o V h9@sUddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z mZGdddejZdd eDZe jeje jeje jeje jeje jeje jejiZd ed <ejeefZejeefZe j d e j!d e j"de j#de j$de jde j%de jde j&di Z'ded<dd e'(DZ)e jde jde j diZ*d*ddZ+d+d d!Z,Gd"d#d#Z-Gd$d%d%Z.Gd&d'd'Z/Gd(d)d)Z0dS),) annotationsN)utils)x509)NameOIDObjectIdentifierc@s<eZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd S) _ASN1Type N)__name__ __module__ __qualname__ BitString OctetString UTF8String NumericStringPrintableString T61String IA5StringUTCTimeGeneralizedTime VisibleStringUniversalString BMPStringr#r#j/var/www/html/construction_image-detection-poc/venv/lib/python3.10/site-packages/cryptography/x509/name.pyrsrcCsi|]}|j|qSr#)value.0ir#r#r$ !sr)z!dict[ObjectIdentifier, _ASN1Type]_NAMEOID_DEFAULT_TYPECNLSTOOUCSTREETDCUID _OidNameMap_NAMEOID_TO_NAMEcCsi|]\}}||qSr#r#)r'kvr#r#r$r)<s)r8)@val str | bytesreturnstrcCs|sdSt|trdt|dS|dd}|dd}|dd }|d d }|d d }|dd}|dd}|dd}|ddvrMd|}|ddkr[|ddd}|S)z>Escape special characters in RFC4514 Distinguished Name value.#utf8\z\\"z\"+z\+,z\,;z\;z\>z\00r)r@ rJNz\ ) isinstancebytesbinasciihexlifydecodereplace)r;r#r#r$_escape_dn_valueEs"           rRcCs|sdSdd}tj||S)Nr?cSs(|d}t|dkr |Stt|dS)Nr9)grouplenchrint)mr;r#r#r$subjs  z_unescape_dn_value..sub)_RFC4514NameParser_PAIR_RErY)r;rYr#r#r$_unescape_dn_valuebsr\c@sveZdZ d$ddd%ddZed&ddZed'ddZed(ddZ d$d)ddZd*ddZ d+d d!Z d(d"d#Z dS), NameAttributeNT) _validateoidrr%r<_type_ASN1Type | Noner^boolr=Nonec Cs t|ts td|tjkr!|tjkrtdt|ts tdn t|ts*tdt |}|durg|\}}t|ts>Jt | d}||ksM||krgd|d|d|} |d ur`t | tj| d d |durrt |tj}t|ts{td ||_||_||_dS) Nz2oid argument must be an ObjectIdentifier instance.z6oid must be X500_UNIQUE_IDENTIFIER for BitString type.z!value must be bytes for BitStringzvalue argument must be a strrAzAttribute's length must be >= z and <= z , but it was Tr8) stacklevelz%_type must be from the _ASN1Type enum)rLr TypeErrorrrrX500_UNIQUE_IDENTIFIERrMr>_NAMEOID_LENGTH_LIMITgetrUencode ValueErrorwarningswarnr*r_oid_valuer`) selfr_r%r`r^ length_limits min_length max_lengthc_lenmsgr#r#r$__init__vsH        zNameAttribute.__init__cC|jSN)rmror#r#r$r_zNameAttribute.oidcCrvrw)rnrxr#r#r$r%ryzNameAttribute.valuer>cCst|j|jjS)zt The short attribute name (for example "CN") if available, otherwise the OID dotted string. )r5rhr_ dotted_stringrxr#r#r$rfc4514_attribute_namez$NameAttribute.rfc4514_attribute_nameattr_name_overrides_OidNameMap | NonecCs6|r||jnd}|dur|j}|dt|jS)z Format as RFC4514 Distinguished Name string. Use short attribute name if available, otherwise fall back to OID dotted string. N=)rhr_r{rRr%)ror} attr_namer#r#r$rfc4514_strings  zNameAttribute.rfc4514_stringotherobjectcCs&t|tstS|j|jko|j|jkSrw)rLr]NotImplementedr_r%rorr#r#r$__eq__s zNameAttribute.__eq__rWcCst|j|jfSrw)hashr_r%rxr#r#r$__hash__zNameAttribute.__hash__cCsd|jd|jdS)Nz)r_r%rxr#r#r$__repr__szNameAttribute.__repr__rw) r_rr%r<r`rar^rbr=rc)r=r)r=r<r=r>r}r~r=r>rrr=rbr=rW) rrrrupropertyr_r%r{rrrrr#r#r#r$r]us 6     r]c@s`eZdZd ddZd!d d Z d"d#ddZd$ddZd%ddZd&ddZd%ddZ d'ddZ d S)(RelativeDistinguishedName attributestyping.Iterable[NameAttribute]cCs\t|}|s tdtdd|Dstd||_t||_t|jt|kr,tddS)Nz-a relative distinguished name cannot be emptycs|]}t|tVqdSrwrLr]r'xr#r#r$ z5RelativeDistinguishedName.__init__..z/attributes must be an iterable of NameAttributez$duplicate attributes are not allowed)listrjallre _attributes frozenset_attribute_setrUrorr#r#r$rus z"RelativeDistinguishedName.__init__r_rr=list[NameAttribute]cfdd|DS)Ncg|] }|jkr|qSr#r_r&rr#r$ zDRelativeDistinguishedName.get_attributes_for_oid..r#ror_r#rr$get_attributes_for_oidz0RelativeDistinguishedName.get_attributes_for_oidNr}r~r>csdfdd|jDS)z Format as RFC4514 Distinguished Name string. Within each RDN, attributes are joined by '+', although that is rarely used in certificates. rDc3|]}|VqdSrwrr'attrr}r#r$r  z;RelativeDistinguishedName.rfc4514_string..joinrror}r#rr$rs z(RelativeDistinguishedName.rfc4514_stringrrrbcCt|tstS|j|jkSrw)rLrrrrr#r#r$r  z RelativeDistinguishedName.__eq__rWcC t|jSrw)rrrxr#r#r$r z"RelativeDistinguishedName.__hash__typing.Iterator[NameAttribute]cCrrw)iterrrxr#r#r$__iter__rz"RelativeDistinguishedName.__iter__cCrrw)rUrrxr#r#r$__len__rz!RelativeDistinguishedName.__len__cCsd|dS)NzNamerrr=rccCdSrwr#rr#r#r$rusz Name.__init__*typing.Iterable[RelativeDistinguishedName]cCrrwr#rr#r#r$rus:typing.Iterable[NameAttribute | RelativeDistinguishedName]cCs`t|}tdd|Drdd|D|_dStdd|Dr,ttjt||_dStd)Ncsrrwrrr#r#r$rrz Name.__init__..cSsg|] }ttt|gqSr#)rtypingcastr]rr#r#r$rsz!Name.__init__..csrrw)rLrrr#r#r$r"rzNattributes must be a list of NameAttribute or a list RelativeDistinguishedName)rrrrrListrrerr#r#r$rus   Ndatar>r}_NameOidMap | NonecCst||piSrw)rZparse)clsrr}r#r#r$from_rfc4514_string,r|zName.from_rfc4514_stringr~csdfddt|jDS)a Format as RFC4514 Distinguished Name string. For example 'CN=foobar.com,O=Foo Corp,C=US' An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in real world certificates. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. rEc3rrwrrrr#r$rArz&Name.rfc4514_string..)rreversedrrr#rr$r4s zName.rfc4514_stringr_rrcr)Ncrr#rr&rr#r$rIrz/Name.get_attributes_for_oid..r#rr#rr$rFrzName.get_attributes_for_oidlist[RelativeDistinguishedName]cCrvrwrrxr#r#r$rdnsKryz Name.rdnsbackend typing.AnyrMcCs t|Srw) rust_x509encode_name_bytes)rorr#r#r$ public_bytesOrzName.public_bytesrrrbcCrrw)rLrrrrr#r#r$rRrz Name.__eq__rWcCstt|jSrw)rtuplerrxr#r#r$rXsz Name.__hash__rccs|jD]}|EdHqdSrwr)rordnr#r#r$r]s  z Name.__iter__cCstdd|jDS)Ncss|]}t|VqdSrw)rU)r'rr#r#r$rbzName.__len__..)sumrrxr#r#r$rasz Name.__len__cCs"ddd|jD}d|dS)NrEcss|]}|VqdSrwrrr#r#r$rerz Name.__repr__..zr}rr=rrr)r=r)rrr=rMrrrr)rrrroverloadru classmethodrrrrrrrrrrrr#r#r#r$rs(          rc@seZdZedZedZdZeeZdZ dZ dZ de e jdZe d eZe d eZe d eZed ed ed ed ed ed ed ejZedZd,ddZd-ddZd.ddZd/ddZd0d d!Zd1d#d$Zd2d&d'Zd3d)d*Zd+S)4rZz!(0|([1-9]\d*))(\.(0|([1-9]\d*)))+z[a-zA-Z][a-zA-Z\d-]*z!\\([\\ #=\"\+,;<>]|[\da-zA-Z]{2})z7[\x01-\x1f\x21\x24-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z3[\x01-\x21\x23-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z7[\x01-\x1F\x21\x23-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z[\x80-]|z ( (z!) ( (z)* (z$) )? )? z#([\da-zA-Z]{2})+rr>r} _NameOidMapr=rccCs||_d|_||_dS)Nr)_data_idx_attr_name_overrides)rorr}r#r#r$rus z_RFC4514NameParser.__init__rbcCs|jt|jkSrw)rrUrrxr#r#r$ _has_datarz_RFC4514NameParser._has_data str | NonecCs|r |j|jSdSrw)rrrrxr#r#r$_peeks z_RFC4514NameParser._peekchcCs"||krt|jd7_dS)Nr9)rrjr)rorr#r#r$ _read_chars z_RFC4514NameParser._read_charcCs<|j|j|jd}|durt|}|jt|7_|S)N)pos)matchrrrjrTrU)ropatrr;r#r#r$_read_res z_RFC4514NameParser._read_rercCsN|stgS|g}|r!|d|||stt|S)a' Parses the `data` string and converts it to a Name. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. So, when we parse it, we need to reverse again to get the RDNs on the correct order. rE)rr _parse_rdnrappendrrr#r#r$rs    z_RFC4514NameParser.parsercCsB|g}|dkr|d|||dks t|S)NrD) _parse_narrrr)ronasr#r#r$rs    z_RFC4514NameParser._parse_rdnr]c Csz||j}Wnty'||j}|j|t|}|dur%tYnwt|}|d| dkrI||j }t |dd }n ||j}t|}t||S)Nrr@r9)r_OID_RErj _DESCR_RErrh_NAME_TO_NAMEOIDrrr _HEXSTRING_RErN unhexlifyrP _STRING_REr\r])ro oid_valuenamer_r% raw_valuer#r#r$rs&        z_RFC4514NameParser._parse_naN)rr>r}rr=rc)r=rb)r=r)rr>r=rcr)r=r)r=r)r=r])rrrrecompilerr_PAIRr[_LUTF1_SUTF1_TUTF1rVsys maxunicode_UTFMB _LEADCHAR _STRINGCHAR _TRAILCHARVERBOSErrrurrrrrrrr#r#r#r$rZisJ           rZ)r;r<r=r>)r;r>r=r>)1 __future__rrNrrrrk cryptographyr"cryptography.hazmat.bindings._rustrrcryptography.x509.oidrrEnumr_ASN1_TYPE_TO_ENUM COUNTRY_NAMErJURISDICTION_COUNTRY_NAME SERIAL_NUMBER DN_QUALIFIER EMAIL_ADDRESSrDOMAIN_COMPONENTr*__annotations__Mappingr>r4r COMMON_NAME LOCALITY_NAMESTATE_OR_PROVINCE_NAMEORGANIZATION_NAMEORGANIZATIONAL_UNIT_NAMESTREET_ADDRESSUSER_IDr5itemsrrgrRr\r]rrrZr#r#r#r$sR        e5Z