˺h9UddlmZddlZddlZddlZddlZddlZddlmZddl m Z ddl m Z mZGddejZdeDZe jeje jeje jeje jeje jeje jejiZd ed <ejeefZejeefZe j d e j!d e j"d e j#de j$de jde j%de jde j&di Z'ded<de'(DZ)e jde jde j diZ*d'dZ+d(dZ,Gdd Z-Gd!d"Z.Gd#d$Z/Gd%d&Z0dS))) annotationsN)utils)x509)NameOIDObjectIdentifierc>eZdZdZdZdZdZdZdZdZ dZ d Z d Z d Z d Zd S) _ASN1Type N)__name__ __module__ __qualname__ BitString OctetString UTF8String NumericStringPrintableString T61String IA5StringUTCTimeGeneralizedTime VisibleStringUniversalString BMPStringx/builddir/build/BUILD/imunify360-venv-2.5.2/opt/imunify360/venv/lib64/python3.11/site-packages/cryptography/x509/name.pyr r sJIKJMOIIGOMOIIIr&r ci|] }|j| Sr%)value).0is r' r,!s444Qagq444r&z!dict[ObjectIdentifier, _ASN1Type]_NAMEOID_DEFAULT_TYPECNLSTOOUCSTREETDCUID _OidNameMap_NAMEOID_TO_NAMEci|]\}}|| Sr%r%)r*kvs r'r,r,<s>>>TQAq>>>r&)r<)@val str | bytesreturnstrc<|sdSt|tr*dtj|dzS|dd}|dd}|dd }|d d }|d d }|dd}|dd}|dd}|ddvrd|z}|ddkr |dddz}|S)z>Escape special characters in RFC4514 Distinguished Name value.#utf8\z\\"z\"+z\+,z\,;z\;z\>z\00r)rE rONz\ ) isinstancebytesbinasciihexlifydecodereplace)r?s r'_escape_dn_valuerWEs r#u:X%c**11&9999 ++dF # #C ++c5 ! !C ++c5 ! !C ++c5 ! !C ++c5 ! !C ++c5 ! !C ++c5 ! !C ++dF # #C 1vSj 2w#~~#2#h Jr&cP|sdSd}tj||S)NrDc|d}t|dkr|Stt|dS)Nr=)grouplenchrint)mr?s r'subz_unescape_dn_value..subjs;ggajj s88q==J3sB<<   r&)_RFC4514NameParser_PAIR_REr`)r?r`s r'_unescape_dn_valuercbs9 r !!!  & * *3 4 44r&ceZdZ dddddZeddZeddZed dZ dd!dZd"dZ d#dZ d dZ dS)$ NameAttributeNT) _validateoidrr)r@_type_ASN1Type | NonerfboolrANonec2t|tstd|tjkrD|t jkrtdt|tstdn$t|tstdt |}|~|\}}t|tsJt| d}||ks||kr4d|d|d|} |d urt| tj| d |%t |tj}t|tstd ||_||_||_dS) Nz2oid argument must be an ObjectIdentifier instance.z6oid must be X500_UNIQUE_IDENTIFIER for BitString type.z!value must be bytes for BitStringzvalue argument must be a strrFzAttribute's length must be >= z and <= z , but it was Tr<) stacklevelz%_type must be from the _ASN1Type enum)rQr TypeErrorr rrX500_UNIQUE_IDENTIFIERrRrB_NAMEOID_LENGTH_LIMITgetr\encode ValueErrorwarningswarnr-r_oid_valuerh) selfrgr)rhrf length_limits min_length max_lengthc_lenmsgs r'__init__zNameAttribute.__init__vs#/00 D  I' ' 'g444LeU++ E CDDD EeS)) @ >???-11#66  $%2 "J eS)) ) )) V,,--Ez!!UZ%7%7;Z;;$;;38;;$$$S//)M#!4444 =)--c93GHHE%++ ECDD D   r&c|jSN)rvrxs r'rgzNameAttribute.oids yr&c|jSr)rwrs r'r)zNameAttribute.values {r&rBcVt|j|jjS)zt The short attribute name (for example "CN") if available, otherwise the OID dotted string. )r8rqrg dotted_stringrs r'rfc4514_attribute_namez$NameAttribute.rfc4514_attribute_names!  ##DHdh.DEEEr&attr_name_overrides_OidNameMap | Nonec|r||jnd}||j}|dt|jS)z Format as RFC4514 Distinguished Name string. Use short attribute name if available, otherwise fall back to OID dotted string. N=)rqrgrrWr))rxr attr_names r'rfc4514_stringzNameAttribute.rfc4514_stringsW2E N  # #DH - - -$   3I<<.tz::<<)rgr)rs r'__repr__zNameAttribute.__repr__sGTXGGtzGGGGr&r) rgrr)r@rhrirfrjrArk)rAr)rAr@rArBrrrArBrrrArjrAr^) rrrr~propertyrgr)rrrrrr%r&r'rereus  #' 4  444444lXXFFFXF9======"CCCC ,,,,HHHHHHr&recReZdZddZddZ ddd ZddZddZddZddZ ddZ d S) RelativeDistinguishedName attributestyping.Iterable[NameAttribute]c4t|}|stdtd|Dstd||_t ||_t|jt|krtddS)Nz-a relative distinguished name cannot be emptyc3@K|]}t|tVdSrrQrer*xs r' z5RelativeDistinguishedName.__init__..s,DDA:a//DDDDDDr&z/attributes must be an iterable of NameAttributez$duplicate attributes are not allowed)listrsallrn _attributes frozenset_attribute_setr\rxrs r'r~z"RelativeDistinguishedName.__init__s*%%  NLMM MDDDDDDD OMNN N&' 33 t" # #s: 6 6CDD D 7 6r&rgrrAlist[NameAttribute]c fd|DS)Nc*g|]}|jk |Sr%rgr*r+rgs r' zDRelativeDistinguishedName.get_attributes_for_oid.. 000a15C<<<<.F      3 4 4      r&joinrrxrs `r'rz(RelativeDistinguishedName.rfc4514_stringsDxx    (      r&rrrjcZt|tstS|j|jkSr)rQrrrrs r'rz RelativeDistinguishedName.__eq__s,%!:;; "! !"e&:::r&r^c*t|jSr)rrrs r'rz"RelativeDistinguishedName.__hash__sD'(((r&typing.Iterator[NameAttribute]c*t|jSr)iterrrs r'__iter__z"RelativeDistinguishedName.__iter__sD$%%%r&c*t|jSr)r\rrs r'__len__z!RelativeDistinguishedName.__len__s4#$$$r&c2d|dS)Nz.s,@@z!]++@@@@@@r&c^g|]*}ttjt|g+Sr%)rtypingcastrers r'rz!Name.__init__..s?   *6;}a+H+H*IJJ   r&c3@K|]}t|tVdSr)rQrrs r'rz Name.__init__.."s-NNaA899NNNNNNr&zNattributes must be a list of NameAttribute or a list RelativeDistinguishedName)rrrrrListrrnrs r'r~z Name.__init__s*%% @@Z@@@ @ @   #   D   NN:NNN N N %{ 56   D   7 r&NdatarBr_NameOidMap | NonecJt||piSr)raparse)clsrrs r'from_rfc4514_stringzName.from_rfc4514_string,s& "$(;(ArBBHHJJJr&rcjdfdt|jDS)a Format as RFC4514 Distinguished Name string. For example 'CN=foobar.com,O=Foo Corp,C=US' An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in real world certificates. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. rJc3BK|]}|VdSrrrs r'rz&Name.rfc4514_string..Arr&)rreversedrrs `r'rzName.rfc4514_string4sLxx     !122      r&rgrrc fd|DS)Nc*g|]}|jk |Sr%rrs r'rz/Name.get_attributes_for_oid..Irr&r%rs `r'rzName.get_attributes_for_oidFrr&list[RelativeDistinguishedName]c|jSrrrs r'rdnsz Name.rdnsKs r&backend typing.AnyrRc*tj|Sr) rust_x509encode_name_bytes)rxrs r' public_byteszName.public_bytesOs*4000r&rrrjcZt|tstS|j|jkSr)rQrrrrs r'rz Name.__eq__Rs+%&& "! !5#444r&r^cDtt|jSr)rtuplerrs r'rz Name.__hash__XsE$*++,,,r&rc#.K|jD] }|Ed{V dSrr)rxrdns r'rz Name.__iter__]s5#  CNNNNNNNN  r&c>td|jDS)Nc34K|]}t|VdSr)r\)r*rs r'rzName.__len__..bs(883s88888888r&)sumrrs r'rz Name.__len__as"88t'7888888r&cVdd|jD}d|dS)NrJc3>K|]}|VdSrr)r*rs r'rz Name.__repr__..es.KK$++--KKKKKKr&z]|[\da-zA-Z]{2})z7[\x01-\x1f\x21\x24-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z3[\x01-\x21\x23-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z7[\x01-\x1F\x21\x23-\x2A\x2D-\x3A\x3D\x3F-\x5B\x5D-\x7F]z[\x80-]|z ( (z!) ( (z)* (z$) )? )? z#([\da-zA-Z]{2})+rrBr _NameOidMaprArkc0||_d|_||_dS)Nr)_data_idx_attr_name_overrides)rxrrs r'r~z_RFC4514NameParser.__init__s  $7!!!r&rjc<|jt|jkSr)rr\rrs r' _has_dataz_RFC4514NameParser._has_datasy3tz??**r& str | NonecR|r|j|jSdSr)rrrrs r'_peekz_RFC4514NameParser._peeks( >>   ):di( (tr&chcd||krt|xjdz c_dS)Nr=)rrsr)rxrs r' _read_charz_RFC4514NameParser._read_chars. ::<<2    Q r&c||j|j}|t|}|xjt |z c_|S)N)pos)matchrrrsr[r\)rxpatr r?s r'_read_rez_RFC4514NameParser._read_resN $*$) 44 = kkmm SXX  r&rcr|stgS|g}|rP|d|||Ptt |S)a' Parses the `data` string and converts it to a Name. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. So, when we parse it, we need to reverse again to get the RDNs on the correct order. rJ)rr _parse_rdnr appendrrs r'rz_RFC4514NameParser.parses~~ 88O!!"nn + OOC KK)) * * *nn +HTNN###r&rc"|g}|dkrT|d|||dkTt |S)NrI) _parse_narr rr)rxnass r'rz_RFC4514NameParser._parse_rdnsz~~ jjllc!! OOC JJt~~'' ( ( (jjllc!!)---r&rec ||j}t|}nf#t$rY||j}|j|t|}|tYnwxYw|d| dkrI||j }tj |dd }n)||j}t|}t!||S)NrrEr=)r_OID_RErrs _DESCR_RErrq_NAME_TO_NAMEOIDr r _HEXSTRING_RErS unhexlifyrU _STRING_RErcre)rx oid_valuergnamer) raw_values r'rz_RFC4514NameParser._parse_nas, . dl33I#9--CC ! ! !==00D+//&**400C{  {  !  ::<<3  MM$"455E&uQRRy1188::EE do66I&y11ES%(((s,A BBN)rrBrrrArk)rArj)rAr)rrBrArkr)rAr)rAr)rAre)rrrrecompilerr_PAIRrb_LUTF1_SUTF1_TUTF1r]sys maxunicode_UTFMB _LEADCHAR _STRINGCHAR _TRAILCHARVERBOSErrr~rrr rrrrr%r&r'raraisbj=>>G 233I 0Erz%  H GF CF GF -ss3>** - - -F%%V%%I''v''K&&f&&J        !&      %       JBJ344M8888 ++++  $$$$*....))))))r&ra)r?r@rArB)r?rBrArB)1 __future__rrSrr%rrt cryptographyr"cryptography.hazmat.bindings._rustrrcryptography.x509.oidrrEnumr _ASN1_TYPE_TO_ENUM COUNTRY_NAMErJURISDICTION_COUNTRY_NAME SERIAL_NUMBER DN_QUALIFIER EMAIL_ADDRESSrDOMAIN_COMPONENTr-__annotations__MappingrBr7r COMMON_NAME LOCALITY_NAMESTATE_OR_PROVINCE_NAMEORGANIZATION_NAMEORGANIZATIONAL_UNIT_NAMESTREET_ADDRESSUSER_IDr8itemsrrprWrcrerrrar%r&r'rBs #"""""" @@@@@@;;;;;;;;        54)444 )3 %y'@ 94 )3 9. i1 <n-s23 nS"223   3 "D s $d # H d OU !    ?>%5%;%;%=%=>>> & %v :5555&bHbHbHbHbHbHbHbHJ2G2G2G2G2G2G2G2GjW!W!W!W!W!W!W!W!th)h)h)h)h)h)h)h)h)h)r&