l]]c@`sdZddlmZmZmZmZddlZddlmZddl m Z m Z m Z m Z mZmZmZmZmZddlmZmZmZmZmZmZmZmZde fd YZd efd YZd efd YZdefdYZdefdYZ de fdYZ!defdYZ"defdYZ#defdYZ$defdYZ%defdYZ&defdYZ'd efd!YZ(dS("u ASN.1 type classes for certificate revocation lists (CRL). Exports the following items: - CertificateList() Other type classes are defined that help compose the types listed above. i(tunicode_literalstdivisiontabsolute_importtprint_functionNi(tSignedDigestAlgorithm( tBooleant EnumeratedtGeneralizedTimetIntegertObjectIdentifiertOctetBitStringtParsableOctetStringtSequencet SequenceOf(tAuthorityInfoAccessSyntaxtAuthorityKeyIdentifiertCRLDistributionPointstDistributionPointNamet GeneralNamestNamet ReasonFlagstTimetVersioncB`s#eZidd6dd6dd6ZRS(uv1iuv2iuv3i(t__name__t __module__t_map(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR+stIssuingDistributionPointc B`seZdeidd6ed6fdeidd6ed6fdeid d6ed6fd eid d6ed6fd eid d6ed6fdeidd6ed6fgZRS(udistribution_pointiuexplicituoptionaluonly_contains_user_certsiuimplicitudefaultuonly_contains_ca_certsiuonly_some_reasonsiu indirect_crliuonly_contains_attribute_certsi(RRRtTrueRtFalseRt_fields(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR3s tTBSCertListExtensionIdcB`s?eZidd6dd6dd6dd6dd 6d d 6d d 6ZRS(uissuer_alt_nameu 2.5.29.18u crl_numberu 2.5.29.20udelta_crl_indicatoru 2.5.29.27uissuing_distribution_pointu 2.5.29.28uauthority_key_identifieru 2.5.29.35u freshest_crlu 2.5.29.46uauthority_information_accessu1.3.6.1.5.5.7.1.1(RRR(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR>stTBSCertListExtensioncB`speZdefdeied6fdefgZd Zied6e d6e d6e d6e d6e d 6e d 6ZRS( uextn_iducriticaludefaultu extn_valueuissuer_alt_nameu crl_numberudelta_crl_indicatoruissuing_distribution_pointuauthority_key_identifieru freshest_crluauthority_information_access(uextn_idu extn_value(RRRRRR Rt _oid_pairRRRRRRt _oid_specs(((s-lib/python2.7/site-packages/asn1crypto/crl.pyRJs tTBSCertListExtensionscB`seZeZRS((RRRt _child_spec(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR"]st CRLReasoncB`sceZi dd6dd6dd6dd6dd 6d d 6d d 6dd6dd6dd6ZedZRS(u unspecifiediukey_compromiseiu ca_compromiseiuaffiliation_changediu supersedediucessation_of_operationiucertificate_holdiuremove_from_crliuprivilege_withdrawni u aa_compromisei cC`sQi dd6dd6dd6dd6d d 6d d 6d d6dd6dd6dd6|jS(u :return: A unicode string with revocation description that is suitable to show to end-users. Starts with a lower case letter and phrased in such a way that it makes sense after the phrase "because of" or "due to". uan unspecified reasonu unspecifiedua compromised keyukey_compromiseuthe CA being compromisedu ca_compromiseuan affiliation changeuaffiliation_changeducertificate supersessionu supersededua cessation of operationucessation_of_operationua certificate holducertificate_holduremoval from the CRLuremove_from_crluprivilege withdrawluprivilege_withdrawnuthe AA being compromisedu aa_compromise(tnative(tself((s-lib/python2.7/site-packages/asn1crypto/crl.pythuman_friendlyos (RRRtpropertyR'(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR$as tCRLEntryExtensionIdcB`s*eZidd6dd6dd6dd6ZRS(u crl_reasonu 2.5.29.21uhold_instruction_codeu 2.5.29.23uinvalidity_dateu 2.5.29.24ucertificate_issueru 2.5.29.29(RRR(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR)s tCRLEntryExtensioncB`s[eZdefdeied6fdefgZdZied6e d6e d6e d6Z RS( uextn_iducriticaludefaultu extn_valueu crl_reasonuhold_instruction_codeuinvalidity_dateucertificate_issuer(uextn_idu extn_value( RRR)RRR RR R$R RRR!(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR*s tCRLEntryExtensionscB`seZeZRS((RRR*R#(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR+stRevokedCertificatecB`seZdefdefdeied6fgZeZd Z d Z d Z d Z eZdZedZedZedZedZed ZRS( uuser_certificateurevocation_dateucrl_entry_extensionsuoptionalcC`st|_xr|dD]f}|dj}d|}t||r]t|||djn|djr|jj|qqWt|_dS(uv Sets common named extensions to private attributes and creates a list of critical extensions ucrl_entry_extensionsuextn_idu _%s_valueu extn_valueucriticalN( tsett_critical_extensionsR%thasattrtsetattrtparsedtaddRt_processed_extensions(R&t extensiontnametattribute_name((s-lib/python2.7/site-packages/asn1crypto/crl.pyt_set_extensionss    cC`s|js|jn|jS(u Returns a set of the names (or OID if not a known extension) of the extensions marked as critical :return: A set of unicode strings (R3R7R.(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytcritical_extensionss  cC`s#|jtkr|jn|jS(u This extension indicates the reason that a certificate was revoked. :return: None or a CRLReason object (R3RR7t_crl_reason_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytcrl_reason_values  cC`s#|jtkr|jn|jS(u= This extension indicates the suspected date/time the private key was compromised or the certificate became invalid. This would usually be before the revocation date, which is when the CA processed the revocation. :return: None or a GeneralizedTime object (R3RR7t_invalidity_date_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytinvalidity_date_values  cC`s#|jtkr|jn|jS(u This extension indicates the issuer of the certificate in question, and is used in indirect CRLs. CRL entries without this extension are for certificates issued from the last seen issuer. :return: None or an x509.GeneralNames object (R3RR7t_certificate_issuer_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytcertificate_issuer_values  cC`sa|jtkrZd|_|jrZx3|jD]%}|jdkr+|j|_Pq+q+WqZn|jS(ui :return: None, or an asn1crypto.x509.Name object for the issuer of the cert udirectory_nameN(t _issuer_nameRtNoneR>R5tchosen(R&t general_name((s-lib/python2.7/site-packages/asn1crypto/crl.pyt issuer_names   N(RRRRR+RRRR3R@R.R9R;R=R?R7R(R8R:R<R>RC(((s-lib/python2.7/site-packages/asn1crypto/crl.pyR,s    tRevokedCertificatescB`seZeZRS((RRR,R#(((s-lib/python2.7/site-packages/asn1crypto/crl.pyRDst TbsCertListc B`s|eZdeied6fdefdefdefdeied6fdeied6fdeidd 6ed6fgZ RS( uversionuoptionalu signatureuissueru this_updateu next_updateurevoked_certificatesucrl_extensionsiuexplicit( RRRRRRRRDR"R(((s-lib/python2.7/site-packages/asn1crypto/crl.pyREs   tCertificateListcB`saeZdefdefdefgZeZdZ dZ dZ dZ dZ dZdZdZdZdZdZdZdZedZedZedZedZedZed Zed Zed Zed Zed Z edZ!edZ"edZ#edZ$edZ%RS(u tbs_cert_listusignature_algorithmu signaturecC`st|_xv|ddD]f}|dj}d|}t||rat|||djn|djr|jj|qqWt|_dS(uv Sets common named extensions to private attributes and creates a list of critical extensions u tbs_cert_listucrl_extensionsuextn_idu _%s_valueu extn_valueucriticalN( R-R.R%R/R0R1R2RR3(R&R4R5R6((s-lib/python2.7/site-packages/asn1crypto/crl.pyR74s    cC`s|js|jn|jS(u Returns a set of the names (or OID if not a known extension) of the extensions marked as critical :return: A set of unicode strings (R3R7R.(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pyR8Fs  cC`s#|jtkr|jn|jS(u This extension allows associating one or more alternative names with the issuer of the CRL. :return: None or an x509.GeneralNames object (R3RR7t_issuer_alt_name_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytissuer_alt_name_valueTs  cC`s#|jtkr|jn|jS(u This extension adds a monotonically increasing number to the CRL and is used to distinguish different versions of the CRL. :return: None or an Integer object (R3RR7t_crl_number_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytcrl_number_valuebs  cC`s#|jtkr|jn|jS(u This extension indicates a CRL is a delta CRL, and contains the CRL number of the base CRL that it is a delta from. :return: None or an Integer object (R3RR7t_delta_crl_indicator_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytdelta_crl_indicator_valueps  cC`s#|jtkr|jn|jS(u This extension includes information about what types of revocations and certificates are part of the CRL. :return: None or an IssuingDistributionPoint object (R3RR7t!_issuing_distribution_point_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pyt issuing_distribution_point_value~s  cC`s#|jtkr|jn|jS(u This extension helps in identifying the public key with which to validate the authenticity of the CRL. :return: None or an AuthorityKeyIdentifier object (R3RR7t_authority_key_identifier_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytauthority_key_identifier_values  cC`s#|jtkr|jn|jS(u This extension is used in complete CRLs to indicate where a delta CRL may be located. :return: None or a CRLDistributionPoints object (R3RR7t_freshest_crl_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytfreshest_crl_values  cC`s#|jtkr|jn|jS(u This extension is used to provide a URL with which to download the certificate used to sign this CRL. :return: None or an AuthorityInfoAccessSyntax object (R3RR7t#_authority_information_access_value(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pyt"authority_information_access_values  cC`s |ddS(u_ :return: An asn1crypto.x509.Name object for the issuer of the CRL u tbs_cert_listuissuer((R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytissuerscC`s|js dS|jdjS(u :return: None or a byte string of the key_identifier from the authority key identifier extension ukey_identifierN(RPR@R%(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pytauthority_key_identifiers cC`s|jdkrg|_|jrx~|jD]p}|djdkr+|d}|jdkrcq+n|j}|jdd!dkr|jj|qq+q+Wqn|jS( u :return: A list of unicode strings that are URLs that should contain either an individual DER-encoded X.509 certificate, or a DER-encoded CMS message containing multiple certificates u access_methodu ca_issuersuaccess_locationuuniform_resource_identifieriiuhttp://N(t_issuer_cert_urlsR@RTR%R5tlowertappend(R&tentrytlocationturl((s-lib/python2.7/site-packages/asn1crypto/crl.pytissuer_cert_urlss      cC`s|jdkrg|_|jdk rxi|jD][}|d}|jdkrVq1nx3|jD](}|jdkr`|jj|q`q`Wq1Wqn|jS(u Returns delta CRL URLs - only applies to complete CRLs :return: A list of zero or more DistributionPoint objects udistribution_pointuname_relative_to_crl_issueruuniform_resource_identifierN(t_delta_crl_distribution_pointsR@RRR5RARY(R&tdistribution_pointtdistribution_point_nameRB((s-lib/python2.7/site-packages/asn1crypto/crl.pytdelta_crl_distribution_pointss   !cC`s |djS(uE :return: A byte string of the signature u signature(R%(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pyt signaturescC`s7|jdkr0tj|jj|_n|jS(uf :return: The SHA1 hash of the DER-encoded bytes of this certificate list N(t_sha1R@thashlibtsha1tdumptdigest(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pyRes!cC`s7|jdkr0tj|jj|_n|jS(ui :return: The SHA-256 hash of the DER-encoded bytes of this certificate list N(t_sha256R@Rdtsha256RfRg(R&((s-lib/python2.7/site-packages/asn1crypto/crl.pyRis!N(&RRRERR RRR3R@R.RGRIRKRMRORQRSRWR^RcRhR7R(R8RHRJRLRNRPRRRTRURVR]RaRbReRi(((s-lib/python2.7/site-packages/asn1crypto/crl.pyRFs@       ()t__doc__t __future__RRRRRdtalgosRtcoreRRRRR R R R R tx509RRRRRRRRRRRRR"R$R)R*R+R,RDRERF(((s-lib/python2.7/site-packages/asn1crypto/crl.pyt s$" @ :  & k