrqrrrs r'rdnsz Name.rdnsKsr&c,tj|Srq) rust_x509encode_name_bytes)rkbackends r' public_byteszName.public_bytesOs**400r&c`t|tstS|j|jk(Srq)rBrr}rr~s r'rz Name.__eq__Rs)%&! !5#4#444r&c>tt|jSrq)rtuplerrrs r'rz Name.__hash__XsE$**+,,r&c#DK|jD] }|D]}|ywrqr)rkrdnavas r'rz Name.__iter__]s/## C    s c:td|jDS)Nc32K|]}t|ywrq)rO)rrs r'rzName.__len__..cs83s88s)sumrrrs r'rz Name.__len__bs8t'7'7888r&cRdjd|jD}d|dS)Nr;c3<K|]}|jywrqr)rrs r'rz Name.__repr__..fsK$++-Krz]|[\da-zA-Z]{2})z7[\x01-\x1f\x21\x24-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z3[\x01-\x21\x23-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z7[\x01-\x1F\x21\x23-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z[\x80-]|z ( (z!) ( (z)* (z$) )? )? z#([\da-zA-Z]{2})+c.||_d|_||_y)Nr)_data_idx_attr_name_overrides)rkrrys r'roz_RFC4514NameParser.__init__s  $7!r&cF|jt|jkSrq)rrOrrrs r' _has_dataz_RFC4514NameParser._has_datasyy3tzz?**r&cV|jr|j|jSyrq)rrrrrs r'_peekz_RFC4514NameParser._peeks" >> ::dii( (r&c`|j|k7rt|xjdz c_y)NrL)rrcr)rkchs r' _read_charz_RFC4514NameParser._read_chars# ::<2   Q r&c|j|j|j}|t|j }|xjt |z c_|S)N)pos)matchrrrcrNrO)rkpatrrHs r'_read_rez_RFC4514NameParser._read_resI $**$)) 4 = kkm SX  r&c|jg}|jrA|jd|j|j|jrAt t |S)a' Parses the `data` string and converts it to a Name. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. So, when we parse it, we need to reverse again to get the RDNs on the correct order. r;) _parse_rdnrrappendrrrs r'rz_RFC4514NameParser.parsesY!"nn OOC KK) *nnHTN##r&c|jg}|jdk(rD|jd|j|j|jdk(rDt |S)Nr:) _parse_narrrr)rknass r'rz_RFC4514NameParser._parse_rdns[~~ jjlc! OOC JJt~~' (jjlc!)--r&cB |j|j}t|}|jd|jdk(rB|j|j}tj|ddj}n&|j|j}t|}t!||S#t$rU|j|j}|j j |tj |}|tYwxYw)Nrxr6rL)r_OID_RErrc _DESCR_RErrg_NAME_TO_NAMEOIDrr _HEXSTRING_RErD unhexlifyrF _STRING_RErVrX)rk oid_valuerlnamerm raw_values r'rz_RFC4514NameParser._parse_nas . dll3I#9-C  ::<3 MM$"4"45E&&uQRy188:E doo6I&y1ES%((% !==0D++//&**40C{    !sCADDN)rr_ry _NameOidMaprr)rr)rztyping.Optional[str])rr_rrr)rr)rr)rrX)rrrrecompilerr_PAIRrU_LUTF1_SUTF1_TUTF1rPsys maxunicode_UTFMB _LEADCHAR _STRINGCHAR _TRAILCHARVERBOSErrrorrrrrrrr%r&r'rTrTjsbjj=>G 23I 0Erzz% H GF CF GFs3>>*+1 -F81VH%IXQvh'KHAfX&J[%!aw'Qug&    JBJJ34M8 +  $".)r&rT)rHrrr_)rHr_rr_)1 __future__rrDr rrrd cryptographyr"cryptography.hazmat.bindings._rustrrcryptography.x509.oidrrEnumr rm_ASN1_TYPE_TO_ENUMr`rra SERIAL_NUMBER DN_QUALIFIER EMAIL_ADDRESSrDOMAIN_COMPONENTr(__annotations__Mappingr_r2r  COMMON_NAME LOCALITY_NAMESTATE_OR_PROVINCE_NAMEORGANIZATION_NAMEORGANIZATIONAL_UNIT_NAMESTREET_ADDRESSUSER_IDr3itemsrrIrVrXrrrT)rkvs000r'r.s # @;  +44Qaggqj4 )33 %%y'@'@ 944 )33 9.. i11 C?nn-s23 nnS"223   3 ""D s $$d # H d OOU !+ &6%;%;%=>TQAqD>:5&dNdNN2G2Gj\!\!~d)d)S 56?s G G