:je ddlmZddlZddlZddlZddlmZddlmZddl m Z ddl m Z ddlmZmZmZmZmZmZmZmZddlmZmZdd lmZmZmZdd lmZm Z dd l!m"Z"ejd d d Z#ej$e j%e j&e j'e j(e j)e j*e j+e j,fZ-Gdde.Z/d1dZ0d2dZ1d3dZ2Gdd Z3Gd!d"Z4Gd#d$ej5Z6Gd%d&e.Z7e j8Z8e j9Z9e j:Z:e j;Z;e j<ZZ>e j?Z?e j@Z@e jAZAe jBZBGd'd(ZCGd)d*ZDGd+d,ZEGd-d.ZFd4d0ZGdS)5) annotationsN)Iterable)utils)x509)hashes)dsaeced448ed25519paddingrsax448x25519) CertificateIssuerPrivateKeyTypesCertificatePublicKeyTypes) Extension ExtensionType_make_sequence_methods)Name _ASN1Type)ObjectIdentifieric eZdZdfd ZxZS) AttributeNotFoundmsgstroidrreturnNonecXt|||_dSN)super__init__r)selfrr __class__s jC:\Users\Terasoftware\OneDrive\Desktop\faahhh\fyndo\fyndo\venv\Lib\site-packages\cryptography/x509/base.pyr#zAttributeNotFound.__init__6s& )rrrrrr__name__ __module__ __qualname__r# __classcell__r%s@r&rr5s=r'r extensionExtension[ExtensionType] extensionslist[Extension[ExtensionType]]rrcN|D]!}|j|jkrtd"dS)Nz$This extension has already been set.)r ValueError)r.r0es r&_reject_duplicate_extensionr5;sH EE 5IM ! ECDD D EEEr'rr attributes0list[tuple[ObjectIdentifier, bytes, int | None]]cB|D]\}}}||krtddS)Nz$This attribute has already been set.)r3)rr6attr_oid_s r&_reject_duplicate_attributer;EsI %EE!Q s? ECDD D EEEr'timedatetime.datetimec|jD|}|r|ntj}|d|z S|S)zNormalizes a datetime to a naive datetime in UTC. time -- datetime to normalize. Assumed to be in UTC if not timezone aware. N)tzinfo)r? utcoffsetdatetime timedeltareplace)r<offsets r&_convert_to_naive_utc_timerEOsR  {!!!;x'9';';||4|((611 r'cveZdZejjfdd Zedd Zedd Zdd Z ddZ ddZ dS) Attributerrvaluebytes_typeintrrc0||_||_||_dSr!)_oid_valuerJ)r$rrHrJs r&r#zAttribute.__init__^s    r'c|jSr!)rMr$s r&rz Attribute.oidhs yr'c|jSr!)rNrPs r&rHzAttribute.valuels {r'rc(d|jd|jdS)Nz)rrHrPs r&__repr__zAttribute.__repr__psCCC4:CCCCr'otherobjectboolct|tstS|j|jko|j|jko|j|jkSr!) isinstancerGNotImplementedrrHrJ)r$rUs r&__eq__zAttribute.__eq__ssO%++ "! ! H ! * ek) * ek) r'cDt|j|j|jfSr!)hashrrHrJrPs r&__hash__zAttribute.__hash__}sTXtz4:6777r'N)rrrHrIrJrKrr)rr)rrIrr)rUrVrrWrrK) r)r*r+r UTF8StringrHr#propertyrrTr[r^r'r&rGrG]s )/ XXDDDD    888888r'rGcDeZdZddZed\ZZZddZdd Z d S) Attributesr6Iterable[Attribute]rrc.t||_dSr!)list _attributes)r$r6s r&r#zAttributes.__init__s ++r'rircd|jdS)Nz > >%'' 3122 2  5JtY$?$? 5344 4#C)9:::  *CCC/     2d 2eS 1 2   r' rsa_paddingecdsa_deterministic private_keyr algorithm_AllowedHashTypes | Nonebackend typing.Anyr%padding.PSS | padding.PKCS1v15 | Noner bool | NoneCertificateSigningRequestct|jtd|^t|tjtjfst dt|tjst d|)t|tj st dtj |||||S)zF Signs the request using the requestor's private key. Nz/A CertificateSigningRequest must have a subjectPadding must be PSS or PKCS1v15&Padding is only supported for RSA keys1Deterministic ECDSA is only supported for EC keys) rr3rYr PSSPKCS1v15rr RSAPrivateKeyr EllipticCurvePrivateKey rust_x509create_x509_csrr$rrrrrs r&signz%CertificateSigningRequestBuilder.signs   PNOO O  JkGK9I+JKK C ABBBk3+<== J HIII  k2+EFF G(         r')r|r}r0r1r6r7)rrrr{)rrrrWrr{)rrrHrIrrrr{r!) rrrrrrrrrrrr)r)r*r+r#r|rrrrcr'r&r{r{s%)57GI & & & & &         ."&       H# ! >B+/! ! ! ! ! ! ! ! r'r{c~eZdZUded<ddddddgfd2dZd3dZd3dZd4dZd5dZd6dZ d6dZ d7d$Z d8ddd%d9d1Z dS):CertificateBuilderr1rN issuer_namer}r| public_key CertificatePublicKeyTypes | None serial_number int | Nonenot_valid_beforedatetime.datetime | Nonenot_valid_afterr0rrctj|_||_||_||_||_||_||_||_ dSr!) rrru_version _issuer_namer _public_key_serial_number_not_valid_before_not_valid_afterr)r$rr|rrrrr0s r&r#zCertificateBuilder.__init__'sK  ')%+!1 /%r'rrc t|tstd|jt dt ||j|j|j|j |j |j S)z3 Sets the CA's distinguished name. rN%The issuer name may only be set once.) rYrrrr3rrrrrrrrs r&rzCertificateBuilder.issuer_name:sy$%% ;9:: :   FDEE E!         "  !     r'c t|tstd|jt dt |j||j|j|j |j |j S)z: Sets the requestor's distinguished name. rNr) rYrrrr3rrrrrrrrs r&r|zCertificateBuilder.subject_nameLsy$%% ;9:: :   GEFF F!         "  !     r'keyrc lt|tjtjt jtjtj tj tjfstd|jt#dt%|j|j||j|j|j|jS)zT Sets the requestor's public key (as found in the signing request). zExpecting one of DSAPublicKey, RSAPublicKey, EllipticCurvePublicKey, Ed25519PublicKey, Ed448PublicKey, X25519PublicKey, or X448PublicKey.Nz$The public key may only be set once.)rYr DSAPublicKeyr RSAPublicKeyr EllipticCurvePublicKeyr Ed25519PublicKeyr Ed448PublicKeyrX25519PublicKeyr X448PublicKeyrrr3rrrrrrr)r$rs r&rzCertificateBuilder.public_key^s   )($&"     !    ECDD D!         "  !     r'numberrKc Tt|tstd|jt d|dkrt d|dkrt dt |j|j|j ||j |j |j S)z5 Sets the certificate serial number. 'Serial number must be of integral type.N'The serial number may only be set once.rz%The serial number should be positive.3The serial number should not be more than 159 bits.) rYrKrrr3 bit_lengthrrrrrrrr$rs r&rz CertificateBuilder.serial_numbers&#&& GEFF F   HFGG G Q; FDEE E     # % E "         "  !     r'r<r=c zt|tjstd|jt dt |}|t krt d|j||jkrt dt|j |j |j |j ||j|j S)z7 Sets the certificate activation time. Expecting datetime object.Nz*The not valid before may only be set once.z>The not valid before date must be on or after 1950 January 1).zBThe not valid before date must be before the not valid after date.)rYrArrr3rE_EARLIEST_UTC_TIMErrrrrrrr$r<s r&rz#CertificateBuilder.not_valid_befores$ 122 :899 9  ! KIJJ J)$// $ $ $    8M1M  "           !     r'c zt|tjstd|jt dt |}|t krt d|j||jkrt dt|j |j |j |j |j||j S)z7 Sets the certificate expiration time. rNz)The not valid after may only be set once.z    4# 0 >B+/0 0 0 0 0 0 0 0 r'rcteZdZUded<ded<dddggfd)d Zd*dZd+dZd,dZd-dZd.dZ d/dddd0d(Z dS)1 CertificateRevocationListBuilderr1rlist[RevokedCertificate]_revoked_certificatesNrr} last_updater next_updater0revoked_certificatescL||_||_||_||_||_dSr!)r _last_update _next_updaterr)r$rrrr0rs r&r#z)CertificateRevocationListBuilder.__init__'s2(''%%9"""r'rrct|tstd|jt dt ||j|j|j|j S)Nrr) rYrrrr3rrrrr)r$rs r&rz,CertificateRevocationListBuilder.issuer_name5sm+t,, ;9:: :   FDEE E/         &    r'r=cbt|tjstd|jt dt |}|t krt d|j||jkrt dt|j ||j|j |j S)Nr!Last update may only be set once.8The last update date must be on or after 1950 January 1.z9The last update date must be before the next update date.) rYrArrr3rErrrrrr)r$rs r&rz,CertificateRevocationListBuilder.last_updateDs+x'899 :899 9   B@AA A0== + + J    [4;L-L K 0         &    r'cbt|tjstd|jt dt |}|t krt d|j||jkrt dt|j |j||j |j S)Nrrrz8The next update date must be after the last update date.) rYrArrr3rErrrrrr)r$rs r&rz,CertificateRevocationListBuilder.next_update\s+x'899 :899 9   B@AA A0== + + J    [4;L-L J 0         &    r'rrrrWct|tstdt|j||}t ||jt|j|j |j g|j||j S)zM Adds an X.509 extension to the certificate revocation list. r) rYrrrrr5rrrrrrrs r&rz.CertificateRevocationListBuilder.add_extensionts &-00 B@AA Afj(F;; #It/?@@@/       *d * *  &    r'revoked_certificateRevokedCertificatect|tstdt|j|j|j|jg|j|S)z8 Adds a revoked certificate to the CRL. z)Must be an instance of RevokedCertificate) rYrrrrrrrr)r$rs r&add_revoked_certificatez8CertificateRevocationListBuilder.add_revoked_certificatesc -/ABB IGHH H/         >d( >*= >    r'rrrrrrrrrrrCertificateRevocationListc|jtd|jtd|jtd|^t |t jt jfstdt |tj std|)t |tj stdtj|||||S)NzA CRL must have an issuer namez"A CRL must have a last update timez"A CRL must have a next update timerrr)rr3rrrYr rrrr rr rrcreate_x509_crlrs r&rz%CertificateRevocationListBuilder.signs   ?=>> >   CABB B   CABB B  JkGK9I+JKK C ABBBk3+<== J HIII  k2+EFF G(         r') rr}rrrrr0r1rr)rrrr)rr=rr)rr=rr)rrrrWrr)rrrrr!) rrrrrrrrrrrr) r)r*r+rr#rrrrrrrcr'r&rr#s////3333$(0404579; : : : : :         0    0    &    *# $ >B+/$ $ $ $ $ $ $ $ r'rc@eZdZddgfddZdd ZddZddZdddZdS)RevokedCertificateBuilderNrrrevocation_daterr0r1c0||_||_||_dSr!)r_revocation_dater)r$rrr0s r&r#z"RevokedCertificateBuilder.__init__s" , /%r'rrKrc$t|tstd|jt d|dkrt d|dkrt dt ||j|jS)Nrrrz$The serial number should be positiverr) rYrKrrr3rrrrrs r&rz'RevokedCertificateBuilder.serial_numbers&#&& GEFF F   HFGG G Q; ECDD D     # % E ) D)4+;   r'r<r=ct|tjstd|jt dt |}|t krt dt|j||j S)Nrz)The revocation date may only be set once.z7The revocation date must be on or after 1950 January 1.) rYrArrr3rErrrrrs r&rz)RevokedCertificateBuilder.revocation_dates$ 122 :899 9   JHII I)$// $ $ I )  t'7   r'rrrrWct|tstdt|j||}t ||jt|j|j g|j|S)Nr) rYrrrrr5rrrrrs r&rz'RevokedCertificateBuilder.add_extensionsz&-00 B@AA Afj(F;; #It/?@@@(    ! *d * *   r'rrrc|jtd|jtdtj|S)Nz/A revoked certificate must have a serial numberz1A revoked certificate must have a revocation date)rr3rrcreate_revoked_certificate)r$rs r&buildzRevokedCertificateBuilder.buildsP   PNOO O   C 3D999r')rrrrr0r1)rrKrr)r<r=rr)rrrrWrrr!)rrrr)r)r*r+r#rrrrrcr'r&rrs%)4857 &&&&&    $        :::::::r'rrKcbttjdddz S)Nbigr)rK from_bytesosurandomrcr'r&random_serial_numberrs# >>"*R..% 0 0A 55r')r.r/r0r1rr)rrr6r7rr)r<r=rr=r`)H __future__rrArtypingcollections.abcr cryptographyr"cryptography.hazmat.bindings._rustrrcryptography.hazmat.primitivesr)cryptography.hazmat.primitives.asymmetricrr r r r r rr/cryptography.hazmat.primitives.asymmetric.typesrrcryptography.x509.extensionsrrrcryptography.x509.namerrcryptography.x509.oidrrUnionSHA224SHA256SHA384SHA512SHA3_224SHA3_256SHA3_384SHA3_512_AllowedHashTypes Exceptionrr5r;rErGreEnumrrrwrrrrload_pem_x509_certificateload_der_x509_certificateload_pem_x509_certificatesload_pem_x509_csrload_der_x509_csrload_pem_x509_crlload_der_x509_crlr{rrrrrcr'r&rs  #""""" $$$$$$@@@@@@111111                     32222222222222&X&tQ22L M M M M O O O O   EEEEEEEE    !8!8!8!8!8!8!8!8HFFFFFFFF(     ej   -----Y--- # 1&?%?&?%?&A////m m m m m m m m `| | | | | | | | ~Y Y Y Y Y Y Y Y xB:B:B:B:B:B:B:B:J666666r'