o >bA!@sddlZddlmZddlmZddlmZmZGdddejZ dde DZ e Z ej e jeje jeje jeje jeje jeje jiZejd ejd ejd ejd ejd ej dejdejdejdi ZddZGddde ZGddde Z Gddde Z!dS)N)utils) _get_backend)NameOIDObjectIdentifierc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) _ASN1Type N) __name__ __module__ __qualname__ UTF8StringZ NumericStringPrintableStringZ T61String IA5StringZUTCTimeZGeneralizedTimeZ VisibleStringZUniversalStringZ BMPStringrr8/usr/lib/python3/dist-packages/cryptography/x509/name.pyr srcCsi|]}|j|qSr)value.0irrr srZCNLZSTOZOUCZSTREETZDCZUIDcCs|sdS|dd}|dd}|dd}|dd }|d d }|d d }|dd}|dd}|ddvr>d|}|ddkrL|ddd}|S)z>Escape special characters in RFC4514 Distinguished Name value.\z\\"z\"+z\+,z\,;z\;z\>z\00r)# r+Nz\ )replace)valrrr_escape_dn_value3s          r/c@seZdZefdedefddZedZ edZ defdd Z d e de fd d Zd e de fd dZdefddZdefddZdS) NameAttributeoidrcCst|ts tdt|tstd|tjks|tjkr)t|ddkr)t d|t kr4t |t j}t|t s=td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z#value argument must be a text type.utf8z/Country name must be a 2 character country codez%_type must be from the _ASN1Type enum) isinstancer TypeErrorstrr COUNTRY_NAMEJURISDICTION_COUNTRY_NAMElenencode ValueError _SENTINEL_NAMEOID_DEFAULT_TYPEgetrr_oid_value_type)selfr1rrArrr__init__Ls*     zNameAttribute.__init__r?r@returncCs$t|j|jj}d|t|jfS)z Format as RFC4514 Distinguished Name string. Use short attribute name if available, otherwise fall back to OID dotted string. z%s=%s)_NAMEOID_TO_NAMEr>r1Z dotted_stringr/r)rBkeyrrrrfc4514_stringqszNameAttribute.rfc4514_stringothercCs&t|tstS|j|jko|j|jkSN)r4r0NotImplementedr1rrBrHrrr__eq__{s zNameAttribute.__eq__cC ||k SrIrrKrrr__ne__ zNameAttribute.__ne__cCst|j|jfSrI)hashr1rrBrrr__hash__szNameAttribute.__hash__cCs d|S)Nz/)formatrQrrr__repr__rOzNameAttribute.__repr__N)rrrr<rr6rCrZread_only_propertyr1rrGobjectboolrLrNintrRrTrrrrr0Ks "  r0c@seZdZdejefddZdejefddZde fddZ d e de fd d Z d e de fd d ZdefddZdejefddZdefddZde fddZdS)RelativeDistinguishedName attributescCs\t|}|s tdtdd|Dstd||_t||_t|jt|kr,tddS)Nz-a relative distinguished name cannot be emptycs|]}t|tVqdSrIr4r0rxrrr z5RelativeDistinguishedName.__init__..z/attributes must be an iterable of NameAttributez$duplicate attributes are not allowed)listr;allr5 _attributes frozenset_attribute_setr9rBrYrrrrCs z"RelativeDistinguishedName.__init__rDcfdd|DS)Ncg|] }|jkr|qSrr1rrhrr zDRelativeDistinguishedName.get_attributes_for_oid..rrBr1rrhrget_attributes_for_oidz0RelativeDistinguishedName.get_attributes_for_oidcCsddd|jDS)z Format as RFC4514 Distinguished Name string. Within each RDN, attributes are joined by '+', although that is rarely used in certificates. r$cs|]}|VqdSrIrGrattrrrrr^z;RelativeDistinguishedName.rfc4514_string..)joinrbrQrrrrGsz(RelativeDistinguishedName.rfc4514_stringrHcCt|tstS|j|jkSrI)r4rXrJrdrKrrrrL  z RelativeDistinguishedName.__eq__cCrMrIrrKrrrrNrOz RelativeDistinguishedName.__ne__cC t|jSrI)rPrdrQrrrrRrOz"RelativeDistinguishedName.__hash__cCrvrI)iterrbrQrrr__iter__rOz"RelativeDistinguishedName.__iter__cCrvrI)r9rbrQrrr__len__rOz!RelativeDistinguishedName.__len__cCsd|S)Nz)rSrGrQrrrrTsz"RelativeDistinguishedName.__repr__N)rrrtypingIterabler0rCListrlr6rGrUrVrLrNrWrRIteratorrxryrTrrrrrXs rXc@seZdZddZdefddZdejefddZ e dej e fdd Z ddefd d Zd edefddZd edefddZdefddZdejefddZdefddZdefddZd S)NamecCsRt|}tdd|Drdd|D|_dStdd|Dr%||_dStd)NcsrZrIr[r\rrrr^r_z Name.__init__..cSsg|]}t|gqSr)rXr\rrrris z!Name.__init__..csrZrI)r4rXr\rrrr^r_zNattributes must be a list of NameAttribute or a list RelativeDistinguishedName)r`rarbr5rerrrrCs  z Name.__init__rDcCsdddt|jDS)a Format as RFC4514 Distinguished Name string. For example 'CN=foobar.com,O=Foo Corp,C=US' An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in real world certificates. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. r%csrnrIrorprrrr^s z&Name.rfc4514_string..)rsreversedrbrQrrrrGs zName.rfc4514_stringcrf)Ncrgrrhrrhrrrirjz/Name.get_attributes_for_oid..rrkrrhrrlrmzName.get_attributes_for_oidcCs|jSrIrbrQrrrrdnssz Name.rdnsNcCst|}||SrI)rZx509_name_bytes)rBZbackendrrr public_bytess zName.public_bytesrHcCrtrI)r4r~rJrbrKrrrrLruz Name.__eq__cCrMrIrrKrrrrNrOz Name.__ne__cCstt|jSrI)rPtuplerbrQrrrrRsz Name.__hash__ccs"|jD] }|D]}|VqqdSrIr)rBrdnZavarrrrxs  z Name.__iter__cCstdd|jDS)Ncss|]}t|VqdSrI)r9)rrrrrr^rrzName.__len__..)sumrbrQrrrrysz Name.__len__cCs ddd|jD}d|S)Nr%csrnrIrorprrrr^rrz Name.__repr__..z )rsrbrS)rBrrrrrTs z Name.__repr__rI)rrrrCr6rGrzr|r0rlpropertyr{rXrbytesrrUrVrLrNrWrRr}rxryrTrrrrr~sr~)"rzZ cryptographyrZcryptography.hazmat.backendsrZcryptography.x509.oidrrEnumrZ_ASN1_TYPE_TO_ENUMrUr<r7rr8Z SERIAL_NUMBERZ DN_QUALIFIERZ EMAIL_ADDRESSrZDOMAIN_COMPONENTr=Z COMMON_NAMEZ LOCALITY_NAMEZSTATE_OR_PROVINCE_NAMEZORGANIZATION_NAMEZORGANIZATIONAL_UNIT_NAMEZSTREET_ADDRESSZUSER_IDrEr/r0rXr~rrrrs8     @1