����JFIFXX�����    $.' ",#(7),01444'9=82<.342  2!!22222222222222222222222222222222222222222222222222����"��4�� ���,�PG"Z_�4�˷����kjز�Z�,F+��_z�,�© �����zh6�٨�ic�fu���#ډb���_�N�?��wQ���5-�~�I���8����TK<5o�Iv-�����k�_U_�����~b�M��d����Ӝ�U�Hh��?]��E�w��Q���k�{��_}qFW7HTՑ��Y��F�?_�'ϔ��_�Ջt��=||I ��6�έ"�����D���/[�k�9���Y�8ds|\���Ҿp6�Ҵ���]��.����6�z<�v��@]�i%��$j��~�g��J>��no����pM[me�i$[����s�o�ᘨ�˸ nɜG-�ĨU�ycP�3.DB�li�;��hj���x7Z^�N�h������N3u{�:j�x�힞��#M&��jL P@_���� P��&��o8������9�����@Sz6�t7#O�ߋ �s}Yf�T���lmr����Z)'N��k�۞p����w\�Tȯ?�8`�O��i{wﭹW�[�r�� ��Q4F�׊���3m&L�=��h3����z~��#�\�l :�F,j@�� ʱ�wQT����8�"kJO���6�֚l����}���R�>ډK���]��y����&����p�}b��;N�1�m�r$�|��7�>e�@B�TM*-iH��g�D�)� E�m�|�ؘbҗ�a��Ҿ����t4���o���G��*oCN�rP���Q��@z,|?W[0�����:�n,jWiE��W��$~/�hp\��?��{(�0���+�Y8rΟ�+����>S-S����VN;�}�s?.����� w�9��˟<���Mq4�Wv'��{)0�1mB��V����W[�����8�/<� �%���wT^�5���b��)iM� pg�N�&ݝ��VO~�q���u���9� ����!��J27����$O-���! �:�%H��� ـ����y�ΠM=t{!S�� oK8������t<����è:a������[�����ա�H���~��w��Qz`�po�^ ����Q��n� �,uu�C�$ ^���,������8�#��:�6��e�|~���!�3�3.�\0��q��o�4`.|� ����y�Q�`~;�d�ׯ,��O�Zw�������`73�v�܋�<���Ȏ�� ـ4k��5�K�a�u�=9Yd��$>x�A�&�� j0� ���vF��� Y�|�y��� ~�6�@c��1vOp�Ig����4��l�OD���L����� R���c���j�_�uX6��3?nk��Wy�f;^*B� ��@�~a�`��Eu������+���6�L��.ü>��}y���}_�O�6�͐�:�YrG�X��kG�����l^w���~㒶sy��Iu�!� W ��X��N�7BV��O��!X�2����wvG�R�f�T#�����t�/?���%8�^�W�aT��G�cL�M���I��(J����1~�8�?aT ���]����AS�E��(��*E}� 2��#I/�׍qz��^t�̔���b�Yz4x���t�){ OH��+(E��A&�N�������XT��o��"�XC��'���)}�J�z�p� ��~5�}�^����+�6����w��c��Q�|Lp�d�H��}�(�.|����k��c4^�"�����Z?ȕ ��a<�L�!039C� �Eu�C�F�Ew�ç ;�n?�*o���B�8�bʝ���'#Rqf���M}7����]����s2tcS{�\icTx;�\��7K���P���ʇ Z O-��~��c>"��?�������P��E��O�8��@�8��G��Q�g�a�Վ���󁶠�䧘��_%#r�>�1�z�a��eb��qcPѵ��n���#L��� =��׀t� L�7�`��V���A{�C:�g���e@�w1 Xp3�c3�ġ����p��M"'-�@n4���fG��B3�DJ�8[Jo�ߐ���gK)ƛ��$���� ���8�3�����+���� �����6�ʻ���� ���S�kI�*KZlT _`���?��K����QK�d����B`�s}�>���`��*�>��,*@J�d�oF*����弝��O}�k��s��]��y�ߘ��c1G�V���<=�7��7����6�q�PT��tXԀ�!9*4�4Tހ3XΛex�46���Y��D ����� �BdemDa����\�_l,��G�/���֌7���Y�](�xTt^%�GE�����4�}bT���ڹ�����;Y)���B�Q��u��>J/J �⮶.�XԄ��j�ݳ�+E��d ��r�5�_D�1 ��o�� �B�x�΢�#���<��W�����8���R6�@g�M�.��� dr�D��>(otU��@x=��~v���2� ӣ�d�oBd��3�eO�6�㣷�����ݜ6��6Y��Qz`��S��{���\P�~z m5{J/L��1������<�e�ͅPu�b�]�ϔ���'������f�b� Zpw��c`"��i���BD@:)ִ�:�]��hv�E�w���T�l��P���"Ju�}��وV J��G6��. J/�Qgl߭�e�����@�z�Zev2u�)]կ�����7x���s�M�-<ɯ�c��r�v�����@��$�ޮ}lk���a���'����>x��O\�ZFu>�����ck#��&:��`�$�ai�>2Δ����l���oF[h��lE�ܺ�Πk:)���`�� $[6�����9�����kOw�\|���8}������ބ:��񶐕��I�A1/�=�2[�,�!��.}gN#�u����b��� ~��݊��}34q����d�E��Lc��$��"�[q�U�硬g^��%B �z���r�pJ�ru%v\h1Y�ne`ǥ:g���pQM~�^�Xi� ��`S�:V29.�P���V�?B�k�� AEvw%�_�9C�Q����wKekPؠ�\�;Io d�{ ߞo�c1eP����\� `����E=���@K<�Y���eڼ�J���w����{av�F�'�M�@/J��+9p���|]�����Iw &`��8���&M�hg��[�{��Xj��%��Ӓ�$��(����ʹN���<>�I���RY���K2�NPlL�ɀ)��&e����B+ь����( � �JTx���_?EZ� }@ 6�U���뙢ط�z��dWI�n` D����噥�[��uV��"�G&Ú����2g�}&m��?ċ�"����Om#��������� ��{�ON��"S�X��Ne��ysQ���@Fn��Vg���dX�~nj�]J�<�K]:��FW��b�������62�=��5f����JKw��bf�X�55��~J �%^����:�-�QIE��P��v�nZum� z � ~ə ���� ���ة����;�f��\v���g�8�1��f24;�V���ǔ�)����9���1\��c��v�/'Ƞ�w�������$�4�R-��t���� e�6�/�ġ �̕Ecy�J���u�B���<�W�ַ~�w[B1L۲�-JS΂�{���΃������A��20�c#��@ 0!1@AP"#2Q`$3V�%45a6�FRUq��� ����^7ׅ,$n�������+��F�`��2X'��0vM��p�L=������5��8������u�p~���.�`r�����\���O��,ư�0oS ��_�M�����l���4�kv\JSd���x���SW�<��Ae�IX����������$I���w�:S���y���›R��9�Q[���,�5�;�@]�%���u�@ *ro�lbI �� ��+���%m:�͇ZV�����u�̉����θau<�fc�.����{�4Ա� �Q����*�Sm��8\ujqs]{kN���)qO�y�_*dJ�b�7���yQqI&9�ԌK!�M}�R�;������S�T���1���i[U�ɵz�]��U)V�S6���3$K{�ߊ<�(� E]Զ[ǼENg�����'�\?#)Dkf��J���o��v���'�%ƞ�&K�u�!��b�35LX�Ϸ��63$K�a�;�9>,R��W��3�3� d�JeTYE.Mϧ��-�o�j3+y��y^�c�������VO�9NV\nd�1 ��!͕_)a�v;����թ�M�lWR1��)El��P;��yوÏ�u 3�k�5Pr6<�⒲l�!˞*��u־�n�!�l:����UNW ��%��Chx8vL'��X�@��*��)���̮��ˍ��� ���D-M�+J�U�kvK����+�x8��cY������?�Ԡ��~3mo��|�u@[XeY�C�\Kp�x8�oC�C�&����N�~3-H���� ��MX�s�u<`���~"WL��$8ξ��3���a�)|:@�m�\���^�`�@ҷ)�5p+��6���p�%i)P M���ngc�����#0Aruz���RL+xSS?���ʮ}()#�t��mˇ!��0}}y����<�e� �-ή�Ԩ��X������ MF���ԙ~l L.3���}�V뽺�v�����멬��Nl�)�2����^�Iq��a��M��qG��T�����c3#������3U�Ǎ���}��לS�|qa��ڃ�+���-��2�f����/��bz��ڐ�� �ݼ[2�ç����k�X�2�* �Z�d���J�G����M*9W���s{��w���T��x��y,�in�O�v��]���n����P�$�JB@=4�OTI�n��e�22a\����q�d���%�$��(���:���: /*�K[PR�fr\nڙdN���F�n�$�4�[�� U�zƶ����� �mʋ���,�ao�u 3�z� �x��Kn����\[��VFmbE;�_U��&V�Gg�]L�۪&#n%�$ɯ�dG���D�TI=�%+AB�Ru#��b4�1�»x�cs�YzڙJG��f��Il��d�eF'T� iA��T���uC�$����Y��H?����[!G`}���ͪ� �纤Hv\������j�Ex�K���!���OiƸ�Yj�+u-<���'q����uN�*�r\��+�]���<�wOZ.fp�ێ��,-*)V?j-kÊ#�`�r��dV����(�ݽBk�����G�ƛk�QmUڗe��Z���f}|����8�8��a���i��3'J�����~G_�^���d�8w������ R�`(�~�.��u���l�s+g�bv���W���lGc}��u���afE~1�Ue������Z�0�8�=e�� f@/�jqEKQQ�J��oN��J���W5~M>$6�Lt�;$ʳ{���^��6�{����v6���ķܰg�V�cnn �~z�x�«�,2�u�?cE+Ș�H؎�%�Za�)���X>uW�Tz�Nyo����s���FQƤ��$��*�&�LLXL)�1�" L��eO��ɟ�9=���:t��Z���c��Ž���Y?�ӭV�wv�~,Y��r�ۗ�|�y��GaF�����C�����.�+� ���v1���fήJ�����]�S��T��B��n5sW}y�$��~z�'�c ��8 ��� ,! �p��VN�S��N�N�q��y8z˱�A��4��*��'������2n<�s���^ǧ˭P�Jޮɏ�U�G�L�J�*#��<�V��t7�8����TĜ>��i}K%,���)[��z�21z ?�N�i�n1?T�I�R#��m-�����������������1����lA�`��fT5+��ܐ�c�q՝��ʐ��,���3�f2U�եmab��#ŠdQ�y>\��)�SLY����w#��.���ʑ�f��� ,"+�w�~�N�'�c�O�3F�������N<���)j��&��,-� �љ���֊�_�zS���TǦ����w�>��?�������n��U仆�V���e�����0���$�C�d���rP �m�׈e�Xm�Vu� �L��.�bֹ��� �[Դaզ���*��\y�8�Է:�Ez\�0�Kq�C b��̘��cө���Q��=0Y��s�N��S.���3.���O�o:���#���v7�[#߫ ��5�܎�L���Er4���9n��COWlG�^��0k�%<���ZB���aB_���������'=��{i�v�l�$�uC���mƎҝ{�c㱼�y]���W�i ��ߧc��m�H� m�"�"�����;Y�ߝ�Z�Ǔ�����:S#��|}�y�,/k�Ld� TA�(�AI$+I3��;Y*���Z��}|��ӧO��d�v��..#:n��f>�>���ȶI�TX��� 8��y����"d�R�|�)0���=���n4��6ⲑ�+��r<�O�܂~zh�z����7ܓ�HH�Ga롏���nCo�>������a ���~]���R���̲c?�6(�q�;5%� |�uj�~z8R=X��I�V=�|{v�Gj\gc��q����z�؋%M�ߍ����1y��#��@f^���^�>N�����#x#۹��6�Y~�?�dfPO��{��P�4��V��u1E1J �*|���%���JN��`eWu�zk M6���q t[�� ��g�G���v��WIG��u_ft����5�j�"�Y�:T��ɐ���*�;� e5���4����q$C��2d�}���� _S�L#m�Yp��O�.�C�;��c����Hi#֩%+) �Ӎ��ƲV���SYź��g |���tj��3�8���r|���V��1#;.SQ�A[���S������#���`n�+���$��$I �P\[�@�s��(�ED�z���P��])8�G#��0B��[ى��X�II�q<��9�~[Z멜�Z�⊔IWU&A>�P~�#��dp<�?����7���c��'~���5 ��+$���lx@�M�dm��n<=e�dyX��?{�|Aef ,|n3�<~z�ƃ�uۧ�����P��Y,�ӥQ�*g�#먙R�\���;T��i,��[9Qi歉����c>]9�� ��"�c��P�� �Md?٥��If�ت�u��k��/����F��9�c*9��Ǎ:�ØF���z�n*�@|I�ށ9����N3{'��[�'ͬ�Ҳ4��#}��!�V� Fu��,�,mTIk���v C�7v���B�6k�T9��1�*l� '~��ƞF��lU��'�M ����][ΩũJ_�{�i�I�n��$���L�� j��O�dx�����kza۪��#�E��Cl����x˘�o�����V���ɞ�ljr��)�/,�߬h�L��#��^��L�ф�,íMƁe�̩�NB�L�����iL����q�}��(��q��6IçJ$�W�E$��:������=#����(�K�B����zђ <��K(�N�۫K�w��^O{!����)�H���>x�������lx�?>Պ�+�>�W���,Ly!_�D���Ō�l���Q�!�[ �S����J��1��Ɛ�Y}��b,+�Lo�x�ɓ)����=�y�oh�@�꥟/��I��ѭ=��P�y9��� �ۍYӘ�e+�p�Jnϱ?V\SO%�(�t� ���=?MR�[Ș�����d�/ ��n�l��B�7j� ��!�;ӥ�/�[-���A�>�dN�sLj ��,ɪv��=1c�.SQ�O3�U���ƀ�ܽ�E����������̻��9G�ϷD�7(�}��Ävӌ\�y�_0[w ���<΍>����a_��[0+�L��F.�޺��f�>oN�T����q;���y\��bՃ��y�jH�<|q-eɏ�_?_9+P���Hp$�����[ux�K w�Mw��N�ی'$Y2�=��q���KB��P��~������Yul:�[<����F1�2�O���5=d����]Y�sw:���Ϯ���E��j,_Q��X��z`H1,#II ��d�wr��P˂@�ZJV����y$�\y�{}��^~���[:N����ߌ�U�������O��d�����ؾe��${p>G��3c���Ė�lʌ�� ת��[��`ϱ�-W����dg�I��ig2��� ��}s ��ؤ(%#sS@���~���3�X�nRG�~\jc3�v��ӍL��M[JB�T��s3}��j�Nʖ��W����;7��ç?=X�F=-�=����q�ߚ���#���='�c��7���ڑW�I(O+=:uxq�������������e2�zi+�kuG�R��������0�&e�n���iT^J����~\jy���p'dtG��s����O��3����9* �b#Ɋ�� p������[Bws�T�>d4�ۧs���nv�n���U���_�~,�v����ƜJ1��s�� �QIz��)�(lv8M���U=�;����56��G���s#�K���MP�=��LvyGd��}�VwWBF�'�à �?MH�U�g2�� ����!�p�7Q��j��ڴ����=��j�u��� Jn�A s���uM������e��Ɔ�Ҕ�!)'��8Ϣ�ٔ��ޝ(��Vp���צ֖d=�IC�J�Ǡ{q������kԭ�߸���i��@K����u�|�p=..�*+����x�����z[Aqġ#s2a�Ɗ���RR�)*HRsi�~�a &f��M��P����-K�L@��Z��Xy�'x�{}��Zm+���:�)�) IJ�-i�u���� ���ܒH��'�L(7�y�GӜq���� j��� 6ߌg1�g�o���,kر���tY�?W,���p���e���f�OQS��!K�۟cҒA�|ս�j�>��=⬒��˧L[�� �߿2JaB~R��u�:��Q�] �0H~���]�7��Ƽ�I���(}��cq '�ήET���q�?f�ab���ӥvr� �)o��-Q��_'����ᴎo��K������;��V���o��%���~OK ����*��b�f:���-ťIR��`B�5!RB@���ï�� �u �̯e\�_U�_������� g�ES��3�������QT��a����x����U<~�c?�*�#]�MW,[8O�a�x��]�1bC|踤�P��lw5V%�)�{t�<��d��5���0i�XSU��m:��Z�┵�i�"��1�^B�-��P�hJ��&)O��*�D��c�W��vM��)����}���P��ܗ-q����\mmζZ-l@�}��a��E�6��F�@��&Sg@���ݚ�M����� ȹ 4����#p�\H����dYDo�H���"��\��..R�B�H�z_�/5˘����6��KhJR��P�mƶi�m���3�,#c�co��q�a)*Pt����R�m�k�7x�D�E�\Y�閣_X�<���~�)���c[[�BP����6�Yq���S��0����%_����;��Àv�~�| VS؇ ��'O0��F0��\���U�-�d@�����7�SJ*z��3n��y��P����O���������m�~�P�3|Y��ʉr#�C�<�G~�.,! ���bqx���h~0=��!ǫ�jy����l�O,�[B��~��|9��ٱ����Xly�#�i�B��g%�S��������tˋ���e���ې��\[d�t)��.+u�|1 ������#�~Oj����hS�%��i.�~X���I�H�m��0n���c�1uE�q��cF�RF�o���7� �O�ꮧ� ���ۛ{��ʛi5�rw?׌#Qn�TW��~?y$��m\�\o����%W� ?=>S�N@�� �Ʈ���R����N�)�r"C�:��:����� �����#��qb��Y�. �6[��2K����2u�Ǧ�HYR��Q�MV��� �G�$��Q+.>�����nNH��q�^��� ����q��mM��V��D�+�-�#*�U�̒ ���p욳��u:�������IB���m���PV@O���r[b= �� ��1U�E��_Nm�yKbN�O���U�}�the�`�|6֮P>�\2�P�V���I�D�i�P�O;�9�r�mAHG�W�S]��J*�_�G��+kP�2����Ka�Z���H�'K�x�W�MZ%�O�YD�Rc+o��?�q��Ghm��d�S�oh�\�D�|:W������UA�Qc yT�q������~^�H��/��#p�CZ���T�I�1�ӏT����4��"�ČZ�����}��`w�#�*,ʹ�� ��0�i��課�Om�*�da��^gJ݅{���l�e9uF#T�ֲ��̲�ٞC"�q���ߍ ոޑ�o#�XZTp����@ o�8��(jd��xw�]�,f���`~�|,s��^����f�1���t��|��m�򸄭/ctr��5s��7�9Q�4�H1꠲BB@l9@���C�����+�wp�xu�£Yc�9��?`@#�o�mH�s2��)�=��2�.�l����jg�9$�Y�S�%*L������R�Y������7Z���,*=�䷘$�������arm�o�ϰ���UW.|�r�uf����IGw�t����Zwo��~5 ��YյhO+=8fF�)�W�7�L9lM�̘·Y���֘YLf�큹�pRF���99.A �"wz��=E\Z���'a� 2��Ǚ�#;�'}�G���*��l��^"q��+2FQ� hj��kŦ��${���ޮ-�T�٭cf�|�3#~�RJ����t��$b�(R��(����r���dx� >U b�&9,>���%E\� Ά�e�$��'�q't��*�א���ެ�b��-|d���SB�O�O��$�R+�H�)�܎�K��1m`;�J�2�Y~9��O�g8=vqD`K[�F)k�[���1m޼c��n���]s�k�z$@��)!I �x՝"v��9=�ZA=`Ɠi �:�E��)`7��vI��}d�YI�_ �o�:ob���o ���3Q��&D&�2=�� �Ά��;>�h����y.*ⅥS������Ӭ�+q&����j|UƧ����}���J0��WW< ۋS�)jQR�j���Ư��rN)�Gű�4Ѷ(�S)Ǣ�8��i��W52���No˓� ۍ%�5brOn�L�;�n��\G����=�^U�dI���8$�&���h��'���+�(������cȁ߫k�l��S^���cƗjԌE�ꭔ��gF���Ȓ��@���}O���*;e�v�WV���YJ\�]X'5��ղ�k�F��b 6R�o՜m��i N�i����>J����?��lPm�U��}>_Z&�KK��q�r��I�D�Չ~�q�3fL�:S�e>���E���-G���{L�6p�e,8��������QI��h��a�Xa��U�A'���ʂ���s�+טIjP�-��y�8ۈZ?J$��W�P� ��R�s�]��|�l(�ԓ��sƊi��o(��S0��Y� 8�T97.�����WiL��c�~�dxc�E|�2!�X�K�Ƙਫ਼�$((�6�~|d9u+�qd�^3�89��Y�6L�.I�����?���iI�q���9�)O/뚅����O���X��X�V��ZF[�یgQ�L��K1���RҖr@v�#��X�l��F���Нy�S�8�7�kF!A��sM���^rkp�jP�DyS$N���q��nxҍ!U�f�!eh�i�2�m���`�Y�I�9r�6� �TF���C}/�y�^���Η���5d�'��9A-��J��>{�_l+�`��A���[�'��յ�ϛ#w:݅�%��X�}�&�PSt�Q�"�-��\縵�/����$Ɨh�Xb�*�y��BS����;W�ջ_mc�����vt?2}1�;qS�d�d~u:2k5�2�R�~�z+|HE!)�Ǟl��7`��0�<�,�2*���Hl-��x�^����'_TV�gZA�'j� ^�2Ϊ��N7t�����?w�� �x1��f��Iz�C-Ȗ��K�^q�;���-W�DvT�7��8�Z�������� hK�(P:��Q- �8�n�Z���܃e貾�<�1�YT<�,�����"�6{/ �?�͟��|1�:�#g��W�>$����d��J��d�B��=��jf[��%rE^��il:��B���x���Sּ�1հ��,�=��*�7 fcG��#q� �eh?��2�7�����,�!7x��6�n�LC�4x��},Geǝ�tC.��vS �F�43��zz\��;QYC,6����~;RYS/6���|2���5���v��T��i����������mlv��������&� �nRh^ejR�LG�f���? �ۉҬܦƩ��|��Ȱ����>3����!v��i�ʯ�>�v��オ�X3e���_1z�Kȗ\<������!�8���V��]��?b�k41�Re��T�q��mz��TiOʦ�Z��Xq���L������q"+���2ۨ��8}�&N7XU7Ap�d�X��~�׿��&4e�o�F��� �H����O���č�c�� 懴�6���͉��+)��v;j��ݷ�� �UV�� i��� j���Y9GdÒJ1��詞�����V?h��l����l�cGs�ځ�������y�Ac�����\V3�? �� ܙg�>qH�S,�E�W�[�㺨�uch�⍸�O�}���a��>�q�6�n6����N6�q������N ! 1AQaq�0@����"2BRb�#Pr���3C`��Scst���$4D���%Td�� ?���N����a��3��m���C���w��������xA�m�q�m���m������$����4n淿t'��C"w��zU=D�\R+w�p+Y�T�&�պ@��ƃ��3ޯ?�Aﶂ��aŘ���@-�����Q�=���9D��ռ�ѻ@��M�V��P��܅�G5�f�Y<�u=,EC)�<�Fy'�"�&�չ�X~f��l�KԆV��?�� �W�N����=(� �;���{�r����ٌ�Y���h{�١������jW����P���Tc�����X�K�r��}���w�R��%��?���E��m�� �Y�q|����\lEE4���r���}�lsI�Y������f�$�=�d�yO����p�����yBj8jU�o�/�S��?�U��*������ˍ�0������u�q�m [�?f����a�� )Q�>����6#������� ?����0UQ����,IX���(6ڵ[�DI�MNލ�c&���υ�j\��X�R|,4��� j������T�hA�e��^���d���b<����n�� �즇�=!���3�^�`j�h�ȓr��jẕ�c�,ٞX����-����a�ﶔ���#�$��]w�O��Ӫ�1y%��L�Y<�wg#�ǝ�̗`�x�xa�t�w��»1���o7o5��>�m뭛C���Uƃߜ}�C���y1Xνm�F8�jI���]����H���ۺиE@I�i;r�8ӭ����V�F�Շ| ��&?�3|x�B�MuS�Ge�=Ӕ�#BE5G�����Y!z��_e��q�р/W>|-�Ci߇�t�1ޯќd�R3�u��g�=0 5��[?�#͏��q�cf���H��{ ?u�=?�?ǯ���}Z��z���hmΔ�BFTW�����<�q�(v� ��!��z���iW]*�J�V�z��gX֧A�q�&��/w���u�gYӘa���; �i=����g:��?2�dž6�ى�k�4�>�Pxs����}������G�9��3 ���)gG�R<>r h�$��'nc�h�P��Bj��J�ҧH� -��N1���N��?��~��}-q!=��_2hc�M��l�vY%UE�@|�v����M2�.Y[|y�"Eï��K�ZF,�ɯ?,q�?v�M 80jx�"�;�9vk�����+ ֧�� �ȺU��?�%�vcV��mA�6��Qg^M����A}�3�nl� QRN�l8�kkn�'�����(��M�7m9و�q���%ޟ���*h$Zk"��$�9��: �?U8�Sl��,,|ɒ��xH(ѷ����Gn�/Q�4�P��G�%��Ա8�N��!� �&�7�;���eKM7�4��9R/%����l�c>�x;������>��C�:�����t��h?aKX�bhe�ᜋ^�$�Iհ �hr7%F$�E��Fd���t��5���+�(M6�t����Ü�UU|zW�=a�Ts�Tg������dqP�Q����b'�m���1{|Y����X�N��b �P~��F^F:����k6�"�j!�� �I�r�`��1&�-$�Bevk:y���#yw��I0��x��=D�4��tU���P�ZH��ڠ底taP��6����b>�xa����Q�#� WeF��ŮNj�p�J* mQ�N����*I�-*�ȩ�F�g�3 �5��V�ʊ�ɮ�a��5F���O@{���NX��?����H�]3��1�Ri_u��������ѕ�� ����0��� F��~��:60�p�͈�S��qX#a�5>���`�o&+�<2�D����: �������ڝ�$�nP���*)�N�|y�Ej�F�5ټ�e���ihy�Z �>���k�bH�a�v��h�-#���!�Po=@k̆IEN��@��}Ll?j�O������߭�ʞ���Q|A07x���wt!xf���I2?Z��<ץ�T���cU�j��]��陎Ltl �}5�ϓ��$�,��O�mˊ�;�@O��jE��j(�ا,��LX���LO���Ц�90�O �.����a��nA���7������j4 ��W��_ٓ���zW�jcB������y՗+EM�)d���N�g6�y1_x��p�$Lv:��9�"z��p���ʙ$��^��JԼ*�ϭ����o���=x�Lj�6�J��u82�A�H�3$�ٕ@�=Vv�]�'�qEz�;I˼��)��=��ɯ���x �/�W(V���p�����$ �m�������u�����񶤑Oqˎ�T����r��㠚x�sr�GC��byp�G��1ߠ�w e�8�$⿄����/�M{*}��W�]˷.�CK\�ުx���/$�WPw���r� |i���&�}�{�X� �>��$-��l���?-z���g����lΆ���(F���h�vS*���b���߲ڡn,|)mrH[���a�3�ר�[1��3o_�U�3�TC�$��(�=�)0�kgP���� ��u�^=��4 �WYCҸ:��vQ�ר�X�à��tk�m,�t*��^�,�}D*� �"(�I��9R����>`�`��[~Q]�#af��i6l��8���6�:,s�s�N6�j"�A4���IuQ��6E,�GnH��zS�HO�uk�5$�I�4��ؤ�Q9�@��C����wp�BGv[]�u�Ov���0I4���\��y�����Q�Ѹ��~>Z��8�T��a��q�ޣ;z��a���/��S��I:�ܫ_�|������>=Z����8:�S��U�I�J��"IY���8%b8���H��:�QO�6�;7�I�S��J��ҌAά3��>c���E+&jf$eC+�z�;��V����� �r���ʺ������my�e���aQ�f&��6�ND��.:��NT�vm�<- u���ǝ\MvZY�N�NT��-A�>jr!S��n�O 1�3�Ns�%�3D@���`������ܟ 1�^c<���� �a�ɽ�̲�Xë#�w�|y�cW�=�9I*H8�p�^(4���՗�k��arOcW�tO�\�ƍR��8����'�K���I�Q�����?5�>[�}��yU�ײ -h��=��% q�ThG�2�)���"ו3]�!kB��*p�FDl�A���,�eEi�H�f�Ps�����5�H:�Փ~�H�0Dت�D�I����h�F3�������c��2���E��9�H��5�zԑ�ʚ�i�X�=:m�xg�hd(�v����׊�9iS��O��d@0ڽ���:�p�5�h-��t�&���X�q�ӕ,��ie�|���7A�2���O%P��E��htj��Y1��w�Ѓ!����  ���� ࢽ��My�7�\�a�@�ţ�J �4�Ȼ�F�@o�̒?4�wx��)��]�P��~�����u�����5�����7X ��9��^ܩ�U;Iꭆ 5 �������eK2�7(�{|��Y׎ �V��\"���Z�1� Z�����}��(�Ǝ"�1S���_�vE30>���p;� ΝD��%x�W�?W?v����o�^V�i�d��r[��/&>�~`�9Wh��y�;���R��� ;;ɮT��?����r$�g1�K����A��C��c��K��l:�'��3 c�ﳯ*"t8�~l��)���m��+U,z��`(�>yJ�?����h>��]��v��ЍG*�{`��;y]��I�T� ;c��NU�fo¾h���/$���|NS���1�S�"�H��V���T���4��uhǜ�]�v;���5�͠x��'C\�SBpl���h}�N����� A�Bx���%��ޭ�l��/����T��w�ʽ]D�=����K���ž�r㻠l4�S�O?=�k �M:� ��c�C�a�#ha���)�ѐxc�s���gP�iG��{+���x���Q���I= �� z��ԫ+ �8"�k�ñ�j=|����c ��y��CF��/��*9ж�h{ �?4�o� ��k�m�Q�N�x��;�Y��4膚�a�w?�6�>e]�����Q�r�:����g�,i"�����ԩA�*M�<�G��b�if��l^M��5� �Ҩ�{����6J��ZJ�����P�*�����Y���ݛu�_4�9�I8�7���������,^ToR���m4�H��?�N�S�ѕw��/S��甍�@�9H�S�T��t�ƻ���ʒU��*{Xs�@����f�����֒Li�K{H�w^���������Ϥm�tq���s� ���ք��f:��o~s��g�r��ט� �S�ѱC�e]�x���a��) ���(b-$(�j>�7q�B?ӕ�F��hV25r[7 Y� }L�R��}����*sg+��x�r�2�U=�*'WS��ZDW]�WǞ�<��叓���{�$�9Ou4��y�90-�1�'*D`�c�^o?(�9��u���ݐ��'PI&� f�Jݮ�������:wS����jfP1F:X �H�9dԯ���˝[�_54 �}*;@�ܨ�� ð�yn�T���?�ןd�#���4rG�ͨ��H�1�|-#���Mr�S3��G�3�����)�.᧏3v�z֑��r����$G"�`j �1t��x0<Ɔ�Wh6�y�6��,œ�Ga��gA����y��b��)��h�D��ß�_�m��ü �gG;��e�v��ݝ�nQ� ��C����-�*��o���y�a��M��I�>�<���]obD��"�:���G�A��-\%LT�8���c�)��+y76���o�Q�#*{�(F�⽕�y����=���rW�\p���۩�c���A���^e6��K������ʐ�cVf5$�'->���ՉN"���F�"�UQ@�f��Gb~��#�&�M=��8�ט�JNu9��D��[̤�s�o�~������ G��9T�tW^g5y$b��Y'��س�Ǵ�=��U-2 #�MC�t(�i� �lj�@Q 5�̣i�*�O����s�x�K�f��}\��M{E�V�{�υ��Ƈ�����);�H����I��fe�Lȣr�2��>��W�I�Ȃ6������i��k�� �5�YOxȺ����>��Y�f5'��|��H+��98pj�n�.O�y�������jY��~��i�w'������l�;�s�2��Y��:'lg�ꥴ)o#'Sa�a�K��Z� �m��}�`169�n���"���x��I ��*+� }F<��cГ���F�P�������ֹ*�PqX�x۩��,� ��N�� �4<-����%����:��7����W���u�`����� $�?�I��&����o��o��`v�>��P��"��l���4��5'�Z�gE���8���?��[�X�7(��.Q�-��*���ތL@̲����v��.5���[��=�t\+�CNܛ��,g�SQnH����}*F�G16���&:�t��4ُ"A��̣��$�b �|����#rs��a�����T�� ]�<�j��BS�('$�ɻ� �wP;�/�n��?�ݜ��x�F��yUn�~mL*-�������Xf�wd^�a�}��f�,=t�׵i�.2/wpN�Ep8�OР���•��R�FJ� 55TZ��T �ɭ�<��]��/�0�r�@�f��V��V����Nz�G��^���7hZi����k��3�,kN�e|�vg�1{9]_i��X5y7� 8e]�U����'�-2,���e"����]ot�I��Y_��n�(JҼ��1�O ]bXc���Nu�No��pS���Q_���_�?i�~�x h5d'�(qw52] ��'ޤ�q��o1�R!���`ywy�A4u���h<קy���\[~�4�\ X�Wt/� 6�����n�F�a8��f���z �3$�t(���q��q�x��^�XWeN'p<-v�!�{�(>ӽDP7��ո0�y)�e$ٕv�Ih'Q�EA�m*�H��RI��=:��� ���4牢) �%_iN�ݧ�l]� �Nt���G��H�L��� ɱ�g<���1V�,�J~�ٹ�"K��Q�� 9�HS�9�?@��k����r�;we݁�]I�!{ �@�G�[�"��`���J:�n]�{�cA�E����V��ʆ���#��U9�6����j�#Y�m\��q�e4h�B�7��C�������d<�?J����1g:ٳ���=Y���D�p�ц� ׈ǔ��1�]26؜oS�'��9�V�FVu�P�h�9�xc�oq�X��p�o�5��Ա5$�9W�V(�[Ak�aY錎qf;�'�[�|���b�6�Ck��)��#a#a˙��8���=äh�4��2��C��4tm^ �n'c���]GQ$[Wҿ��i���vN�{Fu ��1�gx��1┷���N�m��{j-,��x�� Ūm�ЧS�[�s���Gna���䑴�� x�p 8<������97�Q���ϴ�v�aϚG��Rt�Һ׈�f^\r��WH�JU�7Z���y)�vg=����n��4�_)y��D'y�6�]�c�5̪�\� �PF�k����&�c;��cq�$~T�7j ���nç]�<�g ":�to�t}�159�<�/�8������m�b�K#g'I'.W�����6��I/��>v��\�MN��g���m�A�yQL�4u�Lj�j9��#44�t��l^�}L����n��R��!��t��±]��r��h6ٍ>�yҏ�N��fU�� ���� Fm@�8}�/u��jb9������he:A�y�ծw��GpΧh�5����l}�3p468��)U��d��c����;Us/�֔�YX�1�O2��uq�s��`hwg�r~�{ R��mhN��؎*q 42�*th��>�#���E����#��Hv�O����q�}�����6�e��\�,Wk�#���X��b>��p}�դ��3���T5��†��6��[��@�P�y*n��|'f�֧>�lư΂�̺����SU�'*�q�p�_S�����M�� '��c�6�����m�� ySʨ;M��r���Ƌ�m�Kxo,���Gm�P��A�G�:��i��w�9�}M(�^�V��$ǒ�ѽ�9���|���� �a����J�SQ�a���r�B;����}���ٻ֢�2�%U���c�#�g���N�a�ݕ�'�v�[�OY'��3L�3�;,p�]@�S��{ls��X�'���c�jw�k'a�.��}�}&�� �dP�*�bK=ɍ!����;3n�gΊU�ߴmt�'*{,=SzfD� A��ko~�G�aoq�_mi}#�m�������P�Xhύ����mxǍ�΂���巿zf��Q���c���|kc�����?���W��Y�$���_Lv����l߶��c���`?����l�j�ݲˏ!V��6����U�Ђ(A���4y)H���p�Z_�x��>���e��R��$�/�`^'3qˏ�-&Q�=?��CFVR �D�fV�9��{�8g�������n�h�(P"��6�[�D���< E�����~0<@�`�G�6����Hг�cc�� �c�K.5��D��d�B���`?�XQ��2��ٿyqo&+�1^� DW�0�ꊩ���G�#��Q�nL3��c���������/��x ��1�1[y�x�პCW��C�c�UĨ80�m�e�4.{�m��u���I=��f�����0QRls9���f���������9���~f�����Ǩ��a�"@�8���ȁ�Q����#c�ic������G��$���G���r/$W�(��W���V�"��m�7�[m�A�m����bo��D� j����۳� l���^�k�h׽����� ��#� iXn�v��eT�k�a�^Y�4�BN��ĕ��0 !01@Q"2AaPq3BR������?���@4�Q�����T3,���㺠�W�[=JK�Ϟ���2�r^7��vc�:�9 �E�ߴ�w�S#d���Ix��u��:��Hp��9E!�� V 2;73|F��9Y���*ʬ�F��D����u&���y؟��^EA��A��(ɩ���^��GV:ݜDy�`��Jr29ܾ�㝉��[���E;Fzx��YG��U�e�Y�C���� ����v-tx����I�sם�Ę�q��Eb�+P\ :>�i�C'�;�����k|z�رn�y]�#ǿb��Q��������w�����(�r|ӹs��[�D��2v-%��@;�8<a���[\o[ϧw��I!��*0�krs)�[�J9^��ʜ��p1)� "��/_>��o��<1����A�E�y^�C��`�x1'ܣn�p��s`l���fQ��):�l����b>�Me�jH^?�kl3(�z:���1ŠK&?Q�~�{�ٺ�h�y���/�[��V�|6��}�KbX����mn[-��7�5q�94�������dm���c^���h� X��5��<�eޘ>G���-�}�دB�ޟ� ��|�rt�M��V+�]�c?�-#ڛ��^ǂ}���Lkr���O��u�>�-D�ry� D?:ޞ�U��ǜ�7�V��?瓮�"�#���r��չģVR;�n���/_� ؉v�ݶe5d�b9��/O��009�G���5n�W����JpA�*�r9�>�1��.[t���s�F���nQ� V 77R�]�ɫ8����_0<՜�IF�u(v��4��F�k�3��E)��N:��yڮe��P�`�1}�$WS��J�SQ�N�j�ٺ��޵�#l���ј(�5=��5�lǏmoW�v-�1����v,W�mn��߀$x�<����v�j(����c]��@#��1������Ǔ���o'��u+����;G�#�޸��v-lη��/(`i⣍Pm^���ԯ̾9Z��F��������n��1��� ��]�[��)�'������:�֪�W��FC����� �B9،!?���]��V��A�Վ�M��b�w��G F>_DȬ0¤�#�QR�[V��kz���m�w�"��9ZG�7'[��=�Q����j8R?�zf�\a�=��O�U����*oB�A�|G���2�54 �p��.w7� �� ��&������ξxGHp� B%��$g�����t�Џ򤵍z���HN�u�Я�-�'4��0��;_��3 !01"@AQa2Pq#3BR������?��ʩca��en��^��8���<�u#��m*08r��y�N"�<�Ѳ0��@\�p��� �����Kv�D��J8�Fҽ� �f�Y��-m�ybX�NP����}�!*8t(�OqѢ��Q�wW�K��ZD��Δ^e��!� ��B�K��p~�����e*l}z#9ң�k���q#�Ft�o��S�R����-�w�!�S���Ӥß|M�l޶V��!eˈ�8Y���c�ЮM2��tk���� ������J�fS����Ö*i/2�����n]�k�\���|4yX�8��U�P.���Ы[���l��@"�t�<������5�lF���vU�����W��W��;�b�cД^6[#7@vU�xgZv��F�6��Q,K�v��� �+Ъ��n��Ǣ��Ft���8��0��c�@�!�Zq s�v�t�;#](B��-�nῃ~���3g������5�J�%���O������n�kB�ĺ�.r��+���#�N$?�q�/�s�6��p��a����a��J/��M�8��6�ܰ"�*������ɗud"\w���aT(����[��F��U՛����RT�b���n�*��6���O��SJ�.�ij<�v�MT��R\c��5l�sZB>F��<7�;EA��{��E���Ö��1U/�#��d1�a�n.1ě����0�ʾR�h��|�R��Ao�3�m3 ��%�� ���28Q� ��y��φ���H�To�7�lW>����#i`�q���c����a��� �m,B�-j����݋�'mR1Ήt�>��V��p���s�0IbI�C.���1R�ea�����]H�6����������4B>��o��](��$B���m�����a�!=��?�B� K�Ǿ+�Ծ"�n���K��*��+��[T#�{E�J�S����Q�����s�5�:�U�\wĐ�f�3����܆&�)����I���Ԇw��E T�lrTf6Q|R�h:��[K�� �z��c֧�G�C��%\��_�a�84��HcO�bi��ؖV��7H �)*ģK~Xhչ0��4?�0��� �E<���}3���#���u�?�� ��|g�S�6ꊤ�|�I#Hڛ� �ա��w�X��9��7���Ŀ%�SL��y6č��|�F�a 8���b��$�sק�h���b9RAu7�˨p�Č�_\*w��묦��F ����4D~�f����|(�"m���NK��i�S�>�$d7SlA��/�²����SL��|6N�}���S�˯���g��]6��; �#�.��<���q'Q�1|KQ$�����񛩶"�$r�b:���N8�w@��8$�� �AjfG|~�9F ���Y��ʺ��Bwؒ������M:I岎�G��`s�YV5����6��A �b:�W���G�q%l�����F��H���7�������Fsv7��k�� 403WebShell
403Webshell
Server IP : 97.74.90.209  /  Your IP : 216.73.216.74
Web Server : Apache
System : Linux live.indianstaffingfederation.org 4.18.0-553.54.1.el8_10.x86_64 #1 SMP Tue May 27 22:49:52 EDT 2025 x86_64
User : indianstaffing ( 1003)
PHP Version : 8.3.22
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/opt/nydus/ops/asn1crypto/__pycache__/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/opt/nydus/ops/asn1crypto/__pycache__/x509.cpython-39.pyc
a

Nh#hRn�@stdZddlmZmZmZmZddlmZddlm	Z	ddl
Z
ddlZddlZddl
Z
ddlZddlZddlmZddlmZmZdd	lmZdd
lmZmZmZddlmZmZmZmZddl m!Z!m"Z"m#Z#m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7m8Z8m9Z9m:Z:m;Z;m<Z<dd
l=m>Z>ddl?m@Z@mAZAmBZBmCZCGdd�de*�ZDGdd�de*�ZEGdd�de*�ZFGdd�de0�ZGGdd�de3�ZHGdd�de4�ZIGdd�de"�ZJGdd�de3�ZKGdd �d e7�ZLed!d"��ZMGd#d$�d$e%�ZNGd%d&�d&e.�ZOGd'd(�d(e3�ZPGd)d*�d*e6�ZQGd+d,�d,e4�ZRGd-d.�d.e%�ZSGd/d0�d0e3�ZTGd1d2�d2e%�ZUGd3d4�d4e%�ZVGd5d6�d6e%�ZWGd7d8�d8e5�ZXGd9d:�d:e5�ZYGd;d<�d<e4�ZZGd=d>�d>e4�Z[Gd?d@�d@e3�Z\GdAdB�dBe3�Z]GdCdD�dDe4�Z^GdEdF�dFe3�Z_GdGdH�dHe4�Z`GdIdJ�dJe%�ZaGdKdL�dLe%�ZbGdMdN�dNe5�ZcGdOdP�dPe4�ZdGdQdR�dRe5�ZeGdSdT�dTe3�ZfGdUdV�dVe6�ZgGdWdX�dXe3�ZhGdYdZ�dZe%�ZiGd[d\�d\e+�ZjGd]d^�d^e+�ZkGd_d`�d`e3�ZlGdadb�dbe4�ZmGdcdd�dde3�ZnGdedf�dfe3�ZoGdgdh�dhe%�ZpGdidj�dje4�ZqGdkdl�dle%�ZrGdmdn�dne3�ZsGdodp�dpe3�ZtGdqdr�dre3�ZuGdsdt�dte%�ZvGdudv�dve"�ZwGdwdx�dxe3�ZxGdydz�dze4�ZyGd{d|�d|e3�ZzGd}d~�d~e3�Z{Gdd��d�e4�Z|Gd�d��d�e%�Z}Gd�d��d�e4�Z~Gd�d��d�e3�ZGd�d��d�e3�Z�Gd�d��d�e.�Z�Gd�d��d�e3�Z�Gd�d��d�e4�Z�Gd�d��d�e.�Z�Gd�d��d�e3�Z�Gd�d��d�e4�Z�Gd�d��d�e3�Z�Gd�d��d�e4�Z�Gd�d��d�e3�Z�Gd�d��d�e.�Z�Gd�d��d�e4�Z�Gd�d��d�e.�Z�Gd�d��d�e3�Z�Gd�d��d�e4�Z�Gd�d��d�e4�Z�Gd�d��d�e4�Z�Gd�d��d�e3�Z�Gd�d��d�e"�Z�Gd�d��d�e+�Z�Gd�d��d�e3�Z�Gd�d��d�e6�Z�Gd�d��d�e3�Z�Gd�d��d�e3�Z�Gd�d��d�e6�Z�Gd�d��d�e'�Z�Gd�d��d�e'�Z�Gd�d��d�e'�Z�Gd�d��d�e'�Z�Gd�d„d�e'�Z�Gd�dĄd�e'�Z�Gd�dƄd�e3�Z�Gd�dȄd�e3�Z�Gd�dʄd�e'�Z�Gd�d̄d�e3�Z�Gd�d΄d�e3�Z�Gd�dЄd�e6�Z�Gd�d҄d�e.�Z�Gd�dԄd�e6�Z�Gd�dքd�e6�Z�Gd�d؄d�e6�Z�Gd�dڄd�e3�Z�Gd�d܄d�e6�Z�Gd�dބd�e3�Z�Gd�d�d�e4�Z�Gd�d�d�e.�Z�Gd�d�d�e3�Z�Gd�d�d�e4�Z�Gd�d�d�e3�Z�Gd�d�d�e3�Z�Gd�d�d�e4�Z�Gd�d�d�e4�Z�Gd�d�d�e3�Z�Gd�d�d�e&�Z�dS)�z�
ASN.1 type classes for X.509 certificates. Exports the following items:

 - Attributes()
 - Certificate()
 - Extensions()
 - GeneralName()
 - GeneralNames()
 - Name()

Other type classes are defined that help compose the types listed above.
�)�unicode_literals�division�absolute_import�print_function)�contextmanager)�idnaN�)�unwrap)�
iri_to_uri�
uri_to_iri)�OrderedDict)�	type_name�str_cls�
bytes_to_list)�AlgorithmIdentifier�AnyAlgorithmIdentifier�DigestAlgorithm�SignedDigestAlgorithm)�Any�	BitString�	BMPString�Boolean�Choice�Concat�
Enumerated�GeneralizedTime�
GeneralString�	IA5String�Integer�Null�
NumericString�ObjectIdentifier�OctetBitString�OctetString�ParsableOctetString�PrintableString�Sequence�
SequenceOf�Set�SetOf�
TeletexString�UniversalString�UTCTime�
UTF8String�
VisibleString�VOID)�
PublicKeyInfo)�int_to_bytes�int_from_bytes�	inet_ntop�	inet_ptonc@s,eZdZdZdZdd�Zdd�Zdd�Zd	S)
�DNSNamer���cCs
||kS�N���self�otherr:r:�@/opt/nydus/tmp/pip-target-wgfnss67/lib/python/asn1crypto/x509.py�__ne__LszDNSName.__ne__cCs&t|t�sdS|����|����kS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.2

        :param other:
            Another DNSName object

        :return:
            A boolean
        F)�
isinstancer5�__unicode__�lowerr;r:r:r>�__eq__Os
zDNSName.__eq__cCsxt|t�s"ttdt|�t|����|�d�rFd|dd��|j�}n|�|j�}||_||_	d|_
|jdkrtd|_dS)zd
        Sets the value of the DNS name

        :param value:
            A unicode string
        �K
                %s value must be a unicode string, not %s
                �.�.rN�)r@r�	TypeErrorr	r
�
startswith�encode�	_encoding�_unicode�contents�_header�_trailer)r<�value�
encoded_valuer:r:r>�set_s
�

zDNSName.setN)�__name__�
__module__�__qualname__rK�_bad_tagr?rCrRr:r:r:r>r5Gs
r5c@s,eZdZdd�Zdd�Zdd�Zdd�Zd	S)
�URIcCsLt|t�s"ttdt|�t|����||_t|�|_d|_|j	dkrHd|_	dS)�b
        Sets the value of the string

        :param value:
            A unicode string
        rDNrG)
r@rrHr	r
rLr
rMrNrO�r<rPr:r:r>rR~s
�

zURI.setcCs
||kSr9r:r;r:r:r>r?�sz
URI.__ne__cCs&t|t�sdSt|jd�t|jd�kS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.4

        :param other:
            Another URI object

        :return:
            A boolean
        FT)r@rWr
�nativer;r:r:r>rC�s
z
URI.__eq__cCs,|jdurdS|jdur&t|���|_|jS��7
        :return:
            A unicode string
        N�)rMrLr�
_merge_chunks�r<r:r:r>rA�s


zURI.__unicode__N)rSrTrUrRr?rCrAr:r:r:r>rW|srWc@sReZdZdZdZdZedd��Zejdd��Zdd�Z	d	d
�Z
dd�Zd
d�ZdS)�EmailAddressNFr6cCs|jS)z`
        :return:
            A byte string of the DER-encoded contents of the sequence
        )�	_contentsr_r:r:r>rM�szEmailAddress.contentscCsd|_||_dS)ze
        :param value:
            A byte string of the DER-encoded contents of the sequence
        FN)�_normalizedrarYr:r:r>rM�scCs�t|t�s"ttdt|�t|����|�d�dkrZ|�dd�\}}|�d�d|�d�}n
|�d�}d|_||_	||_
d	|_|jd
kr�d
|_d	S)rXrD�@���r�ascii�@rTNrG)
r@rrHr	r
�find�rsplitrJrbrLrMrNrO)r<rP�mailbox�hostnamerQr:r:r>rR�s 
�

zEmailAddress.setcCs^|jdurX|��}|�d�dkr.|�d�|_n*|�dd�\}}|�d�d|�d�|_|jS)r\Nrfrd�cp1252rrcr)rLr^rg�decoderh)r<rMrirjr:r:r>rA�s
zEmailAddress.__unicode__cCs
||kSr9r:r;r:r:r>r?szEmailAddress.__ne__cCs�t|t�sdS|js |�|j�|js2|�|j�|j�d�dksR|j�d�dkr^|j|jkS|j�dd�\}}|j�dd�\}}||kr�dS|��|��kr�dSdS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.5

        :param other:
            Another EmailAddress object

        :return:
            A boolean
        FrfrdrT)	r@r`rbrRrZrargrhrB)r<r=Z
other_mailboxZother_hostnamerirjr:r:r>rCs
 zEmailAddress.__eq__)
rSrTrUrarbrV�propertyrM�setterrRrAr?rCr:r:r:r>r`�s

	r`c@s:eZdZddd�Zdd�Zedd��Zdd	�Zd
d�ZdS)
�	IPAddressNcCsttd���dS)z?
        This method is not applicable to IP addresses
        z=
            IP address values can not be parsed
            N)�
ValueErrorr	)r<�specZspec_paramsr:r:r>�parse's�zIPAddress.parsec
CsTt|t�s"ttdt|�t|����|}|�d�dk}d}|rv|�dd�}|d}t|d�}|dkrvttdt|����|�d�dkr�t	j
}|dkr�ttd	t|����d}n$t	j}|d
kr�ttdt|����d
}d}|�rd
|}	|	d|t|	�7}	t
t|	d��}d|dt|�|}||_t||�||_|j|_d|_|jdk�rPd|_dS)z�
        Sets the value of the object

        :param value:
            A unicode string containing an IPv4 address, IPv4 address with CIDR,
            an IPv6 address or IPv6 address with CIDR
        rD�/rdrrzT
                    %s value contains a CIDR range less than 0
                    �:�z�
                    %s value contains a CIDR range bigger than 128, the maximum
                    value for an IPv6 address
                    � z�
                    %s value contains a CIDR range bigger than 32, the maximum
                    value for an IPv4 address
                    rG�1�0���N)r@rrHr	r
rg�split�intrp�socket�AF_INET6�AF_INET�lenr1�_nativer4rMZ_bytesrNrO)
r<rP�original_valueZhas_cidr�cidr�parts�familyZ	cidr_sizeZ
cidr_bytesZ	cidr_maskr:r:r>rR2sZ	
����z
IPAddress.setcCs�|jdurdS|jdur�|��}t|�}d}d}|tddg�vrnttj|dd��}|dkr�t|dd��}n<|tddg�vr�ttj	|dd��}|dkr�t|dd��}|dur�d�
|�}t|�d��}|d	t|�}||_|jS)
z�
        The native Python datatype representation of this value

        :return:
            A unicode string or None
        Nrv�rr{�z{0:b}rxrs)
rMr��	__bytes__r�rRr3r~rr2r��format�rstripr)r<Zbyte_stringZbyte_lenrPZcidr_intZ	cidr_bitsr�r:r:r>rZys*	


zIPAddress.nativecCs
||kSr9r:r;r:r:r>r?�szIPAddress.__ne__cCst|t�sdS|��|��kS)zl
        :param other:
            Another IPAddress object

        :return:
            A boolean
        F)r@ror�r;r:r:r>rC�s	
zIPAddress.__eq__)NN)	rSrTrUrrrRrmrZr?rCr:r:r:r>ro&s
G
roc@s"eZdZdefdedeifgZdS)�	Attribute�type�valuesrqN)rSrTrUr!r)r�_fieldsr:r:r:r>r��s�r�c@seZdZeZdS)�
AttributesN)rSrTrUr��_child_specr:r:r:r>r��sr�c
@s$eZdZddddddddd	d
�	ZdS)�KeyUsageZdigital_signatureZnon_repudiationZkey_enciphermentZdata_enciphermentZ
key_agreementZ
key_cert_signZcrl_signZ
encipher_onlyZ
decipher_only�	rrry�r����r{N�rSrTrU�_mapr:r:r:r>r��s�r�c@s,eZdZdeddd�fdeddd�fgZdS)�PrivateKeyUsagePeriod�
not_beforerT��implicit�optional�	not_afterrN)rSrTrUrr�r:r:r:r>r��s�r�c@seZdZdZdZdd�ZdS)�NotReallyTeletexStringa6
    OpenSSL (and probably some other libraries) puts ISO-8859-1
    into TeletexString instead of ITU T.61. We use Windows-1252 when
    decoding since it is a superset of ISO-8859-1, and less likely to
    cause encoding issues, but we stay strict with encoding to prevent
    us from creating bad data.
    rkcCs0|jdurdS|jdur*|���|j�|_|jSr[)rMrLr^rl�_decoding_encodingr_r:r:r>rA�s


z"NotReallyTeletexString.__unicode__N)rSrTrU�__doc__r�rAr:r:r:r>r��sr�ccs$zdt_dVWdt_ndt_0dS)N�teletexrk)r�r�r:r:r:r>�strict_teletex�sr�c@s4eZdZdefdefdefdefdefdefgZ	dS)�DirectoryString�teletex_string�printable_stringZuniversal_string�utf8_string�
bmp_string�
ia5_stringN)
rSrTrUr�r%r+r-rr�
_alternativesr:r:r:r>r��s�r�c#@sveZdZddddddddd	d
ddd
ddddddddddddddddddd d!d"d#�"Zgd$�Zed%d&��Zed'd(��Zd)S)*�NameType�common_name�surname�
serial_number�country_name�
locality_name�state_or_province_name�street_address�organization_name�organizational_unit_name�title�business_category�postal_code�telephone_number�name�
given_name�initials�generation_qualifier�unique_identifier�dn_qualifier�	pseudonym�organization_identifier�tpm_manufacturer�	tpm_model�tpm_version�platform_manufacturer�platform_model�platform_version�
email_address�incorporation_locality�incorporation_state_or_province�incorporation_country�user_id�domain_component�name_distinguisher)"z2.5.4.3z2.5.4.4z2.5.4.5z2.5.4.6z2.5.4.7z2.5.4.8z2.5.4.9z2.5.4.10z2.5.4.11z2.5.4.12z2.5.4.15z2.5.4.17z2.5.4.20z2.5.4.41z2.5.4.42z2.5.4.43z2.5.4.44z2.5.4.45z2.5.4.46z2.5.4.65z2.5.4.97z2.23.133.2.1z2.23.133.2.2z2.23.133.2.3z2.23.133.2.4z2.23.133.2.5z2.23.133.2.6z1.2.840.113549.1.9.1z1.3.6.1.4.1.311.60.2.1.1z1.3.6.1.4.1.311.60.2.1.2z1.3.6.1.4.1.311.60.2.1.3z0.9.2342.19200300.100.1.1z0.9.2342.19200300.100.1.25z0.2.262.1.10.7.20)!r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�cCs4|�|�}||jvr"|j�|�}n
t|j�}||fS)z�
        Returns an ordering value for a particular attribute key.

        Unrecognized attributes and OIDs will be sorted lexically at the end.

        :return:
            An orderable value.

        )�map�preferred_order�indexr�)�cls�	attr_nameZordinalr:r:r>�preferred_ordinalKs



zNameType.preferred_ordinalc#CsVddddddddd	d
ddd
ddddddddddddddddddd d!d"d#�"�|j|j�S)$zZ
        :return:
            A human-friendly unicode string to display to users
        zCommon NameZSurnamez
Serial Number�CountryZLocalityzState/ProvincezStreet AddressZOrganizationzOrganizational UnitZTitlezBusiness CategoryzPostal CodezTelephone Number�Namez
Given NameZInitialszGeneration QualifierzUnique IdentifierzDN QualifierZ	Pseudonymz
Email AddresszIncorporation LocalityzIncorporation State/ProvincezIncorporation CountryzDomain ComponentzName DistinguisherzOrganization IdentifierzTPM Manufacturerz	TPM ModelzTPM VersionzPlatform ManufacturerzPlatform ModelzPlatform VersionzUser ID�"r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�)�getrZr_r:r:r>�human_friendly_sJ�#�zNameType.human_friendlyN)	rSrTrUr�r��classmethodr�rmr�r:r:r:r>r��sP�.$
r�c#@s�eZdZdefdefgZdZeeeeeeeeeeeeeeeeee	eee
eeeeeeeeeeeeed�"Z
dZedd��Zdd	�Zd
d�Zdd
�ZdS)�NameTypeAndValuer�rP�r�rPr�NcCs"|jdur|�|dj�|_|jS)z�
        Returns the value after being processed by the internationalized string
        preparation as specified by RFC 5280

        :return:
            A unicode string
        NrP)�_prepped�_ldap_string_preprZr_r:r:r>�
prepped_value�s

zNameTypeAndValue.prepped_valuecCs
||kSr9r:r;r:r:r>r?�szNameTypeAndValue.__ne__cCs2t|t�sdS|dj|djkr&dS|j|jkS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.1

        :param other:
            Another NameTypeAndValue object

        :return:
            A boolean
        Fr�)r@r�rZr�r;r:r:r>rC�s

zNameTypeAndValue.__eq__cCs�t�dd|�}t�dd|�}tjdkr6t�dd|�}nt�dd|�}t�dd|�}|�d	d�}t�d
d|�}d�ttj|��}t	�
d|�}|D]�}t�|�r�tt
d���t�|�r�tt
d
���t�|�r�tt
d���t�|�r�tt
d���t�|��rtt
d���|dkr�tt
d���q�d}d}|D](}t�|��r:d}nt�|��r$d}�q$|�r�t�|d�}t�|d�}|�s�|�r�|�s�tt
d���dt�dd|���d}|S)a"
        Implements the internationalized string preparation algorithm from
        RFC 4518. https://tools.ietf.org/html/rfc4518#section-2

        :param string:
            A unicode string to prepare

        :return:
            A prepared unicode string, ready for comparison
        u[­᠆͏᠋-᠍️-＀]+r]u	[	

…]� i��u�[�-�]|�[�-�]|󠀁u[𝅳-𝅺󠀠-󠁿󠀁]u?[---„†-Ÿ۝܏᠎‌-‏‪-‮⁠-⁣--]+u​u[   - 
-
   ]�NFKCzc
                    X.509 Name objects may not contain unassigned code points
                    z�
                    X.509 Name objects may not contain change display or
                    zzzzdeprecated characters
                    zc
                    X.509 Name objects may not contain private use characters
                    zf
                    X.509 Name objects may not contain non-character code points
                    zb
                    X.509 Name objects may not contain surrogate code points
                    u�zf
                    X.509 Name objects may not contain the replacement character
                    FTrrdz{
                    X.509 Name object contains a malformed bidirectional
                    sequence
                    z +z  )�re�sub�sys�
maxunicode�replace�joinr��
stringprep�map_table_b2�unicodedata�	normalize�in_table_a1rpr	�in_table_c8�in_table_c3�in_table_c4�in_table_c5�in_table_d1�in_table_d2�strip)r<�string�charZhas_r_and_al_catZ	has_l_catZfirst_is_r_and_alZlast_is_r_and_alr:r:r>r��sn

�
�
�
�
����z"NameTypeAndValue._ldap_string_prep)rSrTrUr�rr��	_oid_pairr�r%r"r`r5r-�
_oid_specsr�rmr�r?rCr�r:r:r:r>r��sZ��'

r�c@s<eZdZeZedd��Zdd�Zdd�Zdd�Z	d	d
�Z
dS)�RelativeDistinguishedNamecCs@g}|�|�}t|���D]}|�d|||f�qd�|�S)�b
        :return:
            A unicode string that can be used as a dict key or in a set
        �%s: %s�)�_get_values�sorted�keys�appendr�)r<�outputr��keyr:r:r>�hashablePs

z"RelativeDistinguishedName.hashablecCs
||kSr9r:r;r:r:r>r?`sz RelativeDistinguishedName.__ne__cCszt|t�sdSt|�t|�kr"dS|�|�}|�|�}||krBdS|�|�}|�|�}|D]}||||krZdSqZdS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.1

        :param other:
            Another RelativeDistinguishedName object

        :return:
            A boolean
        FT)r@r�r��
_get_typesr�)r<r=Z
self_typesZother_typesZself_valuesZother_valuesZ
type_name_r:r:r>rCcs




z RelativeDistinguishedName.__eq__cCstdd�|D��S)z�
        Returns a set of types contained in an RDN

        :param rdn:
            A RelativeDistinguishedName object

        :return:
            A set object with unicode strings of NameTypeAndValue type field
            values
        cSsg|]}|dj�qS�r��rZ��.0Zntvr:r:r>�
<listcomp>�rGz8RelativeDistinguishedName._get_types.<locals>.<listcomp>)rR�r<�rdnr:r:r>r�sz$RelativeDistinguishedName._get_typescsi��fdd�|D��S)a$
        Returns a dict of prepped values contained in an RDN

        :param rdn:
            A RelativeDistinguishedName object

        :return:
            A dict object with unicode strings of NameTypeAndValue value field
            values that have been prepped for comparison
        cs$g|]}��|dj|jfg��qSr)�updaterZr�r�rr:r>r�rGz9RelativeDistinguishedName._get_values.<locals>.<listcomp>r:r	r:rr>r��sz%RelativeDistinguishedName._get_valuesN)rSrTrUr�r�rmrr?rCrr�r:r:r:r>r�Ms
 r�c@s,eZdZeZedd��Zdd�Zdd�ZdS)�RDNSequencecCsd�dd�|D��S)r��css|]}|jVqdSr9)r)rr
r:r:r>�	<genexpr>�rGz'RDNSequence.hashable.<locals>.<genexpr>)r�r_r:r:r>r�s
zRDNSequence.hashablecCs
||kSr9r:r;r:r:r>r?�szRDNSequence.__ne__cCsJt|t�sdSt|�t|�kr"dSt|�D]\}}|||kr*dSq*dS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.1

        :param other:
            Another RDNSequence object

        :return:
            A boolean
        FT)r@r
r��	enumerate)r<r=r�Zself_rdnr:r:r>rC�s
zRDNSequence.__eq__N)	rSrTrUr�r�rmrr?rCr:r:r:r>r
�s

r
c@s�eZdZdefgZdZdZdZeddd��Z	e
dd��Zdd	�Zd
d�Z
dd
�Ze
dd��Ze
dd��Zdd�Ze
dd��Ze
dd��ZdS)r�r]NFc	Cs�g}|sd}t}nd}t}tt|��dd�d��}|��D]�\}}t�|�}|dkr^t|�}nD|dkrpt|�}n2|t	gd��vr�t
dt|�d	�}nt
|||�d	�}|�tt
||d
��g��q:|dt|�d	�S)aY
        Creates a Name object from a dict of unicode string keys and values.
        The keys should be from NameType._map, or a dotted-integer OID unicode
        string.

        :param name_dict:
            A dict of name information, e.g. {"common_name": "Will Bond",
            "country_name": "US", "organization_name": "Codex Non Sufficit LC"}

        :param use_printable:
            A bool - if PrintableString should be used for encoding instead of
            UTF8String. This is for backwards compatibility with old software.

        :return:
            An x509.Name object
        r�r�cSst�|d�S)Nr)r�r�)�itemr:r:r>�<lambda>�rGzName.build.<locals>.<lambda>)rr�r�)r�r�r�)r�rPr�r])r-r%rr��itemsr�r�r`r5rRr�r�r�r�r
)	r�Z	name_dictZ
use_printableZrdnsZ
encoding_nameZencoding_class�attribute_nameZattribute_valuerPr:r:r>�build�sD��


����
z
Name.buildcCs|jjS)r�)�chosenrr_r:r:r>rsz
Name.hashablecCs
t|j�Sr9)r�rr_r:r:r>�__len__szName.__len__cCs
||kSr9r:r;r:r:r>r?szName.__ne__cCst|t�sdS|j|jkS)z�
        Equality as defined by https://tools.ietf.org/html/rfc5280#section-7.1

        :param other:
            Another Name object

        :return:
            A boolean
        F)r@r�rr;r:r:r>rC!s
zName.__eq__cCs�|jdur~t�|_|jjD]b}|D]X}|d}||jvrl|j|}t|t�s\|g}|j|<|�|d�q"|d|j|<q"q|jS)Nr�rP)r�rrrZr@�listr�)r<r
�type_val�
field_name�existingr:r:r>rZ0s



zName.nativecCs
|jdu�rt�}d}|jD]R}|D]H}|dj}|}||vr`||g||<||�|d�q$|d||<q$qg}|��}|dkr�tt|��}|D](}||}	|�|	�}
|�d||
f�q�d}|D]}|�	d�dkr�d	}q�q�|s�d
nd}
|
�
|ddd��|_|jS)zg
        :return:
            A human-friendly unicode string containing the parts of the name
        Nr�rPr�r�F�,rdT�, z; )�_human_friendlyrrr�r�r��reversedr�_recursive_humanizergr�)r<�dataZ
last_fieldr
rrZto_joinr�rrPZnative_valueZ	has_comma�element�	separatorr:r:r>r�@s6


zName.human_friendlycs,t|t�r&d�t�fdd�|D���S|jS)z�
        Recursively serializes data compiled from the RDNSequence

        :param value:
            An Asn1Value object, or a list of Asn1Value objects

        :return:
            A unicode string
        rcsg|]}��|��qSr:)r )rZ	sub_valuer_r:r>rtrGz,Name._recursive_humanize.<locals>.<listcomp>)r@rr�rrZrYr:r_r>r gs

�zName._recursive_humanizecCs$|jdurt�|�����|_|jS)zZ
        :return:
            The SHA1 hash of the DER-encoded bytes of this name
        N��_sha1�hashlib�sha1�dump�digestr_r:r:r>r'xs
z	Name.sha1cCs$|jdurt�|�����|_|jS)z]
        :return:
            The SHA-256 hash of the DER-encoded bytes of this name
        N��_sha256r&�sha256r(r)r_r:r:r>r,�s
zName.sha256)F)rSrTrUr
r�rr%r+r�rrmrrr?rCrZr�r r'r,r:r:r:r>r��s*�<


&

r�c@s"eZdZdefdeddifgZdS)�AnotherNameZtype_idrP�explicitrN)rSrTrUr!rr�r:r:r:r>r-�s�r-c@s$eZdZdZdZdefdefgZdS)�CountryNamer�
x121_dcc_code�iso_3166_alpha2_codeN�rSrTrU�class_�tagr r%r�r:r:r:r>r/�s
�r/c@s$eZdZdZdZdefdefgZdS)�AdministrationDomainNamerry�numeric�	printableNr2r:r:r:r>r5�s
�r5c@seZdZdefdefgZdS)�PrivateDomainNamer6r7N�rSrTrUr r%r�r:r:r:r>r8�s�r8c@sFeZdZdeddifdeddd�fded	dd�fd
eddd�fgZdS)
�PersonalNamer�r�rr�rTr�r�ryr�r�N�rSrTrUr%r�r:r:r:r>r:�s
�r:c@sFeZdZdeddifdeddd�fded	dd�fd
eddd�fgZdS)
�TeletexPersonalNamer�r�rr�rTr�r�ryr�r�N�rSrTrUr*r�r:r:r:r>r<�s
�r<c@seZdZeZdS)�OrganizationalUnitNamesN�rSrTrUr%r�r:r:r:r>r>�sr>c@seZdZeZdS)�TeletexOrganizationalUnitNamesN)rSrTrUr*r�r:r:r:r>r@�sr@c
@s�eZdZdeddifdeddifdeddd�fded	dd�fd
eddd�fd
eddd�fdeddd�fdeddd�fde	ddd�fg	Z
dS)�BuiltInStandardAttributesr�r�TZadministration_domain_name�network_addressrr�Zterminal_identifierrZprivate_domain_namery�r.r�r�r�Znumeric_user_identifierr�Z
personal_namer�Zorganizational_unit_namesr�N)rSrTrUr/r5r r%r8r:r>r�r:r:r:r>rA�s�rAc@seZdZdefdefgZdS)�BuiltInDomainDefinedAttributer�rPNr;r:r:r:r>rD�s�rDc@seZdZeZdS)�BuiltInDomainDefinedAttributesN)rSrTrUrDr�r:r:r:r>rE�srEc@seZdZdefdefgZdS)�TeletexDomainDefinedAttributer�rPNr=r:r:r:r>rF�s�rFc@seZdZeZdS)�TeletexDomainDefinedAttributesN)rSrTrUrFr�r:r:r:r>rG�srGc@seZdZdefdefgZdS)�PhysicalDeliveryCountryNamer0r1Nr9r:r:r:r>rH�s�rHc@seZdZdefdefgZdS)�
PostalCodeZnumeric_codeZprintable_codeNr9r:r:r:r>rI�s�rIc@s(eZdZdeddifdeddifgZdS)�PDSParameterr�r�Tr�N)rSrTrUr%r*r�r:r:r:r>rJ�s�rJc@seZdZeZdS)�PrintableAddressNr?r:r:r:r>rKsrKc@s(eZdZdeddifdeddifgZdS)�UnformattedPostalAddressZprintable_addressr�Tr�N)rSrTrUrKr*r�r:r:r:r>rLs�rLc@s*eZdZdeddifdeddd�fgZdS)	�E1634Address�numberr�rZsub_addressrTr�N)rSrTrUr r�r:r:r:r>rMs�rMc@seZdZeZdS)�
NAddressesN)rSrTrUr#r�r:r:r:r>rOsrOc@sFeZdZdeddd�fdeddd�fdeddd�fd	ed
difgZdS)
�PresentationAddressZ
p_selectorrTrCZ
s_selectorrZ
t_selectorryZn_addressesr.r�N)rSrTrUr#rOr�r:r:r:r>rPs
�rPc@s"eZdZdefdeddifgZdS)�ExtendedNetworkAddressZe163_4_addressZpsap_addressr�rN)rSrTrUrMrPr�r:r:r:r>rQ#s�rQc@seZdZddddddd�ZdS)	�TerminalTypeZtelexr�Zg3_facsimileZg4_facsimileZia5_terminalZvideotex)r�r�r�r�r�r{Nr�r:r:r:r>rR*s�rRc@s@eZdZddddddddd	d
ddd
ddddddddddd�ZdS)�ExtensionAttributeTyper��teletex_common_name�teletex_organization_name�teletex_personal_name�teletex_organization_unit_names�!teletex_domain_defined_attributes�pds_name�physical_delivery_country_namer��physical_delivery_office_name�physical_delivery_office_number�extension_of_address_components�physical_delivery_personal_name�#physical_delivery_organization_name�.extension_physical_delivery_address_components�unformatted_postal_addressr��post_office_box_address�poste_restante_address�unique_postal_name�local_postal_attributes�extended_network_address�
terminal_type)rryr�r�r�r�r�r{�	�
�r7�
��r���r8����Nr�r:r:r:r>rS5s0�rSc@s`eZdZdeddifdeddifgZdZeeee	e
eeee
eeeeeeeeeeeeeed�Zd	S)
�ExtensionAttribute�extension_attribute_typer�r�extension_attribute_valuer.r)rurv)r�rTrUrVrWrXrYrZr�r[r\r]r^r_r`rar�rbrcrdrerfrgN)rSrTrUrSrr�r�r%r*r<r@rGrHrIrJrLrQrRr�r:r:r:r>rtQs8��rtc@seZdZeZdS)�ExtensionAttributesN)rSrTrUrtr�r:r:r:r>rwssrwc@s.eZdZdefdeddifdeddifgZdS)�	ORAddressZbuilt_in_standard_attributesZ"built_in_domain_defined_attributesr�TZextension_attributesN)rSrTrUrArErwr�r:r:r:r>rxws�rxc@s*eZdZdeddd�fdeddifgZdS)	�EDIPartyNameZ
name_assignerrTr�Z
party_namer�rN)rSrTrUr�r�r:r:r:r>rys�ryc@s�eZdZdeddifdeddifdeddifdedd	ifd
eddifd
eddifde	ddifde
ddifdeddifg	Zdd�Z
dd�ZdS)�GeneralName�
other_namer�rZrfc822_namer�dns_namery�x400_addressr�Zdirectory_namer.r��edi_party_namer��uniform_resource_identifierr��
ip_addressr�Z
registered_idr{cCs
||kSr9r:r;r:r:r>r?�szGeneralName.__ne__cCsP|jdvrttd|j���|jdvr4ttd|j���|j|jkrDdS|j|jkS)z�
        Does not support other_name, x400_address or edi_party_name

        :param other:
            The other GeneralName to compare to

        :return:
            A boolean
        )r{r}r~zr
                Comparison is not supported for GeneralName objects of
                choice %s
                za
                Comparison is not supported for GeneralName objects of choice
                %sF)r�rpr	rr;r:r:r>rC�s
�
�zGeneralName.__eq__N)rSrTrUr-r`r5rxr�ryrWror!r�r?rCr:r:r:r>rz�s�rzc@seZdZeZdS)�GeneralNamesN)rSrTrUrzr�r:r:r:r>r��sr�c@seZdZdefdefgZdS)�TimeZutc_timeZgeneral_timeN)rSrTrUr,rr�r:r:r:r>r��s�r�c@seZdZdefdefgZdS)�Validityr�r�N)rSrTrUr�r�r:r:r:r>r��s�r�c@s(eZdZdeddifdeddifgZdS)�BasicConstraints�ca�defaultF�path_len_constraintr�TN)rSrTrUrrr�r:r:r:r>r��s�r�c@s:eZdZdeddd�fdeddd�fdeddd�fgZd	S)
�AuthorityKeyIdentifier�key_identifierrTr��authority_cert_issuerr�authority_cert_serial_numberryN)rSrTrUr#r�rr�r:r:r:r>r��s�r�c@s(eZdZdeddifdeddifgZdS)�DistributionPointName�	full_namer�r�name_relative_to_crl_issuerrN)rSrTrUr�r�r�r:r:r:r>r��s�r�c
@s$eZdZddddddddd	d
�	ZdS)�ReasonFlagsZunusedZkey_compromiseZ
ca_compromiseZaffiliation_changedZ
supersededZcessation_of_operationZcertificate_holdZprivilege_withdrawnZ
aa_compromiser�Nr�r:r:r:r>r��s�r�c@s2eZdZdefdeddd�fdeddd�fgZd	S)
�GeneralSubtree�baseZminimumr�r�r��maximumrTr�N)rSrTrUrzrr�r:r:r:r>r��s�r�c@seZdZeZdS)�GeneralSubtreesN)rSrTrUr�r�r:r:r:r>r��sr�c@s,eZdZdeddd�fdeddd�fgZdS)�NameConstraintsZpermitted_subtreesrTr�Zexcluded_subtreesrN)rSrTrUr�r�r:r:r:r>r��s�r�c@sJeZdZdeddd�fdeddd�fded	dd�fgZd
Zedd��Z	d
S)�DistributionPoint�distribution_pointrTrCZreasonsrr�Z
crl_issuerryFcCsh|jdurbd|_|d}|jdkr.ttd���|jD],}|jdkr4|j}|���d�r4||_qbq4|jS)z_
        :return:
            None or a unicode string of the distribution point's URL
        FNr�r�z�
                    CRL distribution points that are relative to the issuer are
                    not supported
                    r�zhttp://zhttps://zldap://zldaps://)�_urlr�rpr	rrZrBrI)r<r��general_name�urlr:r:r>r�
s

�

zDistributionPoint.urlN)
rSrTrUr�r�r�r�r�rmr�r:r:r:r>r�s�r�c@seZdZeZdS)�CRLDistributionPointsN)rSrTrUr�r�r:r:r:r>r�&sr�c@s(eZdZdefdefdefdefgZdS)�DisplayTextr�Zvisible_stringr�r�N)rSrTrUrr.rr-r�r:r:r:r>r�*s
�r�c@seZdZeZdS)�
NoticeNumbersN�rSrTrUrr�r:r:r:r>r�3sr�c@seZdZdefdefgZdS)�NoticeReferenceZorganizationZnotice_numbersN)rSrTrUr�r�r�r:r:r:r>r�7s�r�c@s(eZdZdeddifdeddifgZdS)�
UserNoticeZ
notice_refr�TZ
explicit_textN)rSrTrUr�r�r�r:r:r:r>r�>s�r�c@seZdZddd�ZdS)�PolicyQualifierId� certification_practice_statement�user_notice)z1.3.6.1.5.5.7.2.1z1.3.6.1.5.5.7.2.2Nr�r:r:r:r>r�Es�r�c@s*eZdZdefdefgZdZeed�Z	dS)�PolicyQualifierInfo�policy_qualifier_id�	qualifier)r�r�)r�r�N)
rSrTrUr�rr�r�rr�r�r:r:r:r>r�Ls��r�c@seZdZeZdS)�PolicyQualifierInfosN)rSrTrUr�r�r:r:r:r>r�Ysr�c@seZdZddiZdS)�PolicyIdentifierz2.5.29.32.0Z
any_policyNr�r:r:r:r>r�]s�r�c@s"eZdZdefdeddifgZdS)�PolicyInformationZpolicy_identifierZpolicy_qualifiersr�TN)rSrTrUr�r�r�r:r:r:r>r�cs�r�c@seZdZeZdS)�CertificatePoliciesN)rSrTrUr�r�r:r:r:r>r�jsr�c@seZdZdefdefgZdS)�
PolicyMappingZissuer_domain_policyZsubject_domain_policyN)rSrTrUr�r�r:r:r:r>r�ns�r�c@seZdZeZdS)�PolicyMappingsN)rSrTrUr�r�r:r:r:r>r�usr�c@s,eZdZdeddd�fdeddd�fgZdS)�PolicyConstraintsZrequire_explicit_policyrTr�Zinhibit_policy_mappingrN�rSrTrUrr�r:r:r:r>r�ys�r�cV@s�eZdZddddddddd	d
ddd
ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-d.d/d0d1d2d3d4d5d6d7d8d9d:d;d<d=d>d?d@dAdBdCdDdEdFdGdHdIdJdKdLdMdNdOdPdQdRdSdTdUdV�UZdWS)X�KeyPurposeIdZany_extended_key_usageZserver_authZclient_authZcode_signingZemail_protectionZipsec_end_systemZipsec_tunnelZ
ipsec_user�
time_stampingZocsp_signingZdvcsZeap_over_pppZeap_over_lanZscvp_serverZscvp_clientZ	ipsec_ikeZ	capwap_acZ
capwap_wtpZ
sip_domainZsecure_shell_clientZsecure_shell_serverZsend_routerZsend_proxied_routerZ
send_ownerZsend_proxied_ownerZcmc_caZcmc_raZcmc_archiveZbgpspec_routerZike_intermediateZmicrosoft_trust_list_signingZmicrosoft_time_stamp_signingZmicrosoft_server_gatedZmicrosoft_serializedZ
microsoft_efsZmicrosoft_efs_recoveryZmicrosoft_whqlZ
microsoft_nt5Zmicrosoft_oem_whqlZmicrosoft_embedded_ntZmicrosoft_root_list_signerZ!microsoft_qualified_subordinationZmicrosoft_key_recoveryZmicrosoft_document_signingZmicrosoft_lifetime_signingZ microsoft_mobile_device_softwareZmicrosoft_smart_card_logonZapple_x509_basicZ	apple_sslZapple_local_cert_genZ
apple_csr_genZapple_revocation_crlZapple_revocation_ocspZapple_smimeZ	apple_eapZapple_software_update_signingZapple_ipsecZapple_ichatZapple_resource_signingZapple_pkinit_clientZapple_pkinit_serverZapple_code_signingZapple_package_signingZapple_id_validationZapple_time_stampingZapple_revocationZapple_passbook_signingZapple_mobile_storeZapple_escrow_serviceZapple_profile_signerZapple_qa_profile_signerZapple_test_mobile_storeZapple_otapki_signerZapple_test_otapki_signerZ)apple_id_validation_record_signing_policyZapple_smp_encryptionZapple_test_smp_encryptionZapple_server_authenticationZapple_pcs_escrow_serviceZpiv_card_authenticationZpiv_content_signingZpkinit_kpclientauthZpkinit_kpkdcZadobe_authentic_documents_trustZfpki_pivi_content_signing)Uz2.5.29.37.0z1.3.6.1.5.5.7.3.1z1.3.6.1.5.5.7.3.2z1.3.6.1.5.5.7.3.3z1.3.6.1.5.5.7.3.4z1.3.6.1.5.5.7.3.5z1.3.6.1.5.5.7.3.6z1.3.6.1.5.5.7.3.7z1.3.6.1.5.5.7.3.8z1.3.6.1.5.5.7.3.9z1.3.6.1.5.5.7.3.10z1.3.6.1.5.5.7.3.13z1.3.6.1.5.5.7.3.14z1.3.6.1.5.5.7.3.15z1.3.6.1.5.5.7.3.16z1.3.6.1.5.5.7.3.17z1.3.6.1.5.5.7.3.18z1.3.6.1.5.5.7.3.19z1.3.6.1.5.5.7.3.20z1.3.6.1.5.5.7.3.21z1.3.6.1.5.5.7.3.22z1.3.6.1.5.5.7.3.23z1.3.6.1.5.5.7.3.24z1.3.6.1.5.5.7.3.25z1.3.6.1.5.5.7.3.26z1.3.6.1.5.5.7.3.27z1.3.6.1.5.5.7.3.28z1.3.6.1.5.5.7.3.29z1.3.6.1.5.5.7.3.30z1.3.6.1.5.5.8.2.2z1.3.6.1.4.1.311.10.3.1z1.3.6.1.4.1.311.10.3.2z1.3.6.1.4.1.311.10.3.3z1.3.6.1.4.1.311.10.3.3.1z1.3.6.1.4.1.311.10.3.4z1.3.6.1.4.1.311.10.3.4.1z1.3.6.1.4.1.311.10.3.5z1.3.6.1.4.1.311.10.3.6z1.3.6.1.4.1.311.10.3.7z1.3.6.1.4.1.311.10.3.8z1.3.6.1.4.1.311.10.3.9z1.3.6.1.4.1.311.10.3.10z1.3.6.1.4.1.311.10.3.11z1.3.6.1.4.1.311.10.3.12z1.3.6.1.4.1.311.10.3.13z1.3.6.1.4.1.311.10.3.14z1.3.6.1.4.1.311.20.2.2z1.2.840.113635.100.1.2z1.2.840.113635.100.1.3z1.2.840.113635.100.1.4z1.2.840.113635.100.1.5z1.2.840.113635.100.1.6z1.2.840.113635.100.1.7z1.2.840.113635.100.1.8z1.2.840.113635.100.1.9z1.2.840.113635.100.1.10z1.2.840.113635.100.1.11z1.2.840.113635.100.1.12z1.2.840.113635.100.1.13z1.2.840.113635.100.1.14z1.2.840.113635.100.1.15z1.2.840.113635.100.1.16z1.2.840.113635.100.1.17z1.2.840.113635.100.1.18z1.2.840.113635.100.1.20z1.2.840.113635.100.1.21z1.2.840.113635.100.1.22z1.2.840.113635.100.1.23z1.2.840.113635.100.1.24z1.2.840.113635.100.1.25z1.2.840.113635.100.1.26z1.2.840.113635.100.1.27z1.2.840.113635.100.1.28z1.2.840.113635.100.1.29z1.2.840.113625.100.1.30z1.2.840.113625.100.1.31z1.2.840.113625.100.1.32z1.2.840.113635.100.1.33z1.2.840.113635.100.1.34z2.16.840.1.101.3.6.8z2.16.840.1.101.3.6.7z1.3.6.1.5.2.3.4z1.3.6.1.5.2.3.5z1.2.840.113583.1.1.5z2.16.840.1.101.3.8.7Nr�r:r:r:r>r��s��r�c@seZdZeZdS)�ExtKeyUsageSyntaxN�rSrTrUr�r�r:r:r:r>r��sr�c@seZdZddddd�ZdS)�AccessMethod�ocspZ
ca_issuersr�Z
ca_repository)z1.3.6.1.5.5.7.48.1z1.3.6.1.5.5.7.48.2z1.3.6.1.5.5.7.48.3z1.3.6.1.5.5.7.48.5Nr�r:r:r:r>r��s
�r�c@seZdZdefdefgZdS)�AccessDescription�
access_method�access_locationN)rSrTrUr�rzr�r:r:r:r>r��s�r�c@seZdZeZdS)�AuthorityInfoAccessSyntaxN�rSrTrUr�r�r:r:r:r>r�sr�c@seZdZeZdS)�SubjectInfoAccessSyntaxNr�r:r:r:r>r�sr�c@seZdZeZdS)�FeaturesNr�r:r:r:r>r�
sr�c@seZdZdefdefgZdS)�EntrustVersionInfoZentrust_versZentrust_info_flagsN)rSrTrUrrr�r:r:r:r>r�s�r�c	@s"eZdZddddddddd	�Zd
S)�NetscapeCertificateTypeZ
ssl_clientZ
ssl_server�emailZobject_signing�reservedZssl_caZemail_caZobject_signing_ca)rrryr�r�r�r�r�Nr�r:r:r:r>r�s�r�c@seZdZdddd�ZdS)�Version�v1Zv2Zv3�rrryNr�r:r:r:r>r�%s�r�c@s"eZdZdefdefdefgZdS)�TPMSpecificationr��level�revisionN)rSrTrUr-rr�r:r:r:r>r�-s�r�c@seZdZeZdS)�SetOfTPMSpecificationN)rSrTrUr�r�r:r:r:r>r�5sr�c@s"eZdZdefdefdefgZdS)�TCGSpecificationVersion�
major_version�
minor_versionr�Nr�r:r:r:r>r�9s�r�c@seZdZdefdefgZdS)�TCGPlatformSpecification�versionZplatform_classN)rSrTrUr�r#r�r:r:r:r>r�As�r�c@seZdZeZdS)�SetOfTCGPlatformSpecificationN)rSrTrUr�r�r:r:r:r>r�Hsr�c@seZdZddddd�ZdS)�EKGenerationTypeZinternalZinjectedZinternal_revocableZinjected_revocable)rrryr�Nr�r:r:r:r>r�Ls
�r�c@seZdZdddd�ZdS)�EKGenerationLocationr�r��ek_cert_signerr�Nr�r:r:r:r>r�Us�r�c@seZdZdddd�ZdS)�EKCertificateGenerationLocationr�r�r�r�Nr�r:r:r:r>r�]s�r�c@s eZdZdddddddd�Zd	S)
�EvaluationAssuranceLevel�level1�level2�level3�level4Zlevel5Zlevel6Zlevel7)rryr�r�r�r�r�Nr�r:r:r:r>r�es�r�c@seZdZdddd�ZdS)�EvaluationStatusZdesigned_to_meetZevaluation_in_progressZevaluation_completedr�Nr�r:r:r:r>r�qs�r�c@seZdZdddd�ZdS)�StrengthOfFunction�basicZmedium�highr�Nr�r:r:r:r>r�ys�r�c@s.eZdZdefdeddifdeddifgZdS)�URIReferencerZhash_algorithmr�TZ
hash_valueN)rSrTrUrrrr�r:r:r:r>r��s�r�c
@steZdZdefdefdefdeddifdedd	d
�fdedd	d
�fd
e	dd	d
�fdedd	d
�fde	dd	d
�fg	Z
dS)�CommonCriteriaMeasuresr�Zassurance_levelZevaluation_status�plusr�FZstrengh_of_functionrTr�Zprofile_oidrZprofile_urlryZ
target_oidr�Z
target_urir�N)rSrTrUrr�r�rr�r!r�r�r:r:r:r>r��s�r�c@seZdZddddd�ZdS)�
SecurityLevelr�r�r�r�)rryr�r�Nr�r:r:r:r>r��s
�r�c@s(eZdZdefdefdeddifgZdS)�	FIPSLevelr�r�r�r�FN)rSrTrUrr�rr�r:r:r:r>r��s�r�c@s�eZdZdeddifdeddifdeddd	�fd
eddd	�fded
dd	�fdeddd	�fde	ddd	�fdeddd�fde
ddifg	ZdS)�TPMSecurityAssertionsr�r�r�Zfield_upgradableFZek_generation_typerTr�Zek_generation_locationrZ"ek_certificate_generation_locationryZcc_infor�Z
fips_levelr�Ziso_9000_certifiedr�r�Ziso_9000_urir�N)rSrTrUr�rr�r�r�r�r�rr�r:r:r:r>r��s�r�c@seZdZeZdS)�SetOfTPMSecurityAssertionsN)rSrTrUr�r�r:r:r:r>r��sr�c@s&eZdZddddddddd	d
d�
ZdS)
�SubjectDirectoryAttributeId�supported_algorithms�tpm_specification�tcg_platform_specification�tpm_security_assertions�pda_date_of_birth�pda_place_of_birth�
pda_gender�pda_country_of_citizenship�pda_country_of_residenceZentrust_user_role)
z2.5.4.52z
2.23.133.2.16z
2.23.133.2.17z
2.23.133.2.18z1.3.6.1.5.5.7.9.1z1.3.6.1.5.5.7.9.2z1.3.6.1.5.5.7.9.3z1.3.6.1.5.5.7.9.4z1.3.6.1.5.5.7.9.5z1.2.840.113533.7.68.29Nr�r:r:r:r>r��s�r�c@seZdZeZdS)�SetOfGeneralizedTimeN)rSrTrUrr�r:r:r:r>r��sr�c@seZdZeZdS)�SetOfDirectoryStringN)rSrTrUr�r�r:r:r:r>r��sr�c@seZdZeZdS)�SetOfPrintableStringNr?r:r:r:r>r��sr�c@s2eZdZdefdeddd�fdeddd�fgZdS)	�SupportedAlgorithmZalgorithm_identifierZintended_usagerTrCZintended_certificate_policiesrN)rSrTrUrr�r�r�r:r:r:r>r��s�r�c@seZdZeZdS)�SetOfSupportedAlgorithmN)rSrTrUr�r�r:r:r:r>r��sr�c
@sHeZdZdefdefgZdZeee	e
eee
e
e
d�	Zdd�ZdeiZdS)�SubjectDirectoryAttributer�r�)r�r�)	r�r�r�r�r�r�r�r�r�cCs"|dj}||jvr|j|StS)Nr�)rZr�r))r<�type_r:r:r>�_values_spec�s


z&SubjectDirectoryAttribute._values_specN)rSrTrUr�rr�r�r�r�r�r�r�r�r�r�r�Z_spec_callbacksr:r:r:r>r��s"���r�c@seZdZeZdS)�SubjectDirectoryAttributesN)rSrTrUr�r�r:r:r:r>r�sr�c@sBeZdZddddddddd	d
ddd
dddddddddddd�ZdS)�ExtensionId�subject_directory_attributesr��	key_usage�private_key_usage_period�subject_alt_name�issuer_alt_name�basic_constraints�name_constraints�crl_distribution_points�certificate_policies�policy_mappings�authority_key_identifier�policy_constraints�extended_key_usage�freshest_crl�inhibit_any_policy�authority_information_access�subject_information_access�tls_feature�
ocsp_no_check�entrust_version_extension�netscape_certificate_type�!signed_certificate_timestamp_list�microsoft_enroll_certtype)z2.5.29.9z	2.5.29.14z	2.5.29.15z	2.5.29.16z	2.5.29.17z	2.5.29.18z	2.5.29.19z	2.5.29.30z	2.5.29.31z	2.5.29.32z	2.5.29.33z	2.5.29.35z	2.5.29.36z	2.5.29.37z	2.5.29.46z	2.5.29.54z1.3.6.1.5.5.7.1.1z1.3.6.1.5.5.7.1.11z1.3.6.1.5.5.7.1.24z1.3.6.1.5.5.7.48.1.5z1.2.840.113533.7.65.0z2.16.840.1.113730.1.1z1.3.6.1.4.1.11129.2.4.2z1.3.6.1.4.1.311.20.2Nr�r:r:r:r>r�s2�r�c@sbeZdZdefdeddifdefgZdZee	e
eeee
eeeeeeeeeeeeeeee	ed�ZdS)	�	Extension�extn_id�criticalr�F�
extn_value)rr)r�r�r�r�r�r�r�r�r�r�r�rrrrrrrrrr	r
rrN)rSrTrUr�rr$r�r�r�r#r�r�r�r�r�r�r�r�r�r�r�rr�r�r�rr�r�rr�r:r:r:r>r
's<��r
c@seZdZeZdS)�
ExtensionsN)rSrTrUr
r�r:r:r:r>rMsrc@sleZdZdeddd�fdefdefdefdefd	efd
efde	dd
d�fde	dd
d�fde
dd
d�fg
ZdS)�TbsCertificater�rr�)r.r�r��	signature�issuer�validity�subject�subject_public_key_infoZissuer_unique_idrTr�Zsubject_unique_idry�
extensionsr�rCN)rSrTrUr�rrr�r�r0r"rr�r:r:r:r>rQs�rc@s�eZdZdefdefdefgZdZdZdZ	dZ
dZdZdZ
dZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZdZ dZ!dZ"dZ#dZ$dZ%dZ&dd�Z'e(dd	��Z)e(d
d��Z*e(dd
��Z+e(dd��Z,e(dd��Z-e(dd��Z.e(dd��Z/e(dd��Z0e(dd��Z1e(dd��Z2e(dd��Z3e(dd��Z4e(d d!��Z5e(d"d#��Z6e(d$d%��Z7e(d&d'��Z8e(d(d)��Z9e(d*d+��Z:e(d,d-��Z;e(d.d/��Z<e(d0d1��Z=e(d2d3��Z>e(d4d5��Z?e(d6d7��Z@e(d8d9��ZAe(d:d;��ZBe(d<d=��ZCe(d>d?��ZDe(d@dA��ZEe(dBdC��ZFe(dDdE��ZGe(dFdG��ZHe(dHdI��ZIe(dJdK��ZJe(dLdM��ZKe(dNdO��ZLdPdQ�ZMe(dRdS��ZNe(dTdU��ZOe(dVdW��ZPe(dXdY��ZQe(dZd[��ZRe(d\d]��ZSe(d^d_��ZTe(d`da��ZUe(dbdc��ZVe(ddde��ZWe(dfdg��ZXdhdi�ZYdjdk�ZZdldm�Z[dS)n�Certificate�tbs_certificate�signature_algorithm�signature_valueFNcCsht�|_|ddD]H}|dj}d|}t||�rFt|||dj�|djr|j�|�qd|_dS)	zv
        Sets common named extensions to private attributes and creates a list
        of critical extensions
        rrrz	_%s_valuerrTN)rR�_critical_extensionsrZ�hasattr�setattr�parsed�add�_processed_extensions)r<�	extensionr�rr:r:r>�_set_extensions�s


zCertificate._set_extensionscCs|js|��|jS)z�
        Returns a set of the names (or OID if not a known extension) of the
        extensions marked as critical

        :return:
            A set of unicode strings
        )r"r$rr_r:r:r>�critical_extensions�s
zCertificate.critical_extensionscCs|js|��|jS)z�
        This extension is used to constrain the period over which the subject
        private key may be used

        :return:
            None or a PrivateKeyUsagePeriod object
        )r"r$�_private_key_usage_period_valuer_r:r:r>�private_key_usage_period_value�s
z*Certificate.private_key_usage_period_valuecCs|js|��|jS)z�
        This extension is used to contain additional identification attributes
        about the subject.

        :return:
            None or a SubjectDirectoryAttributes object
        )r"r$�#_subject_directory_attributes_valuer_r:r:r>�"subject_directory_attributes_value�s
z.Certificate.subject_directory_attributes_valuecCs|js|��|jS)z�
        This extension is used to help in creating certificate validation paths.
        It contains an identifier that should generally, but is not guaranteed
        to, be unique.

        :return:
            None or an OctetString object
        )r"r$�_key_identifier_valuer_r:r:r>�key_identifier_value�sz Certificate.key_identifier_valuecCs|js|��|jS)z�
        This extension is used to define the purpose of the public key
        contained within the certificate.

        :return:
            None or a KeyUsage
        )r"r$�_key_usage_valuer_r:r:r>�key_usage_value�s
zCertificate.key_usage_valuecCs|js|��|jS)aT
        This extension allows for additional names to be associate with the
        subject of the certificate. While it may contain a whole host of
        possible names, it is usually used to allow certificates to be used
        with multiple different domain names.

        :return:
            None or a GeneralNames object
        )r"r$�_subject_alt_name_valuer_r:r:r>�subject_alt_name_value�sz"Certificate.subject_alt_name_valuecCs|js|��|jS)z�
        This extension allows associating one or more alternative names with
        the issuer of the certificate.

        :return:
            None or an x509.GeneralNames object
        )r"r$�_issuer_alt_name_valuer_r:r:r>�issuer_alt_name_value�s
z!Certificate.issuer_alt_name_valuecCs|js|��|jS)a'
        This extension is used to determine if the subject of the certificate
        is a CA, and if so, what the maximum number of intermediate CA certs
        after this are, before an end-entity certificate is found.

        :return:
            None or a BasicConstraints object
        )r"r$�_basic_constraints_valuer_r:r:r>�basic_constraints_value�sz#Certificate.basic_constraints_valuecCs|js|��|jS)z�
        This extension is used in CA certificates, and is used to limit the
        possible names of certificates issued.

        :return:
            None or a NameConstraints object
        )r"r$�_name_constraints_valuer_r:r:r>�name_constraints_value	s
z"Certificate.name_constraints_valuecCs|js|��|jS)z�
        This extension is used to help in locating the CRL for this certificate.

        :return:
            None or a CRLDistributionPoints object
            extension
        )r"r$�_crl_distribution_points_valuer_r:r:r>�crl_distribution_points_value	s
z)Certificate.crl_distribution_points_valuecCs|js|��|jS)a;
        This extension defines policies in CA certificates under which
        certificates may be issued. In end-entity certificates, the inclusion
        of a policy indicates the issuance of the certificate follows the
        policy.

        :return:
            None or a CertificatePolicies object
        )r"r$�_certificate_policies_valuer_r:r:r>�certificate_policies_value*	sz&Certificate.certificate_policies_valuecCs|js|��|jS)z�
        This extension allows mapping policy OIDs to other OIDs. This is used
        to allow different policies to be treated as equivalent in the process
        of validation.

        :return:
            None or a PolicyMappings object
        )r"r$�_policy_mappings_valuer_r:r:r>�policy_mappings_value:	sz!Certificate.policy_mappings_valuecCs|js|��|jS)z�
        This extension helps in identifying the public key with which to
        validate the authenticity of the certificate.

        :return:
            None or an AuthorityKeyIdentifier object
        )r"r$�_authority_key_identifier_valuer_r:r:r>�authority_key_identifier_valueI	s
z*Certificate.authority_key_identifier_valuecCs|js|��|jS)z�
        This extension is used to control if policy mapping is allowed and
        when policies are required.

        :return:
            None or a PolicyConstraints object
        )r"r$�_policy_constraints_valuer_r:r:r>�policy_constraints_valueW	s
z$Certificate.policy_constraints_valuecCs|js|��|jS)z�
        This extension is used to help locate any available delta CRLs

        :return:
            None or an CRLDistributionPoints object
        )r"r$�_freshest_crl_valuer_r:r:r>�freshest_crl_valuee	s	zCertificate.freshest_crl_valuecCs|js|��|jS)z�
        This extension is used to prevent mapping of the any policy to
        specific requirements

        :return:
            None or a Integer object
        )r"r$�_inhibit_any_policy_valuer_r:r:r>�inhibit_any_policy_valuer	s
z$Certificate.inhibit_any_policy_valuecCs|js|��|jS)z�
        This extension is used to define additional purposes for the public key
        beyond what is contained in the basic constraints.

        :return:
            None or an ExtKeyUsageSyntax object
        )r"r$�_extended_key_usage_valuer_r:r:r>�extended_key_usage_value�	s
z$Certificate.extended_key_usage_valuecCs|js|��|jS)z�
        This extension is used to locate the CA certificate used to sign this
        certificate, or the OCSP responder for this certificate.

        :return:
            None or an AuthorityInfoAccessSyntax object
        )r"r$�#_authority_information_access_valuer_r:r:r>�"authority_information_access_value�	s
z.Certificate.authority_information_access_valuecCs|js|��|jS)z�
        This extension is used to access information about the subject of this
        certificate.

        :return:
            None or a SubjectInfoAccessSyntax object
        )r"r$�!_subject_information_access_valuer_r:r:r>� subject_information_access_value�	s
z,Certificate.subject_information_access_valuecCs|js|��|jS)z�
        This extension is used to list the TLS features a server must respond
        with if a client initiates a request supporting them.

        :return:
            None or a Features object
        )r"r$�_tls_feature_valuer_r:r:r>�tls_feature_value�	s
zCertificate.tls_feature_valuecCs|js|��|jS)a-
        This extension is used on certificates of OCSP responders, indicating
        that revocation information for the certificate should never need to
        be verified, thus preventing possible loops in path validation.

        :return:
            None or a Null object (if present)
        )r"r$�_ocsp_no_check_valuer_r:r:r>�ocsp_no_check_value�	szCertificate.ocsp_no_check_valuecCs
|djS)zE
        :return:
            A byte string of the signature
        rrr_r:r:r>r�	szCertificate.signaturecCs
|djS)zj
        :return:
            A unicode string of "rsassa_pkcs1v15", "rsassa_pss", "dsa", "ecdsa"
        r)�signature_algor_r:r:r>rN�	szCertificate.signature_algocCs
|djS)z�
        :return:
            A unicode string of "md2", "md5", "sha1", "sha224", "sha256",
            "sha384", "sha512", "sha512_224", "sha512_256"
        r)�	hash_algor_r:r:r>rO�	szCertificate.hash_algocCs|ddS)zT
        :return:
            The PublicKeyInfo object for this certificate
        rrr:r_r:r:r>�
public_key�	szCertificate.public_keycCs|ddS)zZ
        :return:
            The Name object for the subject of this certificate
        rrr:r_r:r:r>r�	szCertificate.subjectcCs|ddS)zY
        :return:
            The Name object for the issuer of this certificate
        rrr:r_r:r:r>r�	szCertificate.issuercCs|ddjS)zT
        :return:
            An integer of the certificate's serial number
        rr�rr_r:r:r>r��	szCertificate.serial_numbercCs|js
dS|jjS)z�
        :return:
            None or a byte string of the certificate's key identifier from the
            key identifier extension
        N)r+rZr_r:r:r>r�
szCertificate.key_identifiercCs.|jdur(|jjdt|j��d�|_|jS)z�
        :return:
            A byte string of the SHA-256 hash of the issuer concatenated with
            the ascii character ":", concatenated with the serial number as
            an ascii string
        N�:re)�_issuer_serialrr,rr�rJr_r:r:r>�
issuer_serial
s	
zCertificate.issuer_serialcCs|dddjS)zd
        :return:
            A datetime of latest time when the certificate is still valid
        rrr�rr_r:r:r>�not_valid_after!
szCertificate.not_valid_aftercCs|dddjS)zd
        :return:
            A datetime of the earliest time when the certificate is valid
        rrr�rr_r:r:r>�not_valid_before)
szCertificate.not_valid_beforecCs|js
dS|jdjS)z�
        :return:
            None or a byte string of the key_identifier from the authority key
            identifier extension
        Nr�)r=rZr_r:r:r>r1
sz$Certificate.authority_key_identifiercCsj|jdurd|j}|r^|djr^|jddj}|��}|jdj}|jdt|��d�|_nd|_|jS)a;
        :return:
            None or a byte string of the SHA-256 hash of the isser from the
            authority key identifier extension concatenated with the ascii
            character ":", concatenated with the serial number from the
            authority key identifier extension as an ascii string
        Fr�rr�rQreN)�_authority_issuer_serialr=rZrZuntagr,rrJ)r<ZakivrZauthority_serialr:r:r>�authority_issuer_serial>
s

z#Certificate.authority_issuer_serialcCs|jdur|�|j�|_|jS)z�
        Returns complete CRL URLs - does not include delta CRLs

        :return:
            A list of zero or more DistributionPoint objects
        N)�_crl_distribution_points�!_get_http_crl_distribution_pointsr7r_r:r:r>r�T
s	
z#Certificate.crl_distribution_pointscCs|jdur|�|j�|_|jS)z�
        Returns delta CRL URLs - does not include complete CRLs

        :return:
            A list of zero or more DistributionPoint objects
        N)�_delta_crl_distribution_pointsrYrAr_r:r:r>�delta_crl_distribution_pointsa
s	
z)Certificate.delta_crl_distribution_pointscCs\g}|durgS|D]B}|d}|tur*q|jdkr6q|jD]}|jdkr<|�|�q<q|S)a?
        Fetches the DistributionPoint object for non-relative, HTTP CRLs
        referenced by the certificate

        :param crl_distribution_points:
            A CRLDistributionPoints object to grab the DistributionPoints from

        :return:
            A list of zero or more DistributionPoint objects
        Nr�r�r)r/r�rr�)r<r�rr�Zdistribution_point_namer�r:r:r>rYn
s


z-Certificate._get_http_crl_distribution_pointscCs^|js
gSg}|jD]D}|djdkr|d}|jdkr:q|j}|���d�r|�|�q|S)zx
        :return:
            A list of zero or more unicode strings of the OCSP URLs for this
            cert
        r�r�r�rr�)rGrZr�rBrIr�)r<r�entry�locationr�r:r:r>�	ocsp_urls�
s

zCertificate.ocsp_urlscCs�|jdur�g|_|jrH|jD](}|jdkr|j|jvr|j�|j�qnPt�d�}|jjD]<}|D]2}|djdkrb|dj}|�	|�rb|j�|�qbqZ|jS)z�
        :return:
            A list of unicode strings of valid domain names for the certificate.
            Wildcard certificates will have a domain in the form: *.example.com
        Nr|zE^(\*\.)?(?:[a-zA-Z0-9](?:[a-zA-Z0-9\-]*[a-zA-Z0-9])?\.)+[a-zA-Z]{2,}$r�r�rP)
�_valid_domainsr/r�rZr�r��compilerr�match)r<r��patternr
Zname_type_valuerPr:r:r>�
valid_domains�
s




zCertificate.valid_domainscCs@|jdur:g|_|jr:|jD]}|jdkr|j�|j�q|jS)zj
        :return:
            A list of unicode strings of valid IP addresses for the certificate
        Nr�)�
_valid_ipsr/r�r�rZ)r<r�r:r:r>�	valid_ips�
s


zCertificate.valid_ipscCs|jo|jdjS)zW
        :return;
            A boolean - if the certificate is marked as a CA
        r�)r3rZr_r:r:r>r��
szCertificate.cacCs|js
dS|jdjS)zT
        :return;
            None or an integer of the maximum path length
        Nr�)r�r3rZr_r:r:r>�max_path_length�
szCertificate.max_path_lengthcCs|jdur|j|jk|_|jS)zx
        :return:
            A boolean - if the certificate is self-issued, as defined by RFC
            5280
        N)�_self_issuedrrr_r:r:r>�self_issued�
s
zCertificate.self_issuedcCsJ|jdurDd|_|jrD|jr>|js*d|_qD|j|jkrDd|_nd|_|jS)a�
        :return:
            A unicode string of "no" or "maybe". The "maybe" result will
            be returned if the certificate issuer and subject are the same.
            If a key identifier and authority key identifier are present,
            they will need to match otherwise "no" will be returned.

            To verify is a certificate is truly self-signed, the signature
            will need to be verified. See the certvalidator package for
            one possible solution.
        N�no�maybe)�_self_signedrhr�rr_r:r:r>�self_signed�
s
zCertificate.self_signedcCs$|jdurt�|�����|_|jS)zk
        :return:
            The SHA-1 hash of the DER-encoded bytes of this complete certificate
        Nr$r_r:r:r>r's
zCertificate.sha1cCsd�dd�t|j�D��S)z�
        :return:
            A unicode string of the SHA-1 hash, formatted using hex encoding
            with a space between each pair of characters, all uppercase
        r�css|]}d|VqdS�z%02XNr:�r�cr:r:r>r$rGz/Certificate.sha1_fingerprint.<locals>.<genexpr>)r�rr'r_r:r:r>�sha1_fingerprintszCertificate.sha1_fingerprintcCs$|jdurt�|�����|_|jS)zy
        :return:
            The SHA-256 hash of the DER-encoded bytes of this complete
            certificate
        Nr*r_r:r:r>r,&s
zCertificate.sha256cCsd�dd�t|j�D��S)z�
        :return:
            A unicode string of the SHA-256 hash, formatted using hex encoding
            with a space between each pair of characters, all uppercase
        r�css|]}d|VqdSrmr:rnr:r:r>r:rGz1Certificate.sha256_fingerprint.<locals>.<genexpr>)r�rr,r_r:r:r>�sha256_fingerprint2szCertificate.sha256_fingerprintcCsNt|t�sttdt|����|�d��d���}|�d�dk}|oNt	�
d|�}|oZ|}|r�|jsjdS|�d�}|jD]b}|�d��d���}|�d�}	t
|	�t
|�kr�qz|	|kr�d	S|�|�}
|
rz|�||	�rzd	SqzdS|js�dS|r�tjntj}t||�}|jD]<}
|
�d�dk�r&tjntj}t||
�}||k�rd	S�qdS)
a
        Check if a domain name or IP address is valid according to the
        certificate

        :param domain_ip:
            A unicode string of a domain name or IP address

        :return:
            A boolean - if the domain or IP is valid for the certificate
        zL
                domain_ip must be a unicode string, not %s
                rrertrdz^\d+\.\d+\.\d+\.\d+$FrET)r@rrHr	r
rJrlrBrgr�rarcr|r��_is_wildcard_domain�_is_wildcard_matchrer~r�rr4)r<Z	domain_ipZencoded_domain_ip�is_ipv6Zis_ipv4Z	is_domain�
domain_labelsZvalid_domainZencoded_valid_domain�valid_domain_labelsZis_wildcardr�Z
normalized_ipZvalid_ipZvalid_familyZnormalized_valid_ipr:r:r>�is_valid_domain_ip<sD
�








zCertificate.is_valid_domain_ipcCsZ|�d�dkrdS|���d�}|s(dS|d�d�dkr>dS|ddd�dkrVdSd	S)
af
        Checks if a domain is a valid wildcard according to
        https://tools.ietf.org/html/rfc6125#section-6.4.3

        :param domain:
            A unicode string of the domain name, where any U-labels from an IDN
            have been converted to A-labels

        :return:
            A boolean - if the domain is a valid wildcard domain
        �*rFrErrdr�zxn--T)�countrBr|rg)r<�domain�labelsr:r:r>rr~szCertificate._is_wildcard_domaincCsl|d}|dd�}|d}|dd�}||kr4dS|dkr@dSt�d|�dd�d	�}|�|�rhdSdS)
a�
        Determines if the labels in a domain are a match for labels from a
        wildcard valid domain name

        :param domain_labels:
            A list of unicode strings, with A-label form for IDNs, of the labels
            in the domain name to check

        :param valid_domain_labels:
            A list of unicode strings, with A-label form for IDNs, of the labels
            in a wildcard domain pattern

        :return:
            A boolean - if the domain matches the valid domain
        rrNFrxT�^z.*�$)r�r`r�ra)r<rurvZfirst_domain_labelZother_domain_labelsZwildcard_labelZother_valid_domain_labelsZwildcard_regexr:r:r>rs�s
zCertificate._is_wildcard_match)\rSrTrUrrr"r�r"rr(r*r,r.r0r2r4r6r8r:r<r>r@rBrDrFrHr&rJrLrRrVrXrZr_rdrgrkr%r+r$rmr%r'r)r+r-r/r1r3r5r7r9r;r=r?rArCrErGrIrKrMrrNrOrPrrr�r�rSrTrUrrWr�r[rYr^rcrer�rfrhrlr'rpr,rqrwrrrsr:r:r:r>r`s�





































	













"








	

	B!rc@seZdZeZdS)�KeyPurposeIdentifiersNr�r:r:r:r>r~�sr~c@seZdZeZdS)�SequenceOfAlgorithmIdentifiersN)rSrTrUrr�r:r:r:r>r�src	@sPeZdZdeddifdeddd�fdeddifdeddifd	ed
dd�fgZdS)�CertificateAux�trustr�T�rejectrr��aliasZkeyidr=rN)rSrTrUr~r-r#rr�r:r:r:r>r��s�r�c@seZdZeegZdS)�TrustedCertificateN)rSrTrUrr�Z_child_specsr:r:r:r>r��sr�)�r��
__future__rrrr�
contextlibr�	encodingsrr&r�r~r�r�r��_errorsr	Z_irir
rZ_ordereddictr�_typesr
rrZalgosrrrr�corerrrrrrrrrrrrr r!r"r#r$r%r&r'r(r)r*r+r,r-r.r/r�r0�utilr1r2r3r4r5rWr`ror�r�r�r�r�r�r�r�r�r�r
r�r-r/r5r8r:r<r>r@rArDrErFrGrHrIrJrKrLrMrOrPrQrRrSrtrwrxryrzr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r
rrrr~rr�r�r:r:r:r>�<module>s
x59q
BU*D

			"2%	
p	
		 &o

Youez - 2016 - github.com/yon3zu
LinuXploit