hn3ddlZddlZddlmZddlmZmZddlmZm Z m Z m Z m Z m Z mZddlmZddlmZejeZGddeZd ed ed efd Zd Zdeded efdZdedefdZdedefdZdejdejfdZ Gddej!Z"e"j#e e"j$ee"j%ee"j&eiZ'Gdde(Z)dej*fdZ+dej,fdZ-GddZ.edGd d!Z/e e"e e/fZ0d"e ejd e0fd#Z1d$e e/d e0fd%Z2d&ej3d e0fd'Z4Gd(d)Z5Gd*d+Z6Gd,d-Z7d e0fd.Z8d e0fd/Z9dS)0N) dataclass) IPv4Address IPv6Address)CallableDictIterableListOptionalSetUnion)x509)urisplitceZdZdS)NameConstraintErrorN)__name__ __module__ __qualname__\/var/www/html/Sam_Eipo/venv/lib/python3.11/site-packages/pyhanko_certvalidator/name_trees.pyrr sDrr base_host other_hostreturnc|ddkr8||\}}}t|ot| S||kS)Nr.) rpartitionbool)rrpre_posts rhost_tree_containsr!sP|s!,,Y77 QCyy+d^+Y&&rct|}|rt|ttfr<|d|dnd}d|d|d}t |t||S)Nz has host rzis not a well-formed URI.zCURI constraints require URIs with a host specified as a FQDN; URI 'z' )rgethost isinstancerrloggerwarningr)cand_uri cand_hosthost_errmsgs r _host_regnamer+s""**,,I  ' 9{K.HII '$ % $ $ $ $-   , , , ( , , ,  s!#&&& rbaseotherc@t|}t||SN)r+r!)r,r-rs ruri_tree_containsr0,s#E**J dJ / //rc \|d}|d}t|t|krdSt|t|ko@tdtt |t |DS)NrFc3(K|] \}}||kVdSr/r.0xys r z$dns_tree_contains..9s;991aQ999999r)splitlenallzipreversed)r,r- base_labels other_labelss rdns_tree_containsr?2s**S//K;;s##L <3{++++u |  K 0 0 0 S99x 55x 7L7LMM99966rc|d\}}}|d\}}}|r||kSt||S)N@)rr!)r,r- base_mailboxrbase_host_or_domain other_mailboxother_host_or_domains remail_tree_containsrF>s],0??3+?+?(L!(-2-=-=c-B-B*M1*Mu}!"57KLLLrc|j}|j}t|t|ko&tdt||DS)Nc3(K|] \}}||kVdSr/rr3s rr7z(dirname_tree_contains..OsCEE1aQEEEEEEr)chosenr9r:r;)r,r-base_rdn_sequenceother_rdn_sequences rdirname_tree_containsrLKsq  ! " "c*;&<&< < EE02DEEEEEBBrceZdZejZejZejZejZejZ ejZ ejZ ejZ ejZ edeeeeejfeeejfgeffdZeddZdS)GeneralNameTyperc8t|dSr/)_name_type_checkersgetselfs rcheck_membershipz GeneralNameType.check_membershipbs #&&tT222rcFt||Sr/)getattrupper)clschoices r from_choicezGeneralNameType.from_choicejssFLLNN+++rN)rrN)rrrenumauto OTHER_NAME RFC822_NAMEDNS_NAME X400_ADDRESSDIRECTORY_NAMEEDI_PARTY_NAMEUNIFORM_RESOURCE_IDENTIFIER IP_ADDRESS REGISTERED_IDpropertyr rr strr NamerrT classmethodrZrrrrNrNWsJ$)++Kty{{H49;;LTY[[NTY[[N"+$)++JDIKKM 3 %TY'sDI~)>?EF 333X3,,,[,,,rrNc$eZdZdeffd ZxZS)UnsupportedNameTypeError name_typecxt|jdSr/)super__init__namelower)rSrl __class__s rroz!UnsupportedNameTypeError.__init__xs/ --//00000r)rrrrNro __classcell__)rrs@rrkrkwsD1/1111111111rrkgnamect|j}|j}|tjkr|j}||fSr/)rNrZrprIranative)rt gname_typevalues r_interpret_general_namery|s@ ,,UZ88J LE_333  u rcertc#(Kt|jjrtj|jfV|j}|B|jjD]3}|D].}|djdkrtj|djfV/4dS|D]}t|VdS)Ntype email_addressrx) r9subjectrIrNrasubject_alt_name_valuervr^ry)rzsubject_alt_namesrdn name_pairrps r_enumerate_names_in_certrs 4< ;,dl::::+/+F <& Q QC  Q Q V$+>>)5y7I7PPPPP Q Q Q & 0 0D)$// / / / / 0 0rcVeZdZdeeejffdZedZ dZ dZ dS) _StringOrNamerxc||_dSr/)rx)rSrxs rroz_StringOrName.__init__s  rcx|j}t|tjrd|fSd|fS)Nr)rxr$r rhdump)rSvals r_codez_StringOrName._codes8j c49 % % chhjj= c6Mrc*t|jSr/)hashrrRs r__hash__z_StringOrName.__hash__sDJrcLt|to|j|jkSr/)r$rr)rSr-s r__eq__z_StringOrName.__eq__s %//MDJ%+4MMrN) rrrr rgr rhrorfrrrrrrrrsxeCN3X   NNNNNrrT)frozenceZdZUeed<eeed<dZeed<dZ eeed<de e e j fdefd Zeded e e e j ffd Zedd Zededdfd ZdS) NameSubtreerl tree_baserminNmaxitemrc|jdS|jdks|jtd|jj}|td|j||jj|S)NTrzuThe minimum/maximum fields on a name constraint are not meaningful in the PKIX (RFC 5280) profile --- not processing.z%No containment checker available for )rrrNotImplementedErrorrlrTrx)rSrcheckers r __contains__zNameSubtree.__contains__s > !4 8q==DH0%P .1 ?%HHH wt~+T222rrpc>t|t|S)Nrlr)rr)rXrlrps r from_namezNameSubtree.from_namesY-:M:MNNNNrc|d}t|\}}t|t||dj|djS)Nr,minimummaximum)rr)ryrrrv)rXsubtreertrlname_objs rfrom_general_subtreez NameSubtree.from_general_subtreesX5e<< 8  ( # # ") ")     rc$t|dS)z Tree that contains all names of a given type. :param name_type: The name type to use. :return: Nr)r)rXrls runiversal_treezNameSubtree.universal_treesY$????r)rr)rrrrN__annotations__r rrintrr rgr rhrrrirrrrrrrrs &&&&CLLLC#3sDI~!6343333"O/OsDI~9NOOO[O   [ @@=@@@[@@@rrnamescXdtjfdtjfd|DiS)NrpcNttj|S)N)rlrp)rrrNra)rps r_subtreez(x509_names_to_subtrees.._subtrees'$$%44%   rc&h|] }|Srr)r4nrs r z)x509_names_to_subtrees..s!,H,H,HQXXa[[,H,H,Hr)r rhrNra)rrs @rx509_names_to_subtreesrsE ty     *,H,H,H,H%,H,H,H IIrtreesci}|D]>} ||j|$#t$r|h||j<Y;wxYw|Sr/)rladdKeyError)rresulttrees r_group_subtreesrsoF,, , 4> " & &t , , , , , , ,&*VF4> " " " , Ms )AAsubtreesc4td|DS)Nc3JK|]}t|VdSr/)rr)r4rs rr7z+process_general_subtrees..sA6= ((11r)r)rs rprocess_general_subtreesrs0 AI  rcheZdZ ddeedeeejdffdZ dZ e dZ dS)NameConstraintValidationResultNfailing_name_type failing_namec"||_||_dSr/rr)rSrrs rroz'NameConstraintValidationResult.__init__s =N9Erc|jduSr/)rrRs r__bool__z'NameConstraintValidationResult.__bool__ s%--rc|jJ|j}t|tjr|j}|jj}d|d|dS)Nz The name 'z ' of type z is not allowed.)rrr$r rhhuman_friendlyrprq)rSname_strrls r error_messagez,NameConstraintValidationResult.error_messagese%111$ h * * /.H*/5577 KHKK KKKKr)NN) rrrr rNr rgr rhrorrfrrrrrrs8<48FF#O4FCD01FFFF...LLXLLLrrcPeZdZdefdZdefdZdedefdZde j de fd Z d S) PermittedSubtreesinitial_permitted_subtreesc<fdtD}||_dS)Nc Zi|]'}|t|dg(S)r)setrQ)r4rlrs r z.PermittedSubtrees.__init__..'sM@ @ @  6::9bIIJJK@ @ @ r)rN_trees)rSrrs ` rrozPermittedSubtrees.__init__s?@ @ @ @ ,@ @ @  rrcz|D]%\}}|j||&dSr/)itemsrappend)rSrrl new_permitteds rintersect_withz PermittedSubtrees.intersect_with-sF(-  9 9 $I} K " ) )- 8 8 8 8 9 9rrlrc tfdt|j|DS#t$rYdSwxYw)Nc3NK|]}tfd|DV dS)c3 K|]}|vV dSr/rr4rrps rr7z:PermittedSubtrees.accept_name...9s'AATDDLAAAAAArN)any)r4trees_in_generationrps rr7z0PermittedSubtrees.accept_name..8sU'AAAA-@AAAAArF)r:r<rrrSrlrps `r accept_namezPermittedSubtrees.accept_name2ss  +3DK 4J+K+K #   55 s26 AArzc tfdt|D\}}t||S#t$rtcYSwxYw)Nc3RK|]!\}}||||fV"dSr/)rr4rlrprSs rr7z0PermittedSubtrees.accept_cert..CsV33#It'' 4883D!333333rrnextrr StopIterationrSrzrrs` r accept_certzPermittedSubtrees.accept_cert? 4.23333'?'E'E333// + | 2"3,  4 4 4133 3 3 3 4;?AAN) rrr PKIXSubtreesrorrNrrr Certificaterrrrrrrs<&9L9999 _ t     4$ 4 ' 4 4 4 4 4 4rrcPeZdZdefdZdefdZdedefdZde j de fd Z d S) ExcludedSubtreesinitial_excluded_subtreescLd|D|_dS)Nc4i|]\}}|t|Srr)r4rltree_sets rrz-ExcludedSubtrees.__init__..Us4% % % # 8 s8}}% % % r)rr)rSrs rrozExcludedSubtrees.__init__Ps2 % % '@'F'F'H'H% % %  rrcz|D]%\}}|j||&dSr/)rrupdate)rSrrl new_excludeds r union_withzExcludedSubtrees.union_withZsF',{{}} 8 8 #I| K " ) ), 7 7 7 7 8 8rrlrct tfd|j|DS#t$rYdSwxYw)Nc3 K|]}|vV dSr/rrs rr7z/ExcludedSubtrees.reject_name..as'GGtt|GGGGGGrT)rrrrs `r reject_namezExcludedSubtrees.reject_name_sT GGGG I0FGGGGG G"   44 s %) 77rzc tfdt|D\}}t||S#t$rtcYSwxYw)Nc3RK|]!\}}||||fV"dSr/)rrs rr7z/ExcludedSubtrees.accept_cert..isV33#It##It443D!333333rrrrs` rrzExcludedSubtrees.accept_certerrN) rrrrrorrNrrr rrrrrrrrOs ,    8 8888 _t 4$ 4 ' 4 4 4 4 4 4rrc$dtDS)NcFi|]}|t|hSr)rrr4rls rrz.default_permitted_subtrees..vs;     K..y99:   rrNrrrdefault_permitted_subtreesrus#  (   rc$dtDS)Nc,i|]}|tSrrrs rrz-default_excluded_subtrees..}s > > >Isuu > > >rrrrrdefault_excluded_subtreesr|s > >o > > >>r):r[logging dataclassesr ipaddressrrtypingrrrr r r r asn1cryptor uritoolsr getLoggerrr% ValueErrorrrgrr!r+r0r?rFrhrLEnumrNrar^r_rcrPrrk GeneralNameryrrrrrrrGeneralSubtreesrrrrrrrrrr s7 !!!!!!........GGGGGGGGGGGGGGGGGG  8 $ $     *   '#'3'4''''"0C000000 C      Mc M# M M M M $),,,,,di,,,2"$9!4//1B 111112111 4#304#30000(NNNNNNNN* $/@/@/@/@/@/@/@/@fOS%556 J(49"5J,JJJJ 8K0 \    t';  LLLLLLLL.3434343434343434l#4#4#4#4#4#4#4#4LL?<??????r