3 K^9 @sddlmZmZmZddlmZddlZddlmZddl m Z m Z GdddeZ dd e DZ eZe je je je je je je je je je je je jiZe jd e jd e jd e jd e jde jde jde jde jdi Z ddZ!GdddeZ"GdddeZ#GdddeZ$dS))absolute_importdivisionprint_function)EnumN)utils)NameOIDObjectIdentifierc@s4eZdZdZdZdZdZdZdZdZ dZ d Z d Z d S) _ASN1Type N) __name__ __module__ __qualname__ UTF8StringZ NumericStringPrintableStringZ T61String IA5StringZUTCTimeZGeneralizedTimeZ VisibleStringZUniversalStringZ BMPStringrr:/tmp/pip-unpacked-wheel-vvkwn1hz/cryptography/x509/name.pyr sr cCsi|] }||jqSr)value).0irrr srZCNLZSTOZOUCZSTREETZDCZUIDcCs|sdS|jdd}|jdd}|jdd}|jdd }|jd d }|jd d }|jdd}|jdd}|ddkr|d|}|ddkr|ddd}|S)z>Escape special characters in RFC4514 Distinguished Name value.\z\\"z\"+z\+,z\,;z\;z\>z\00r# Nz\ )r,r-r/)replace)valrrr_escape_dn_value6s          r2c@sTeZdZefddZejdZejdZddZ ddZ d d Z d d Z d dZ dS) NameAttributecCst|tstdt|tjs&td|tjks:|tjkrTt|j ddkrTt d|t krjt j |tj}t|ts|td||_||_||_dS)Nz2oid argument must be an ObjectIdentifier instance.z#value argument must be a text type.utf8z/Country name must be a 2 character country codez%_type must be from the _ASN1Type enum) isinstancer TypeErrorsix text_typer COUNTRY_NAMEJURISDICTION_COUNTRY_NAMElenencode ValueError _SENTINEL_NAMEOID_DEFAULT_TYPEgetr r_oid_value_type)selfoidrrDrrr__init__Os$      zNameAttribute.__init__rBrCcCs$tj|j|jj}d|t|jfS)z Format as RFC4514 Distinguished Name string. Use short attribute name if available, otherwise fall back to OID dotted string. z%s=%s)_NAMEOID_TO_NAMErArFZ dotted_stringr2r)rEkeyrrrrfc4514_stringvszNameAttribute.rfc4514_stringcCs&t|tstS|j|jko$|j|jkS)N)r6r3NotImplementedrFr)rEotherrrr__eq__s  zNameAttribute.__eq__cCs ||k S)Nr)rErLrrr__ne__szNameAttribute.__ne__cCst|j|jfS)N)hashrFr)rErrr__hash__szNameAttribute.__hash__cCs dj|S)Nz/)format)rErrr__repr__szNameAttribute.__repr__N)rrrr?rGrZread_only_propertyrFrrJrMrNrPrRrrrrr3Ns $    r3c@sTeZdZddZddZddZddZd d Zd d Zd dZ ddZ ddZ dS)RelativeDistinguishedNamecCs\t|}|stdtdd|Ds.td||_t||_t|jt|krXtddS)Nz-a relative distinguished name cannot be emptycss|]}t|tVqdS)N)r6r3)rxrrr sz5RelativeDistinguishedName.__init__..z/attributes must be an iterable of NameAttributez$duplicate attributes are not allowed)listr>allr7 _attributes frozenset_attribute_setr<)rE attributesrrrrGs z"RelativeDistinguishedName.__init__csfdd|DS)Ncsg|]}|jkr|qSr)rF)rr)rFrr szDRelativeDistinguishedName.get_attributes_for_oid..r)rErFr)rFrget_attributes_for_oidsz0RelativeDistinguishedName.get_attributes_for_oidcCsdjdd|jDS)z Format as RFC4514 Distinguished Name string. Within each RDN, attributes are joined by '+', although that is rarely used in certificates. r&css|]}|jVqdS)N)rJ)rattrrrrrUsz;RelativeDistinguishedName.rfc4514_string..)joinrX)rErrrrJsz(RelativeDistinguishedName.rfc4514_stringcCst|tstS|j|jkS)N)r6rSrKrZ)rErLrrrrMs z RelativeDistinguishedName.__eq__cCs ||k S)Nr)rErLrrrrNsz RelativeDistinguishedName.__ne__cCs t|jS)N)rOrZ)rErrrrPsz"RelativeDistinguishedName.__hash__cCs t|jS)N)iterrX)rErrr__iter__sz"RelativeDistinguishedName.__iter__cCs t|jS)N)r<rX)rErrr__len__sz!RelativeDistinguishedName.__len__cCsdj|jS)Nz)rQrJ)rErrrrRsz"RelativeDistinguishedName.__repr__N) rrrrGr]rJrMrNrPrarbrRrrrrrSs rSc@sheZdZddZddZddZeddZd d Zd d Z d dZ ddZ ddZ ddZ ddZdS)NamecCsRt|}tdd|Dr,dd|D|_n"tdd|DrF||_ntddS)Ncss|]}t|tVqdS)N)r6r3)rrTrrrrUsz Name.__init__..cSsg|]}t|gqSr)rS)rrTrrrr\sz!Name.__init__..css|]}t|tVqdS)N)r6rS)rrTrrrrUszNattributes must be a list of NameAttribute or a list RelativeDistinguishedName)rVrWrXr7)rEr[rrrrGsz Name.__init__cCsdjddt|jDS)a Format as RFC4514 Distinguished Name string. For example 'CN=foobar.com,O=Foo Corp,C=US' An X.509 name is a two-level structure: a list of sets of attributes. Each list element is separated by ',' and within each list element, set elements are separated by '+'. The latter is almost never used in real world certificates. According to RFC4514 section 2.1 the RDNSequence must be reversed when converting to string representation. r'css|]}|jVqdS)N)rJ)rr^rrrrUsz&Name.rfc4514_string..)r_reversedrX)rErrrrJs zName.rfc4514_stringcsfdd|DS)Ncsg|]}|jkr|qSr)rF)rr)rFrrr\sz/Name.get_attributes_for_oid..r)rErFr)rFrr]szName.get_attributes_for_oidcCs|jS)N)rX)rErrrrdnssz Name.rdnscCs |j|S)N)Zx509_name_bytes)rEbackendrrr public_bytesszName.public_bytescCst|tstS|j|jkS)N)r6rcrKrX)rErLrrrrMs z Name.__eq__cCs ||k S)Nr)rErLrrrrNsz Name.__ne__cCstt|jS)N)rOtuplerX)rErrrrPsz Name.__hash__ccs(x"|jD]}x|D] }|VqWqWdS)N)rX)rErdnZavarrrras  z Name.__iter__cCstdd|jDS)Ncss|]}t|VqdS)N)r<)rrirrrrUszName.__len__..)sumrX)rErrrrbsz Name.__len__cCs:djdd|jD}tjr,dj|jdSdj|SdS)Nr'css|]}|jVqdS)N)rJ)rr^rrrrUsz Name.__repr__..z r4)r_rXr8PY2rQr=)rErerrrrRsz Name.__repr__N)rrrrGrJr]propertyrergrMrNrPrarbrRrrrrrcs rc)% __future__rrrenumrr8Z cryptographyrZcryptography.x509.oidrrr Z_ASN1_TYPE_TO_ENUMobjectr?r:rr;Z SERIAL_NUMBERZ DN_QUALIFIERZ EMAIL_ADDRESSrZDOMAIN_COMPONENTr@Z COMMON_NAMEZ LOCALITY_NAMEZSTATE_OR_PROVINCE_NAMEZORGANIZATION_NAMEZORGANIZATIONAL_UNIT_NAMEZSTREET_ADDRESSZUSER_IDrHr2r3rSrcrrrrs4     E1