%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /snap/core20/2599/usr/lib/python3/dist-packages/cryptography/x509/__pycache__/
Upload File :
Create Path :
Current File : //snap/core20/2599/usr/lib/python3/dist-packages/cryptography/x509/__pycache__/base.cpython-38.pyc

U

�e�]�]�@s�ddlmZmZmZddlZddlZddlZddlmZddl	Z	ddl
mZddlm
Z
mZmZmZmZddlmZmZddlmZe�dd	d	�Zd
d�Zdd
�ZGdd�de�Zdd�Zdd�Zdd�Zdd�Zdd�Zdd�Z Gdd�de!�Z"e	�#ej$�Gdd�de%��Z&e	�#ej$�Gd d!�d!e%��Z'e	�#ej$�Gd"d#�d#e%��Z(e	�#ej$�Gd$d%�d%e%��Z)Gd&d'�d'e%�Z*Gd(d)�d)e%�Z+Gd*d+�d+e%�Z,Gd,d-�d-e%�Z-d.d/�Z.dS)0�)�absolute_import�division�print_functionN)�Enum)�utils)�dsa�ec�ed25519�ed448�rsa)�	Extension�
ExtensionType)�Namei��cCs"|D]}|j|jkrtd��qdS)Nz$This extension has already been set.)�oid�
ValueError)�	extension�
extensions�e�r�8/usr/lib/python3/dist-packages/cryptography/x509/base.py�_reject_duplicate_extensionsrcCs:|jdk	r2|��}|r|nt��}|jdd�|S|SdS)z�Normalizes a datetime to a naive datetime in UTC.

    time -- datetime to normalize. Assumed to be in UTC if not timezone
            aware.
    N)�tzinfo)rZ	utcoffset�datetimeZ	timedelta�replace)�time�offsetrrr�_convert_to_naive_utc_time s

rc@seZdZdZdZdS)�Versionr�N)�__name__�
__module__�__qualname__Zv1�v3rrrrr.srcCs
|�|�S�N)�load_pem_x509_certificate��data�backendrrrr%3sr%cCs
|�|�Sr$)�load_der_x509_certificater&rrrr)7sr)cCs
|�|�Sr$)�load_pem_x509_csrr&rrrr*;sr*cCs
|�|�Sr$)�load_der_x509_csrr&rrrr+?sr+cCs
|�|�Sr$)�load_pem_x509_crlr&rrrr,Csr,cCs
|�|�Sr$)�load_der_x509_crlr&rrrr-Gsr-cseZdZ�fdd�Z�ZS)�InvalidVersioncstt|��|�||_dSr$)�superr.�__init__�parsed_version)�self�msgr1��	__class__rrr0LszInvalidVersion.__init__)r r!r"r0�
__classcell__rrr4rr.Ksr.c@s�eZdZejdd��Zejdd��Zejdd��Zejdd��Z	ejd	d
��Z
ejdd��Zejd
d��Zejdd��Z
ejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd ��Zejd!d"��Zd#S)$�CertificatecCsdS�z4
        Returns bytes using digest passed.
        Nr�r2�	algorithmrrr�fingerprintSszCertificate.fingerprintcCsdS)z3
        Returns certificate serial number
        Nr�r2rrr�
serial_numberYszCertificate.serial_numbercCsdS)z1
        Returns the certificate version
        Nrr<rrr�version_szCertificate.versioncCsdS�z(
        Returns the public key
        Nrr<rrr�
public_keyeszCertificate.public_keycCsdS)z?
        Not before time (represented as UTC datetime)
        Nrr<rrr�not_valid_beforekszCertificate.not_valid_beforecCsdS)z>
        Not after time (represented as UTC datetime)
        Nrr<rrr�not_valid_afterqszCertificate.not_valid_aftercCsdS)z1
        Returns the issuer name object.
        Nrr<rrr�issuerwszCertificate.issuercCsdS�z2
        Returns the subject name object.
        Nrr<rrr�subject}szCertificate.subjectcCsdS�zt
        Returns a HashAlgorithm corresponding to the type of the digest signed
        in the certificate.
        Nrr<rrr�signature_hash_algorithm�sz$Certificate.signature_hash_algorithmcCsdS�zJ
        Returns the ObjectIdentifier of the signature algorithm.
        Nrr<rrr�signature_algorithm_oid�sz#Certificate.signature_algorithm_oidcCsdS)z/
        Returns an Extensions object.
        Nrr<rrrr�szCertificate.extensionscCsdS�z.
        Returns the signature bytes.
        Nrr<rrr�	signature�szCertificate.signaturecCsdS)zR
        Returns the tbsCertificate payload bytes as defined in RFC 5280.
        Nrr<rrr�tbs_certificate_bytes�sz!Certificate.tbs_certificate_bytescCsdS�z"
        Checks equality.
        Nr�r2�otherrrr�__eq__�szCertificate.__eq__cCsdS�z#
        Checks not equal.
        NrrNrrr�__ne__�szCertificate.__ne__cCsdS�z"
        Computes a hash.
        Nrr<rrr�__hash__�szCertificate.__hash__cCsdS)zB
        Serializes the certificate to PEM or DER format.
        Nr�r2�encodingrrr�public_bytes�szCertificate.public_bytesN)r r!r"�abc�abstractmethodr;�abstractpropertyr=r>r@rArBrCrErGrIrrKrLrPrRrTrWrrrrr7QsD















r7c@s�eZdZejdd��Zejdd��Zejdd��Zejdd��Z	ejd	d
��Z
ejdd��Zejd
d��Zejdd��Z
ejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd ��Zejd!d"��Zd#S)$�CertificateRevocationListcCsdS)z:
        Serializes the CRL to PEM or DER format.
        NrrUrrrrW�sz&CertificateRevocationList.public_bytescCsdSr8rr9rrrr;�sz%CertificateRevocationList.fingerprintcCsdS)zs
        Returns an instance of RevokedCertificate or None if the serial_number
        is not in the CRL.
        Nr)r2r=rrr�(get_revoked_certificate_by_serial_number�szBCertificateRevocationList.get_revoked_certificate_by_serial_numbercCsdSrFrr<rrrrG�sz2CertificateRevocationList.signature_hash_algorithmcCsdSrHrr<rrrrI�sz1CertificateRevocationList.signature_algorithm_oidcCsdS)zC
        Returns the X509Name with the issuer of this CRL.
        Nrr<rrrrC�sz CertificateRevocationList.issuercCsdS)z?
        Returns the date of next update for this CRL.
        Nrr<rrr�next_update�sz%CertificateRevocationList.next_updatecCsdS)z?
        Returns the date of last update for this CRL.
        Nrr<rrr�last_update�sz%CertificateRevocationList.last_updatecCsdS)zS
        Returns an Extensions object containing a list of CRL extensions.
        Nrr<rrrr�sz$CertificateRevocationList.extensionscCsdSrJrr<rrrrK�sz#CertificateRevocationList.signaturecCsdS)zO
        Returns the tbsCertList payload bytes as defined in RFC 5280.
        Nrr<rrr�tbs_certlist_bytes�sz,CertificateRevocationList.tbs_certlist_bytescCsdSrMrrNrrrrPsz CertificateRevocationList.__eq__cCsdSrQrrNrrrrRsz CertificateRevocationList.__ne__cCsdS)z<
        Number of revoked certificates in the CRL.
        Nrr<rrr�__len__
sz!CertificateRevocationList.__len__cCsdS)zS
        Returns a revoked certificate (or slice of revoked certificates).
        Nr)r2�idxrrr�__getitem__sz%CertificateRevocationList.__getitem__cCsdS)z8
        Iterator over the revoked certificates
        Nrr<rrr�__iter__sz"CertificateRevocationList.__iter__cCsdS)zQ
        Verifies signature of revocation list against given public key.
        Nr)r2r@rrr�is_signature_validsz,CertificateRevocationList.is_signature_validN)r r!r"rXrYrWr;r\rZrGrIrCr]r^rrKr_rPrRr`rbrcrdrrrrr[�sD















r[c@s�eZdZejdd��Zejdd��Zejdd��Zejdd��Zej	d	d
��Z
ej	dd��Zej	d
d��Zej	dd��Z
ejdd��Zej	dd��Zej	dd��Zej	dd��ZdS)�CertificateSigningRequestcCsdSrMrrNrrrrP(sz CertificateSigningRequest.__eq__cCsdSrQrrNrrrrR.sz CertificateSigningRequest.__ne__cCsdSrSrr<rrrrT4sz"CertificateSigningRequest.__hash__cCsdSr?rr<rrrr@:sz$CertificateSigningRequest.public_keycCsdSrDrr<rrrrE@sz!CertificateSigningRequest.subjectcCsdSrFrr<rrrrGFsz2CertificateSigningRequest.signature_hash_algorithmcCsdSrHrr<rrrrIMsz1CertificateSigningRequest.signature_algorithm_oidcCsdS)z@
        Returns the extensions in the signing request.
        Nrr<rrrrSsz$CertificateSigningRequest.extensionscCsdS)z;
        Encodes the request to PEM or DER format.
        NrrUrrrrWYsz&CertificateSigningRequest.public_bytescCsdSrJrr<rrrrK_sz#CertificateSigningRequest.signaturecCsdS)zd
        Returns the PKCS#10 CertificationRequestInfo bytes as defined in RFC
        2986.
        Nrr<rrr�tbs_certrequest_bytesesz/CertificateSigningRequest.tbs_certrequest_bytescCsdS)z8
        Verifies signature of signing request.
        Nrr<rrrrdlsz,CertificateSigningRequest.is_signature_validN)r r!r"rXrYrPrRrTr@rZrErGrIrrWrKrfrdrrrrre&s0










rec@s6eZdZejdd��Zejdd��Zejdd��ZdS)�RevokedCertificatecCsdS)zG
        Returns the serial number of the revoked certificate.
        Nrr<rrrr=usz RevokedCertificate.serial_numbercCsdS)zH
        Returns the date of when this certificate was revoked.
        Nrr<rrr�revocation_date{sz"RevokedCertificate.revocation_datecCsdS)zW
        Returns an Extensions object containing a list of Revoked extensions.
        Nrr<rrrr�szRevokedCertificate.extensionsN)r r!r"rXrZr=rhrrrrrrgss

rgc@s2eZdZdgfdd�Zdd�Zdd�Zdd	�ZdS)
� CertificateSigningRequestBuilderNcCs||_||_dS)zB
        Creates an empty X.509 certificate request (v1).
        N)�
_subject_name�_extensions)r2�subject_namerrrrr0�sz)CertificateSigningRequestBuilder.__init__cCs0t|t�std��|jdk	r$td��t||j�S)zF
        Sets the certificate requestor's distinguished name.
        �Expecting x509.Name object.N�&The subject name may only be set once.)�
isinstancer�	TypeErrorrjrrirk�r2�namerrrrl�s


z-CertificateSigningRequestBuilder.subject_namecCs@t|t�std��t|j||�}t||j�t|j|j|g�S)zE
        Adds an X.509 extension to the certificate request.
        �"extension must be an ExtensionType)	ror
rprrrrkrirj�r2rZcriticalrrr�
add_extension�s

�z.CertificateSigningRequestBuilder.add_extensioncCs |jdkrtd��|�|||�S)zF
        Signs the request using the requestor's private key.
        Nz/A CertificateSigningRequest must have a subject)rjrZcreate_x509_csr�r2Zprivate_keyr:r(rrr�sign�s
z%CertificateSigningRequestBuilder.sign)r r!r"r0rlrurwrrrrri�s
ric@sdeZdZddddddgfdd�Zdd�Zdd�Zdd	�Zd
d�Zdd
�Zdd�Z	dd�Z
dd�ZdS)�CertificateBuilderNcCs6tj|_||_||_||_||_||_||_||_	dSr$)
rr#Z_version�_issuer_namerj�_public_key�_serial_number�_not_valid_before�_not_valid_afterrk)r2�issuer_namerlr@r=rArBrrrrr0�szCertificateBuilder.__init__cCsDt|t�std��|jdk	r$td��t||j|j|j|j	|j
|j�S)z3
        Sets the CA's distinguished name.
        rmN�%The issuer name may only be set once.)rorrpryrrxrjrzr{r|r}rkrqrrrr~�s

�zCertificateBuilder.issuer_namecCsDt|t�std��|jdk	r$td��t|j||j|j|j	|j
|j�S)z:
        Sets the requestor's distinguished name.
        rmNrn)rorrprjrrxryrzr{r|r}rkrqrrrrl�s

�zCertificateBuilder.subject_namecCsXt|tjtjtjtjt	j
f�s&td��|jdk	r8t
d��t|j|j||j|j|j|j�S)zT
        Sets the requestor's public key (as found in the signing request).
        zhExpecting one of DSAPublicKey, RSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey or Ed448PublicKey.Nz$The public key may only be set once.)rorZDSAPublicKeyrZRSAPublicKeyrZEllipticCurvePublicKeyr	ZEd25519PublicKeyr
ZEd448PublicKeyrprzrrxryrjr{r|r}rk)r2�keyrrrr@�s"�
�zCertificateBuilder.public_keycCsjt|tj�std��|jdk	r&td��|dkr6td��|��dkrJtd��t|j|j	|j
||j|j|j
�S)z5
        Sets the certificate serial number.
        �'Serial number must be of integral type.N�'The serial number may only be set once.rz%The serial number should be positive.��3The serial number should not be more than 159 bits.)ro�six�
integer_typesrpr{r�
bit_lengthrxryrjrzr|r}rk�r2Znumberrrrr=�s"
�z CertificateBuilder.serial_numbercCszt|tj�std��|jdk	r&td��t|�}|tkr>td��|jdk	rZ||jkrZtd��t|j	|j
|j|j||j|j
�S)z7
        Sets the certificate activation time.
        �Expecting datetime object.Nz*The not valid before may only be set once.z>The not valid before date must be on or after 1950 January 1).zBThe not valid before date must be before the not valid after date.)rorrpr|rr�_EARLIEST_UTC_TIMEr}rxryrjrzr{rk�r2rrrrrAs(
��z#CertificateBuilder.not_valid_beforecCszt|tj�std��|jdk	r&td��t|�}|tkr>td��|jdk	rZ||jkrZtd��t|j	|j
|j|j|j||j
�S)z7
        Sets the certificate expiration time.
        r�Nz)The not valid after may only be set once.z<The not valid after date must be on or after 1950 January 1.zAThe not valid after date must be after the not valid before date.)rorrpr}rrr�r|rxryrjrzr{rkr�rrrrBs,

���z"CertificateBuilder.not_valid_afterc	CsTt|t�std��t|j||�}t||j�t|j|j	|j
|j|j|j
|j|g�S)z=
        Adds an X.509 extension to the certificate.
        rs)ror
rprrrrkrxryrjrzr{r|r}rtrrrru2s

�z CertificateBuilder.add_extensioncCsz|jdkrtd��|jdkr$td��|jdkr6td��|jdkrHtd��|jdkrZtd��|jdkrltd��|�|||�S)zC
        Signs the certificate using the CA's private key.
        Nz&A certificate must have a subject namez&A certificate must have an issuer namez'A certificate must have a serial numberz/A certificate must have a not valid before timez.A certificate must have a not valid after timez$A certificate must have a public key)rjrryr{r|r}rzZcreate_x509_certificatervrrrrwBs





zCertificateBuilder.sign)r r!r"r0r~rlr@r=rArBrurwrrrrrx�s�
rxc@sPeZdZdddggfdd�Zdd�Zdd�Zdd	�Zd
d�Zdd
�Zdd�Z	dS)� CertificateRevocationListBuilderNcCs"||_||_||_||_||_dSr$)ry�_last_update�_next_updaterk�_revoked_certificates)r2r~r^r]rZrevoked_certificatesrrrr0\s
z)CertificateRevocationListBuilder.__init__cCs<t|t�std��|jdk	r$td��t||j|j|j|j	�S)Nrmr)
rorrpryrr�r�r�rkr�)r2r~rrrr~ds

�z,CertificateRevocationListBuilder.issuer_namecCsrt|tj�std��|jdk	r&td��t|�}|tkr>td��|jdk	rZ||jkrZtd��t|j	||j|j
|j�S)Nr��!Last update may only be set once.�8The last update date must be on or after 1950 January 1.z9The last update date must be before the next update date.)rorrpr�rrr�r�r�ryrkr�)r2r^rrrr^ns$
��z,CertificateRevocationListBuilder.last_updatecCsrt|tj�std��|jdk	r&td��t|�}|tkr>td��|jdk	rZ||jkrZtd��t|j	|j||j
|j�S)Nr�r�r�z8The next update date must be after the last update date.)rorrpr�rrr�r�r�ryrkr�)r2r]rrrr]�s$
��z,CertificateRevocationListBuilder.next_updatecCsLt|t�std��t|j||�}t||j�t|j|j	|j
|j|g|j�S)zM
        Adds an X.509 extension to the certificate revocation list.
        rs)ror
rprrrrkr�ryr�r�r�rtrrrru�s

�z.CertificateRevocationListBuilder.add_extensioncCs2t|t�std��t|j|j|j|j|j|g�S)z8
        Adds a revoked certificate to the CRL.
        z)Must be an instance of RevokedCertificate)	rorgrpr�ryr�r�rkr�)r2Zrevoked_certificaterrr�add_revoked_certificate�s

�z8CertificateRevocationListBuilder.add_revoked_certificatecCsD|jdkrtd��|jdkr$td��|jdkr6td��|�|||�S)NzA CRL must have an issuer namez"A CRL must have a last update timez"A CRL must have a next update time)ryrr�r�Zcreate_x509_crlrvrrrrw�s


z%CertificateRevocationListBuilder.sign)
r r!r"r0r~r^r]rur�rwrrrrr�[s�


r�c@s<eZdZddgfdd�Zdd�Zdd�Zdd	�Zd
d�ZdS)�RevokedCertificateBuilderNcCs||_||_||_dSr$)r{�_revocation_daterk)r2r=rhrrrrr0�sz"RevokedCertificateBuilder.__init__cCsZt|tj�std��|jdk	r&td��|dkr6td��|��dkrJtd��t||j|j	�S)Nr�r�rz$The serial number should be positiver�r�)
ror�r�rpr{rr�r�r�rkr�rrrr=�s
�z'RevokedCertificateBuilder.serial_numbercCsNt|tj�std��|jdk	r&td��t|�}|tkr>td��t|j||j	�S)Nr�z)The revocation date may only be set once.z7The revocation date must be on or after 1950 January 1.)
rorrpr�rrr�r�r{rkr�rrrrh�s
�z)RevokedCertificateBuilder.revocation_datecCsDt|t�std��t|j||�}t||j�t|j|j	|j|g�S)Nrs)
ror
rprrrrkr�r{r�rtrrrru�s

�z'RevokedCertificateBuilder.add_extensioncCs.|jdkrtd��|jdkr$td��|�|�S)Nz/A revoked certificate must have a serial numberz1A revoked certificate must have a revocation date)r{rr�Zcreate_x509_revoked_certificate)r2r(rrr�build�s

�zRevokedCertificateBuilder.build)r r!r"r0r=rhrur�rrrrr��s�

r�cCst�t�d�d�d?S)N�Zbigr)rZint_from_bytes�os�urandomrrrr�random_serial_number�sr�)/Z
__future__rrrrXrr��enumrr�ZcryptographyrZ)cryptography.hazmat.primitives.asymmetricrrr	r
rZcryptography.x509.extensionsrr
Zcryptography.x509.namerr�rrrr%r)r*r+r,r-�	Exceptionr.Z
add_metaclass�ABCMeta�objectr7r[rergrirxr�r�r�rrrr�<module>sD
i
j
L
)+_;

Zerion Mini Shell 1.0