<pre style='margin:0'>
Dan Villiom Podlaski Christiansen (danchr) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/c8834c2ab27b139cf2d30eab9e9474f725be94d2">https://github.com/macports/macports-ports/commit/c8834c2ab27b139cf2d30eab9e9474f725be94d2</a></p>
<pre style="white-space: pre; background: #F8F8F8"><span style='display:block; white-space:pre;color:#808000;'>commit c8834c2ab27b139cf2d30eab9e9474f725be94d2
</span>Author: Dan Villiom Podlaski Christiansen <danchr@macports.org>
AuthorDate: Thu Nov 11 20:08:32 2021 +0100
<span style='display:block; white-space:pre;color:#404040;'> pypy: handle new openssl defaults
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> The released version of PyPy doesn't build against OpenSSL 3. I've
</span><span style='display:block; white-space:pre;color:#404040;'> applied a patch to the 3.7, while retaining OpenSSL 1.1 for the
</span><span style='display:block; white-space:pre;color:#404040;'> others.
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> Closes: https://trac.macports.org/ticket/63927
</span>---
lang/pypy/Portfile | 18 +-
lang/pypy/files/pypy37-openssl3.diff | 22094 +++++++++++++++++++++++++++++++++
lang/pypy/files/pypy38-cflags.diff | 36 +
3 files changed, 22144 insertions(+), 4 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/Portfile b/lang/pypy/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index b6dd202ccbc..ae9fbde6358 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/lang/pypy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -4,10 +4,11 @@ PortSystem 1.0
</span> PortGroup gitlab 1.0
PortGroup select 1.0
PortGroup deprecated 1.0
<span style='display:block; white-space:pre;background:#e0ffe0;'>+PortGroup openssl 1.0
</span>
gitlab.instance https://foss.heptapod.net
gitlab.setup pypy pypy 7.3.7
<span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 2
</span>
categories lang python devel
license MIT PSF
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -23,7 +24,6 @@ depends_build port:pkgconfig \
</span> depends_lib port:libffi \
port:sqlite3 \
port:bzip2 \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- path:lib/libssl.dylib:openssl \
</span> port:gettext \
port:gdbm \
port:expat \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -117,6 +117,7 @@ if {$subport == ${name}} {
</span> if {${python.branch} == 2.7} {
version 7.3.6
patchfiles-append pypy2-darwin.py.diff
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ openssl.branch 1.1
</span>
checksums rmd160 fffd65ed0ba685ab2eb419758431b827701e4d22 \
sha256 0114473c8c57169cdcab1a69c60ad7fef7089731fdbe6f46af55060b29be41e4 \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -125,9 +126,10 @@ if {${python.branch} == 2.7} {
</span> set use_prefix no
} elseif {${python.branch} == 3.6} {
version 7.3.3
<span style='display:block; white-space:pre;background:#ffe0e0;'>- revision 3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ revision 4
</span> deprecated.eol_version yes
livecheck.type none
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ openssl.branch 1.1
</span>
patchfiles-append pypy3-darwin.py.diff
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -141,7 +143,7 @@ if {${python.branch} == 2.7} {
</span>
set use_prefix no
} elseif {${python.branch} == 3.7} {
<span style='display:block; white-space:pre;background:#ffe0e0;'>- patchfiles-append pypy3-darwin.py.diff
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patchfiles-append pypy3-darwin.py.diff pypy37-openssl3.diff
</span>
checksums rmd160 19304ae652f6f987841d693d52d9e855ae8c7129 \
sha256 2ed02ac9e710859c41bc82deafb08619792bb9a27eeaa1676c741ededd214dd7 \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -150,6 +152,7 @@ if {${python.branch} == 2.7} {
</span> set use_prefix no
} elseif {${python.branch} == 3.8} {
patchfiles-append pypy3-darwin.py.diff
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ openssl.branch 1.1
</span>
checksums rmd160 541e6d98e10379d8982cf08e99a68c9f103a506d \
sha256 21ae339f4f5016d6ca7300305f3e3b554373835cb3c39a9041fe30e6811c80c6 \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -167,6 +170,8 @@ long_description \
</span> PyPy is a replacement for CPython ${python.branch}. The main reason to use it \
instead of CPython is speed, as it generally runs faster.
<span style='display:block; white-space:pre;background:#e0ffe0;'>+openssl.configure build_flags
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> build.env PYPY_USESSION_DIR=${workpath} PYPY_LOCALBASE=${prefix} \
PYPY_NO_EMBED_DEPENDENCIES=1 \
"CFLAGS=${configure.cc_archflags} ${configure.cppflags}" \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -181,8 +186,11 @@ build.post_args targetpypystandalone
</span>
destroot.env {*}${build.env}
destroot.env-append CC=${configure.cc} \
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ "CFLAGS=${configure.cc_archflags} ${configure.cppflags}" \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "LDFLAGS=${configure.ld_archflags} ${configure.ldflags}" \
</span> "LDSHARED=${configure.cc} -pthread -shared -undefined dynamic_lookup"
<span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> destroot.dir ${worksrcpath}/pypy/tool/release
destroot.args --builddir ${workpath} \
--archive-name ${subport} \
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -340,6 +348,8 @@ if {[string match "pypy*-tkinter" ${subport}]} {
</span> depends_lib port:${pypy_version} \
port:tk
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ openssl.branch no_version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> build.dir ${worksrcpath}
build.cmd ${prefix}/bin/${pypy_version}
build.args lib_pypy/_tkinter/tklib_build.py
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/pypy37-openssl3.diff b/lang/pypy/files/pypy37-openssl3.diff
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..05cac73bc3c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/files/pypy37-openssl3.diff
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,22094 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# HG changeset patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# User Matti Picus <matti.picus@gmail.com>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Date 1636378163 -7200
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Mon Nov 08 15:29:23 2021 +0200
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Branch py3.7
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Node ID c1239ffec2247e1416bd99845fb5aa82c634d294
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Parent 27a6cf77daa9f9ce77af1dd52f708323f1df6378
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Parent ad7ac191b0b9ce26689c6911206bf9a614ba28b8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+merge py3.7-openssl-3.0.0 which provides openssl3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib-python/3/test/test_ssl.py lib-python/3/test/test_ssl.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib-python/3/test/test_ssl.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib-python/3/test/test_ssl.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -33,6 +33,7 @@ HOST = support.HOST
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ IS_LIBRESSL = ssl.OPENSSL_VERSION.startswith('LibreSSL')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ IS_OPENSSL_1_1_0 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ IS_OPENSSL_1_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++IS_OPENSSL_3_0_0 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (3, 0, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ PY_SSL_DEFAULT_CIPHERS = sysconfig.get_config_var('PY_SSL_DEFAULT_CIPHERS')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ PROTOCOL_TO_TLS_VERSION = {}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -141,6 +142,7 @@ OP_SINGLE_DH_USE = getattr(ssl, "OP_SING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OP_SINGLE_ECDH_USE = getattr(ssl, "OP_SINGLE_ECDH_USE", 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OP_CIPHER_SERVER_PREFERENCE = getattr(ssl, "OP_CIPHER_SERVER_PREFERENCE", 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OP_ENABLE_MIDDLEBOX_COMPAT = getattr(ssl, "OP_ENABLE_MIDDLEBOX_COMPAT", 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++OP_IGNORE_UNEXPECTED_EOF = getattr(ssl, "OP_IGNORE_UNEXPECTED_EOF", 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # Ubuntu has patched OpenSSL and changed behavior of security level 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # see https://bugs.python.org/issue41561#msg389003
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -206,6 +208,10 @@ def has_tls_version(version):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if not getattr(ssl, f'HAS_{version.name}'):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if IS_OPENSSL_3_0_0 and version < ssl.TLSVersion.TLSv1_2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # bpo43791: 3.0.0-alpha14 fails with TLSV1_ALERT_INTERNAL_ERROR
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # check runtime and dynamic crypto policy settings. A TLS version may
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # be compiled in but disabled by a policy or config option.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ctx = ssl.SSLContext()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1179,7 +1185,8 @@ class ContextTests(unittest.TestCase):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # SSLContext also enables these by default
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE |
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE |
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OP_ENABLE_MIDDLEBOX_COMPAT)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ OP_ENABLE_MIDDLEBOX_COMPAT |
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ OP_IGNORE_UNEXPECTED_EOF)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ self.assertEqual(default, ctx.options)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ctx.options |= ssl.OP_NO_TLSv1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -2281,6 +2288,8 @@ class NetworkedTests(unittest.TestCase):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ rc = s.connect_ex((REMOTE_HOST, 443))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if rc == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ self.skipTest("REMOTE_HOST responded too quickly")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ elif rc == errno.ENETUNREACH:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ self.skipTest("Network unreachable.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ self.assertIn(rc, (errno.EAGAIN, errno.EWOULDBLOCK))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ @unittest.skipUnless(support.IPV6_ENABLED, 'Needs IPv6')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -2501,6 +2510,14 @@ class ThreadedEchoServer(threading.Threa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sys.stdout.write(err.args[1])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # test_pha_required_nocert is expecting this exception
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ raise ssl.SSLError('tlsv13 alert certificate required')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if 'UNEXPECTED_EOF_WHILE_READING' == err.reason:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # PyPy OpenSSL3 needs this, on CPython a
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # BrokenPipeError is raised which is caught as an
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # OSError. In this case do not stop the server.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if self.server.chatty:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ handle_error("Test server failure:\n")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ self.close()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ self.running = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ except OSError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if self.server.chatty:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ handle_error("Test server failure:\n")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -4613,7 +4630,6 @@ def test_main(verbose=False):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if support.verbose:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ plats = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'Linux': platform.linux_distribution,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 'Mac': platform.mac_ver,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ 'Windows': platform.win32_ver,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/README.md lib_pypy/_cffi_ssl/README.md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/README.md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/README.md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,35 +1,11 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # PyPy's SSL module
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-All of the CFFI code is copied from cryptography. PyPy vendors it's own copy of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-the cffi backend thus it renames the compiled shared object to _pypy_openssl.so
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-(which means that cryptography can ship their own cffi backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Modifications to cryptography 2.7
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++PyPy's _ssl module began as a fork of cryptography 2.7. The code in _cffi_src
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++contains vestiges of the cryptography code, but has diverged significantly to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++handle newer OpenSSL versions and to more closely track what is needed for
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++CPython compatibility.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/asn1.py` : revert removal of `ASN1_TIME_print`,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- `ASN1_ITEM`, `ASN1_ITEM_EXP`, `ASN1_VALUE`, `ASN1_item_d2i`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/bio.py` : revert removal of `BIO_s_file`, `BIO_read_filename`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/evp.py` : revert removal of `EVP_MD_size`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/nid.py` : revert removal of `NID_ad_OCSP`,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- `NID_info_access`, `NID_ad_ca_issuers`, `NID_crl_distribution_points`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/pem.py` : revert removal of `PEM_read_bio_X509_AUX`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/x509.py` : revert removal of `X509_get_ext_by_NID`,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- `i2d_X509`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/x509v3.py` : revert removal of `X509V3_EXT_get`,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- `X509V3_EXT_METHOD`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/ssl.py: expose Cryptography_HAS_CTRL_GET_MAX_PROTO_VERSION
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- `_cffi_src/openssl/ssl.py: thow an early `#error` if OpenSSL is older than 1.0.2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Tests?
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-Currently this module is tested using CPython's standard library test suite.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Install it into PyPy's source tree
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-Copy over all the sources into the folder `lib_pypy/_cffi_ssl/*`. Updating the cffi backend can be simply done by the following command::
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- $ cp -r <cloned cryptography folder>/src/* .
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Crpytography version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-Copied over release version `2.7`
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++The build uses cffi. The declarations and definitions of the imported functions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++are in _cffi_src/openssl. The cryptography LICENSE is preserved in this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++directory
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/build_constant_time.py lib_pypy/_cffi_ssl/_cffi_src/build_constant_time.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/build_constant_time.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,27 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from _cffi_src.utils import build_ffi, compiler_type, extra_link_args
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- os.path.dirname(__file__), "hazmat_src/constant_time.h"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)) as f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- types = f.read()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- os.path.dirname(__file__), "hazmat_src/constant_time.c"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)) as f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- functions = f.read()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-ffi = build_ffi(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- module_name="_constant_time",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdef_source=types,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- verify_source=functions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extra_link_args=extra_link_args(compiler_type()),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/build_padding.py lib_pypy/_cffi_ssl/_cffi_src/build_padding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/build_padding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,27 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from _cffi_src.utils import build_ffi, compiler_type, extra_link_args
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- os.path.dirname(__file__), "hazmat_src/padding.h"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)) as f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- types = f.read()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- os.path.dirname(__file__), "hazmat_src/padding.c"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)) as f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- functions = f.read()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-ffi = build_ffi(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- module_name="_padding",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdef_source=types,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- verify_source=functions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extra_link_args=extra_link_args(compiler_type()),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.c lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,22 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// repository for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-uint8_t Cryptography_constant_time_bytes_eq(uint8_t *a, size_t len_a,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint8_t *b, size_t len_b) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- size_t i = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint8_t mismatch = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (len_a != len_b) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for (i = 0; i < len_a; i++) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= a[i] ^ b[i];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Make sure any bits set are copied to the lowest bit */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 4;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 2;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Now check the low bit to see if it's set */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (mismatch & 1) == 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.h lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.h
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.h
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,6 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// repository for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-uint8_t Cryptography_constant_time_bytes_eq(uint8_t *, size_t, uint8_t *,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- size_t);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.c lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,65 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// repository for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* Returns the value of the input with the most-significant-bit copied to all
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- of the bits. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static uint16_t Cryptography_DUPLICATE_MSB_TO_ALL(uint16_t a) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (1 - (a >> (sizeof(uint16_t) * 8 - 1))) - 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* This returns 0xFFFF if a < b else 0x0000, but does so in a constant time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fashion */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static uint16_t Cryptography_constant_time_lt(uint16_t a, uint16_t b) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a -= b;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return Cryptography_DUPLICATE_MSB_TO_ALL(a);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-uint8_t Cryptography_check_pkcs7_padding(const uint8_t *data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t block_len) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t i;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t pad_size = data[block_len - 1];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t mismatch = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for (i = 0; i < block_len; i++) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unsigned int mask = Cryptography_constant_time_lt(i, pad_size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t b = data[block_len - 1 - i];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= (mask & (pad_size ^ b));
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Check to make sure the pad_size was within the valid range. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= ~Cryptography_constant_time_lt(0, pad_size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= Cryptography_constant_time_lt(block_len, pad_size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Make sure any bits set are copied to the lowest bit */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 8;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 4;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 2;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Now check the low bit to see if it's set */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (mismatch & 1) == 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-uint8_t Cryptography_check_ansix923_padding(const uint8_t *data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t block_len) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t i;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t pad_size = data[block_len - 1];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t mismatch = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Skip the first one with the pad size */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for (i = 1; i < block_len; i++) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unsigned int mask = Cryptography_constant_time_lt(i, pad_size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uint16_t b = data[block_len - 1 - i];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= (mask & b);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Check to make sure the pad_size was within the valid range. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= ~Cryptography_constant_time_lt(0, pad_size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= Cryptography_constant_time_lt(block_len, pad_size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Make sure any bits set are copied to the lowest bit */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 8;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 4;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 2;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mismatch |= mismatch >> 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Now check the low bit to see if it's set */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (mismatch & 1) == 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.h lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.h
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.h
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,6 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-// repository for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-uint8_t Cryptography_check_pkcs7_padding(const uint8_t *, uint8_t);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-uint8_t Cryptography_check_ansix923_padding(const uint8_t *, uint8_t);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/__init__.py lib_pypy/_cffi_ssl/_cffi_src/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -26,9 +26,9 @@ int BIO_write(BIO *, const void *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int BIO_up_ref(BIO *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ BIO *BIO_new(BIO_METHOD *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-BIO_METHOD *BIO_s_mem(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-BIO_METHOD *BIO_s_file(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-BIO_METHOD *BIO_s_datagram(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++const BIO_METHOD *BIO_s_mem(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++const BIO_METHOD *BIO_s_file(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++const BIO_METHOD *BIO_s_datagram(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ BIO *BIO_new_mem_buf(const void *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ long BIO_set_mem_eof_return(BIO *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ long BIO_get_mem_data(BIO *, char **);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -30,7 +30,6 @@ static const int CRYPTO_MEM_CHECK_DISABL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int CRYPTO_mem_ctrl(int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void OPENSSL_cleanup(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -130,4 +129,11 @@ void *Cryptography_realloc_wrapper(void
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void Cryptography_free_wrapper(void *ptr, const char *path, int line) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ free(ptr);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_300
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTO_MEM_CHECK_ON=0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTO_MEM_CHECK_OFF=0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTO_MEM_CHECK_ENABLE=0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTO_MEM_CHECK_DISABLE=0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -40,10 +40,16 @@ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (LIBRESSL_VERSION_NUMBER >= 0x2080000f)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_LIBRESSL_291_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (LIBRESSL_VERSION_NUMBER >= 0x2090100f)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (LIBRESSL_VERSION_NUMBER < 0x3030200f)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_340 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (LIBRESSL_VERSION_NUMBER < 0x3040000f)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER (0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_LIBRESSL_28_OR_GREATER (0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_LIBRESSL_291_OR_GREATER (0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 (0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_340 (0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -54,6 +60,10 @@ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (OPENSSL_VERSION_NUMBER >= 0x10100000 && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_OPENSSL_111D_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (OPENSSL_VERSION_NUMBER >= 0x10101040 && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_OPENSSL_300_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (OPENSSL_VERSION_NUMBER >= 0x30000000 && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (OPENSSL_VERSION_NUMBER < 0x10002000 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -67,17 +77,31 @@ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (OPENSSL_VERSION_NUMBER < 0x10101000 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ (OPENSSL_VERSION_NUMBER < 0x10101020 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_300 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (OPENSSL_VERSION_NUMBER < 0x30000000 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ (OPENSSL_VERSION_NUMBER < 0x10101040 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if (CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D && !CRYPTOGRAPHY_IS_LIBRESSL && \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ !defined(OPENSSL_NO_ENGINE)) || defined(USE_OSRANDOM_RNG_FOR_TESTING)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ TYPES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_102L_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_110_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTOGRAPHY_OPENSSL_111D_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTOGRAPHY_OPENSSL_300_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_300;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int CRYPTOGRAPHY_IS_LIBRESSL;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -18,10 +18,53 @@ static const int ERR_LIB_EVP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_LIB_EC;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_LIB_PEM;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_LIB_ASN1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const int ERR_LIB_RSA;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_ASYNC;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_BIO;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_BN;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_BUF;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CMP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CMS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_COMP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CONF;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CRMF;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CRYPTO;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CT;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_DH;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_DSA;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_DSO;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_EC;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_ECDH;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_ECDSA;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_ENGINE;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_ESS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_EVP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_FIPS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_HMAC;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_HTTP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_KDF;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_MASK;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_NONE;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OBJ;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OCSP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OFFSET;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OSSL_DECODER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OSSL_ENCODER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OSSL_STORE;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_PEM;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_LIB_PKCS12;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_PKCS7;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_PROP;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_PROV;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_RAND;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_RSA;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_SM2;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_LIB_SSL;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_SYS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_TS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_UI;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_USER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_LIB_X509;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_X509V3;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int ERR_R_MALLOC_FAILURE;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_MEMORY_LIMIT_EXCEEDED;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -66,7 +109,6 @@ static const int EVP_R_DIFFERENT_KEY_TYP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_INITIALIZATION_ERROR;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_INPUT_NOT_INITIALIZED;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_INVALID_KEY_LENGTH;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const int EVP_R_KEYGEN_FAILURE;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_MISSING_PARAMETERS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_NO_CIPHER_SET;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const int EVP_R_NO_DIGEST_SET;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -155,10 +197,8 @@ unsigned long ERR_get_error(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ unsigned long ERR_peek_error(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ unsigned long ERR_peek_last_error(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void ERR_clear_error(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-void ERR_put_error(int, int, int, const char *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int ERR_GET_LIB(unsigned long);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int ERR_GET_FUNC(unsigned long);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int ERR_GET_REASON(unsigned long);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -179,4 +219,18 @@ static const long Cryptography_HAS_EVP_R
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const long EVP_R_MEMORY_LIMIT_EXCEEDED = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const long Cryptography_HAS_EVP_R_MEMORY_LIMIT_EXCEEDED = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CMP = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_CRMF = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_ESS = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_HTTP = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_MASK = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OFFSET = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OSSL_DECODER = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_OSSL_ENCODER = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_PROP = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const int ERR_LIB_PROV = -42;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -119,9 +119,6 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_PKEY_derive(EVP_PKEY_CTX *, unsigned char *, size_t *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_PKEY_set_type(EVP_PKEY *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int EVP_PKEY_id(const EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int Cryptography_EVP_PKEY_id(const EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ /* in 1.1.0 _create and _destroy were renamed to _new and _free. The following
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ two functions wrap both the old and new functions so we can call them
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ without worrying about what OpenSSL we're running against. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -138,7 +135,7 @@ int EVP_PKEY_set1_tls_encodedpoint(EVP_P
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ size_t);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ /* EVP_PKEY * became const in 1.1.0 */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int EVP_PKEY_bits(EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++// int EVP_PKEY_bits(EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void OpenSSL_add_all_algorithms(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -146,8 +143,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_PKEY_set1_EC_KEY(EVP_PKEY *, EC_KEY *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int EVP_MD_CTX_block_size(const EVP_MD_CTX *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++// int EVP_MD_CTX_block_size(const EVP_MD_CTX *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int PKCS5_PBKDF2_HMAC(const char *, int, const unsigned char *, int, int,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -175,10 +171,6 @@ const long Cryptography_HAS_EVP_PKEY_DHX
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const long EVP_PKEY_DHX = -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return EVP_PKEY_id(key);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ return EVP_MD_CTX_create();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -5,24 +5,13 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#include <openssl/crypto.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ TYPES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const long Cryptography_HAS_FIPS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int FIPS_mode_set(int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int FIPS_mode(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ CUSTOMIZATIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const long Cryptography_HAS_FIPS = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int (*FIPS_mode_set)(int) = NULL;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int (*FIPS_mode)(void) = NULL;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const long Cryptography_HAS_FIPS = 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -25,7 +25,7 @@ int OCSP_response_status(OCSP_RESPONSE *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-Cryptography_STACK_OF_X509 *OCSP_resp_get0_certs(const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++const Cryptography_STACK_OF_X509 *OCSP_resp_get0_certs(const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/provider.py lib_pypy/_cffi_ssl/_cffi_src/openssl/provider.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+new file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/provider.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -0,0 +1,38 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++INCLUDES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#include <openssl/provider.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#include <openssl/proverr.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++TYPES = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long Cryptography_HAS_PROVIDERS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++typedef ... OSSL_PROVIDER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++typedef ... OSSL_LIB_CTX;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long PROV_R_BAD_DECRYPT;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long PROV_R_XTS_DUPLICATED_KEYS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long PROV_R_WRONG_FINAL_BLOCK_LENGTH;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++CUSTOMIZATIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long Cryptography_HAS_PROVIDERS = 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long Cryptography_HAS_PROVIDERS = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++typedef void OSSL_PROVIDER;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++typedef void OSSL_LIB_CTX;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long PROV_R_BAD_DECRYPT = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long PROV_R_XTS_DUPLICATED_KEYS = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long PROV_R_WRONG_FINAL_BLOCK_LENGTH = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -49,8 +49,8 @@ void RSA_get0_key(const RSA *, const BIG
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void RSA_get0_factors(const RSA *, const BIGNUM **, const BIGNUM **);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void RSA_get0_crt_params(const RSA *, const BIGNUM **, const BIGNUM **,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const BIGNUM **);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++// int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++//int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *, EVP_MD *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *, unsigned char *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -60,17 +60,13 @@ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ CUSTOMIZATIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const long Cryptography_HAS_PSS_PADDING = 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if defined(EVP_PKEY_CTX_set_rsa_oaep_md)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if !CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const long Cryptography_HAS_RSA_OAEP_MD = 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long Cryptography_HAS_RSA_OAEP_LABEL = 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const long Cryptography_HAS_RSA_OAEP_MD = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const long Cryptography_HAS_RSA_OAEP_LABEL = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int (*EVP_PKEY_CTX_set_rsa_oaep_md)(EVP_PKEY_CTX *, EVP_MD *) = NULL;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if defined(EVP_PKEY_CTX_set0_rsa_oaep_label)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const long Cryptography_HAS_RSA_OAEP_LABEL = 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const long Cryptography_HAS_RSA_OAEP_LABEL = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int (*EVP_PKEY_CTX_set0_rsa_oaep_label)(EVP_PKEY_CTX *, unsigned char *,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int) = NULL;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -17,8 +17,9 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #include <poll.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifndef OPENSSL_NO_ENGINE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* OpenSSL has ENGINE support so build the engine. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#if CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++/* OpenSSL has ENGINE support and is older than 1.1.1d (the first version that
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ * properly implements fork safety in its RNG) so build the engine. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const char *Cryptography_osrandom_engine_id = "osrandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ /****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -251,7 +252,7 @@ static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #if !defined(__APPLE__)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ #else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (&getentropy != NULL) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if (__builtin_available(macOS 10.12, *)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -277,7 +278,11 @@ static int osrandom_rand_bytes(unsigned
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ while (size > 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ /* OpenBSD and macOS restrict maximum buffer size to 256. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ len = size > 256 ? 256 : size;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++/* on mac, availability is already checked using `__builtin_available` above */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#pragma clang diagnostic push
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#pragma clang diagnostic ignored "-Wunguarded-availability"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ res = getentropy(buffer, (size_t)len);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++#pragma clang diagnostic pop
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if (res < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -524,7 +529,7 @@ static int osrandom_ctrl(ENGINE *e, int
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_INVALID_ARGUMENT);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- strncpy((char *)p, name, len);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ strcpy((char *)p, name);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ return (int)len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ default:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -646,7 +651,7 @@ int Cryptography_add_osrandom_engine(voi
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * to compile the osrandom engine, but we do need some
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * placeholders */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ static const char *Cryptography_osrandom_engine_id = "no-engine-support";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled due to no engine support";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int Cryptography_add_osrandom_engine(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -235,6 +235,8 @@ int SSL_CTX_set_cipher_list(SSL_CTX *, c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int SSL_CTX_load_verify_locations(SSL_CTX *, const char *, const char *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void SSL_CTX_set_default_passwd_cb(SSL_CTX *, pem_password_cb *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *, void *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int SSL_CTX_use_certificate(SSL_CTX *, X509 *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int SSL_CTX_use_certificate_ASN1(SSL_CTX *, int, const unsigned char *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int SSL_CTX_use_certificate_file(SSL_CTX *, const char *, int);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -25,7 +25,7 @@ FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ X509_NAME *X509_NAME_new(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ void X509_NAME_free(X509_NAME *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-unsigned long X509_NAME_hash(X509_NAME *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++// unsigned long X509_NAME_hash(X509_NAME *);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int i2d_X509_NAME(X509_NAME *, unsigned char **);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ int X509_NAME_add_entry_by_txt(X509_NAME *, const char *, int,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_stdssl/__init__.py lib_pypy/_cffi_ssl/_stdssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_stdssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_stdssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1338,6 +1338,8 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ keyfile = certfile
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ pw_info = PasswordInfo()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ index = -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ orig_passwd_cb = lib.SSL_CTX_get_default_passwd_cb(self.ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ orig_passwd_userdata = lib.SSL_CTX_get_default_passwd_cb_userdata(self.ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if password is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if callable(password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1354,6 +1356,7 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib.SSL_CTX_set_default_passwd_cb(self.ctx, Cryptography_pem_password_cb)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib.SSL_CTX_set_default_passwd_cb_userdata(self.ctx, pw_info.handle)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ prev_errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ certfilebuf = _str_to_ffi_buffer(certfile)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1388,10 +1391,11 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if ret != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ffi.errno = prev_errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if index >= 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ del PWINFO_STORAGE[index]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.SSL_CTX_set_default_passwd_cb(self.ctx, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.SSL_CTX_set_default_passwd_cb_userdata(self.ctx, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.SSL_CTX_set_default_passwd_cb(self.ctx, orig_passwd_cb)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.SSL_CTX_set_default_passwd_cb_userdata(self.ctx, orig_passwd_userdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ def _wrap_socket(self, sock, server_side, server_hostname=None, *,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1402,43 +1406,47 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ server_hostname, owner, session, None, None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ def load_verify_locations(self, cafile=None, capath=None, cadata=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cadata is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ca_file_type = -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(cadata, str):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ca_file_type = lib.SSL_FILETYPE_ASN1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ prev_errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if cadata is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ca_file_type = -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ca_file_type = lib.SSL_FILETYPE_PEM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cadata = cadata.encode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("cadata should be a ASCII string or a bytes-like object")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cafile is None and capath is None and cadata is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("cafile and capath cannot be both omitted")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # load from cadata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cadata is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = _str_to_ffi_buffer(cadata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._add_ca_certs(buf, len(buf), ca_file_type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if not isinstance(cadata, str):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ca_file_type = lib.SSL_FILETYPE_ASN1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ca_file_type = lib.SSL_FILETYPE_PEM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ cadata = cadata.encode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise TypeError("cadata should be a ASCII string or a bytes-like object")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if cafile is None and capath is None and cadata is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise TypeError("cafile and capath cannot be both omitted")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # load from cadata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if cadata is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ buf = _str_to_ffi_buffer(cadata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ self._add_ca_certs(buf, len(buf), ca_file_type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # load cafile or capath
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cafile is not None or capath is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cafile is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cafilebuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cafilebuf = _str_to_ffi_buffer(cafile)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if capath is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- capathbuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- capathbuf = _str_to_ffi_buffer(capath)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ret = lib.SSL_CTX_load_verify_locations(self.ctx, cafilebuf, capathbuf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ret != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if _errno:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # load cafile or capath
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if cafile is not None or capath is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if cafile is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ cafilebuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ cafilebuf = _str_to_ffi_buffer(cafile)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if capath is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ capathbuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ capathbuf = _str_to_ffi_buffer(capath)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ret = lib.SSL_CTX_load_verify_locations(self.ctx, cafilebuf, capathbuf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if ret != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if _errno:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ffi.errno = prev_errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ def _add_ca_certs(self, data, size, ca_file_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ biobuf = lib.BIO_new_mem_buf(data, size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1451,7 +1459,10 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if ca_file_type == lib.SSL_FILETYPE_ASN1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ cert = lib.d2i_X509_bio(biobuf, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert = lib.PEM_read_bio_X509(biobuf, ffi.NULL, ffi.NULL, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ cert = lib.PEM_read_bio_X509(biobuf, ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.SSL_CTX_get_default_passwd_cb(self.ctx),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.SSL_CTX_get_default_passwd_cb_userdata(self.ctx),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if not cert:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ break
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1482,7 +1493,7 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib.ERR_GET_REASON(err) == lib.PEM_R_NO_START_LINE):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # EOF PEM file, not an error
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ elif err != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib.BIO_free(biobuf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1564,33 +1575,37 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ def load_dh_params(self, filepath):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if filepath is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("filepath must not be None")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = _fs_converter(filepath)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode = ffi.new("char[]",b"r")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = lib.BIO_new_file(buf, mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if bio == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ prev_errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh = lib.PEM_read_bio_DHparams(bio, ffi.NULL, ffi.NULL, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.BIO_free(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dh == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if _errno != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if filepath is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise TypeError("filepath must not be None")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ buf = _fs_converter(filepath)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ mode = ffi.new("char[]",b"r")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ bio = lib.BIO_new_file(buf, mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if bio == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if lib.SSL_CTX_set_tmp_dh(self.ctx, dh) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ dh = lib.PEM_read_bio_DHparams(bio, ffi.NULL, ffi.NULL, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.BIO_free(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if dh == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if _errno != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if lib.SSL_CTX_set_tmp_dh(self.ctx, dh) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib.DH_free(dh)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.DH_free(dh)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ffi.errno = prev_errno
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ def get_ca_certs(self, binary_form=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ binary_mode = bool(binary_form)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/_stdssl/errorcodes.py lib_pypy/_cffi_ssl/_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,395 +1,1722 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# File generated by tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Generated on 2016-11-10T17:38:59.402032
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++# File generated by lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++# Generated on 2021-11-07T08:11:00.061651
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++from _pypy_openssl import ffi, lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++_lib_codes = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASN1", lib.ERR_LIB_ASN1),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASYNC", lib.ERR_LIB_ASYNC),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BIO", lib.ERR_LIB_BIO),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN", lib.ERR_LIB_BN),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BUF", lib.ERR_LIB_BUF),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CMP", lib.ERR_LIB_CMP),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CMS", lib.ERR_LIB_CMS),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMP", lib.ERR_LIB_COMP),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONF", lib.ERR_LIB_CONF),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CRMF", lib.ERR_LIB_CRMF),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CRYPTO", lib.ERR_LIB_CRYPTO),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CT", lib.ERR_LIB_CT),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DH", lib.ERR_LIB_DH),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DSA", lib.ERR_LIB_DSA),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DSO", lib.ERR_LIB_DSO),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EC", lib.ERR_LIB_EC),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ECDH", lib.ERR_LIB_ECDH),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ECDSA", lib.ERR_LIB_ECDSA),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENGINE", lib.ERR_LIB_ENGINE),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS", lib.ERR_LIB_ESS),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EVP", lib.ERR_LIB_EVP),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIPS", lib.ERR_LIB_FIPS),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HMAC", lib.ERR_LIB_HMAC),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HTTP", lib.ERR_LIB_HTTP),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KDF", lib.ERR_LIB_KDF),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MASK", lib.ERR_LIB_MASK),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NONE", lib.ERR_LIB_NONE),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OBJ", lib.ERR_LIB_OBJ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OCSP", lib.ERR_LIB_OCSP),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OFFSET", lib.ERR_LIB_OFFSET),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OSSL_DECODER", lib.ERR_LIB_OSSL_DECODER),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OSSL_ENCODER", lib.ERR_LIB_OSSL_ENCODER),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OSSL_STORE", lib.ERR_LIB_OSSL_STORE),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEM", lib.ERR_LIB_PEM),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS12", lib.ERR_LIB_PKCS12),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7", lib.ERR_LIB_PKCS7),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROP", lib.ERR_LIB_PROP),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROV", lib.ERR_LIB_PROV),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RAND", lib.ERR_LIB_RAND),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RSA", lib.ERR_LIB_RSA),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SM2", lib.ERR_LIB_SM2),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL", lib.ERR_LIB_SSL),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SYS", lib.ERR_LIB_SYS),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TS", lib.ERR_LIB_TS),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UI", lib.ERR_LIB_UI),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("USER", lib.ERR_LIB_USER),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("X509", lib.ERR_LIB_X509),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("X509V3", lib.ERR_LIB_X509V3),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from _pypy_openssl import ffi, lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_lib_codes = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_lib_codes.append(("PEM", lib.ERR_LIB_PEM))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_lib_codes.append(("SSL", lib.ERR_LIB_SSL))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_lib_codes.append(("X509", lib.ERR_LIB_X509))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_BASE64_DECODE", lib.ERR_LIB_PEM, 100))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DECRYPT", lib.ERR_LIB_PEM, 101))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_END_LINE", lib.ERR_LIB_PEM, 102))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_IV_CHARS", lib.ERR_LIB_PEM, 103))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_MAGIC_NUMBER", lib.ERR_LIB_PEM, 116))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_PASSWORD_READ", lib.ERR_LIB_PEM, 104))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_VERSION_NUMBER", lib.ERR_LIB_PEM, 117))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BIO_WRITE_FAILURE", lib.ERR_LIB_PEM, 118))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CIPHER_IS_NULL", lib.ERR_LIB_PEM, 127))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ERROR_CONVERTING_PRIVATE_KEY", lib.ERR_LIB_PEM, 115))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("EXPECTING_PRIVATE_KEY_BLOB", lib.ERR_LIB_PEM, 119))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("EXPECTING_PUBLIC_KEY_BLOB", lib.ERR_LIB_PEM, 120))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INCONSISTENT_HEADER", lib.ERR_LIB_PEM, 121))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KEYBLOB_HEADER_PARSE_ERROR", lib.ERR_LIB_PEM, 122))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KEYBLOB_TOO_SHORT", lib.ERR_LIB_PEM, 123))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NOT_DEK_INFO", lib.ERR_LIB_PEM, 105))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NOT_ENCRYPTED", lib.ERR_LIB_PEM, 106))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NOT_PROC_TYPE", lib.ERR_LIB_PEM, 107))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_START_LINE", lib.ERR_LIB_PEM, 108))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PROBLEMS_GETTING_PASSWORD", lib.ERR_LIB_PEM, 109))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PUBLIC_KEY_NO_RSA", lib.ERR_LIB_PEM, 110))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PVK_DATA_TOO_SHORT", lib.ERR_LIB_PEM, 124))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PVK_TOO_SHORT", lib.ERR_LIB_PEM, 125))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("READ_KEY", lib.ERR_LIB_PEM, 111))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SHORT_HEADER", lib.ERR_LIB_PEM, 112))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_ENCRYPTION", lib.ERR_LIB_PEM, 114))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_KEY_COMPONENTS", lib.ERR_LIB_PEM, 126))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("APP_DATA_IN_HANDSHAKE", lib.ERR_LIB_SSL, 100))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", lib.ERR_LIB_SSL, 272))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_ALERT_RECORD", lib.ERR_LIB_SSL, 101))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_AUTHENTICATION_TYPE", lib.ERR_LIB_SSL, 102))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_CHANGE_CIPHER_SPEC", lib.ERR_LIB_SSL, 103))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_CHECKSUM", lib.ERR_LIB_SSL, 104))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DATA", lib.ERR_LIB_SSL, 390))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DATA_RETURNED_BY_CALLBACK", lib.ERR_LIB_SSL, 106))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DECOMPRESSION", lib.ERR_LIB_SSL, 107))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DH_G_LENGTH", lib.ERR_LIB_SSL, 108))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DH_PUB_KEY_LENGTH", lib.ERR_LIB_SSL, 109))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DH_P_LENGTH", lib.ERR_LIB_SSL, 110))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DIGEST_LENGTH", lib.ERR_LIB_SSL, 111))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_DSA_SIGNATURE", lib.ERR_LIB_SSL, 112))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_ECC_CERT", lib.ERR_LIB_SSL, 304))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_ECDSA_SIGNATURE", lib.ERR_LIB_SSL, 305))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_ECPOINT", lib.ERR_LIB_SSL, 306))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_HANDSHAKE_LENGTH", lib.ERR_LIB_SSL, 332))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_HELLO_REQUEST", lib.ERR_LIB_SSL, 105))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_LENGTH", lib.ERR_LIB_SSL, 271))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_MAC_DECODE", lib.ERR_LIB_SSL, 113))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_MAC_LENGTH", lib.ERR_LIB_SSL, 333))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_MESSAGE_TYPE", lib.ERR_LIB_SSL, 114))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_PACKET_LENGTH", lib.ERR_LIB_SSL, 115))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_PROTOCOL_VERSION_NUMBER", lib.ERR_LIB_SSL, 116))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_PSK_IDENTITY_HINT_LENGTH", lib.ERR_LIB_SSL, 316))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_RESPONSE_ARGUMENT", lib.ERR_LIB_SSL, 117))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_RSA_DECRYPT", lib.ERR_LIB_SSL, 118))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_RSA_ENCRYPT", lib.ERR_LIB_SSL, 119))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_RSA_E_LENGTH", lib.ERR_LIB_SSL, 120))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_RSA_MODULUS_LENGTH", lib.ERR_LIB_SSL, 121))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_RSA_SIGNATURE", lib.ERR_LIB_SSL, 122))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SIGNATURE", lib.ERR_LIB_SSL, 123))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRP_A_LENGTH", lib.ERR_LIB_SSL, 347))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRP_B_LENGTH", lib.ERR_LIB_SSL, 348))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRP_G_LENGTH", lib.ERR_LIB_SSL, 349))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRP_N_LENGTH", lib.ERR_LIB_SSL, 350))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRP_PARAMETERS", lib.ERR_LIB_SSL, 371))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRP_S_LENGTH", lib.ERR_LIB_SSL, 351))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRTP_MKI_VALUE", lib.ERR_LIB_SSL, 352))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 353))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SSL_FILETYPE", lib.ERR_LIB_SSL, 124))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_SSL_SESSION_ID_LENGTH", lib.ERR_LIB_SSL, 125))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_STATE", lib.ERR_LIB_SSL, 126))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_VALUE", lib.ERR_LIB_SSL, 384))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_WRITE_RETRY", lib.ERR_LIB_SSL, 127))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BIO_NOT_SET", lib.ERR_LIB_SSL, 128))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BLOCK_CIPHER_PAD_IS_WRONG", lib.ERR_LIB_SSL, 129))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BN_LIB", lib.ERR_LIB_SSL, 130))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CA_DN_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 131))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CA_DN_TOO_LONG", lib.ERR_LIB_SSL, 132))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CERTIFICATE_VERIFY_FAILED", lib.ERR_LIB_SSL, 134))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CA_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 397))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CA_MD_TOO_WEAK", lib.ERR_LIB_SSL, 398))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CCS_RECEIVED_EARLY", lib.ERR_LIB_SSL, 133))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CERTIFICATE_VERIFY_FAILED", lib.ERR_LIB_SSL, 134))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CERT_CB_ERROR", lib.ERR_LIB_SSL, 377))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CERT_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 135))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CHALLENGE_IS_DIFFERENT", lib.ERR_LIB_SSL, 136))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CIPHER_CODE_WRONG_LENGTH", lib.ERR_LIB_SSL, 137))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CIPHER_OR_HASH_UNAVAILABLE", lib.ERR_LIB_SSL, 138))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CIPHER_TABLE_SRC_ERROR", lib.ERR_LIB_SSL, 139))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CLIENTHELLO_TLSEXT", lib.ERR_LIB_SSL, 226))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("COMPRESSED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 140))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("COMPRESSION_DISABLED", lib.ERR_LIB_SSL, 343))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("COMPRESSION_FAILURE", lib.ERR_LIB_SSL, 141))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", lib.ERR_LIB_SSL, 307))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("COMPRESSION_LIBRARY_ERROR", lib.ERR_LIB_SSL, 142))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CONNECTION_ID_IS_DIFFERENT", lib.ERR_LIB_SSL, 143))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CONNECTION_TYPE_NOT_SET", lib.ERR_LIB_SSL, 144))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("COOKIE_MISMATCH", lib.ERR_LIB_SSL, 308))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DATA_BETWEEN_CCS_AND_FINISHED", lib.ERR_LIB_SSL, 145))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DATA_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 146))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DECRYPTION_FAILED", lib.ERR_LIB_SSL, 147))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DECRYPTION_FAILED_OR_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 281))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DH_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 372))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DH_PUBLIC_VALUE_LENGTH_IS_WRONG", lib.ERR_LIB_SSL, 148))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DIGEST_CHECK_FAILED", lib.ERR_LIB_SSL, 149))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DTLS_MESSAGE_TOO_BIG", lib.ERR_LIB_SSL, 334))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("DUPLICATE_COMPRESSION_ID", lib.ERR_LIB_SSL, 309))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ECC_CERT_NOT_FOR_KEY_AGREEMENT", lib.ERR_LIB_SSL, 317))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ECC_CERT_NOT_FOR_SIGNING", lib.ERR_LIB_SSL, 318))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE", lib.ERR_LIB_SSL, 322))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE", lib.ERR_LIB_SSL, 323))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ECDH_REQUIRED_FOR_SUITEB_MODE", lib.ERR_LIB_SSL, 374))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ECGROUP_TOO_LARGE_FOR_CIPHER", lib.ERR_LIB_SSL, 310))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("EE_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 399))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("EMPTY_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 354))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ENCRYPTED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 150))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ERROR_GENERATING_TMP_RSA_KEY", lib.ERR_LIB_SSL, 282))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ERROR_IN_RECEIVED_CIPHER_LIST", lib.ERR_LIB_SSL, 151))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("EXCESSIVE_MESSAGE_SIZE", lib.ERR_LIB_SSL, 152))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("EXTRA_DATA_IN_MESSAGE", lib.ERR_LIB_SSL, 153))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("GOT_A_FIN_BEFORE_A_CCS", lib.ERR_LIB_SSL, 154))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("GOT_NEXT_PROTO_BEFORE_A_CCS", lib.ERR_LIB_SSL, 355))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("GOT_NEXT_PROTO_WITHOUT_EXTENSION", lib.ERR_LIB_SSL, 356))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("HTTPS_PROXY_REQUEST", lib.ERR_LIB_SSL, 155))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("HTTP_REQUEST", lib.ERR_LIB_SSL, 156))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ILLEGAL_PADDING", lib.ERR_LIB_SSL, 283))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ILLEGAL_SUITEB_DIGEST", lib.ERR_LIB_SSL, 380))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 373))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INCONSISTENT_COMPRESSION", lib.ERR_LIB_SSL, 340))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_CHALLENGE_LENGTH", lib.ERR_LIB_SSL, 158))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_COMMAND", lib.ERR_LIB_SSL, 280))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 341))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_NULL_CMD_NAME", lib.ERR_LIB_SSL, 385))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_PURPOSE", lib.ERR_LIB_SSL, 278))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_SERVERINFO_DATA", lib.ERR_LIB_SSL, 388))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_SRP_USERNAME", lib.ERR_LIB_SSL, 357))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_STATUS_RESPONSE", lib.ERR_LIB_SSL, 328))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_TICKET_KEYS_LENGTH", lib.ERR_LIB_SSL, 325))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KEY_ARG_TOO_LONG", lib.ERR_LIB_SSL, 284))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5", lib.ERR_LIB_SSL, 285))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_C_CC_PRINC", lib.ERR_LIB_SSL, 286))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_C_GET_CRED", lib.ERR_LIB_SSL, 287))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_C_INIT", lib.ERR_LIB_SSL, 288))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_C_MK_REQ", lib.ERR_LIB_SSL, 289))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_S_BAD_TICKET", lib.ERR_LIB_SSL, 290))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_S_INIT", lib.ERR_LIB_SSL, 291))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_S_RD_REQ", lib.ERR_LIB_SSL, 292))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_S_TKT_EXPIRED", lib.ERR_LIB_SSL, 293))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_S_TKT_NYV", lib.ERR_LIB_SSL, 294))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KRB5_S_TKT_SKEW", lib.ERR_LIB_SSL, 295))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("LENGTH_MISMATCH", lib.ERR_LIB_SSL, 159))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("LENGTH_TOO_SHORT", lib.ERR_LIB_SSL, 160))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("LIBRARY_BUG", lib.ERR_LIB_SSL, 274))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 161))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MESSAGE_TOO_LONG", lib.ERR_LIB_SSL, 296))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_DH_DSA_CERT", lib.ERR_LIB_SSL, 162))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_DH_KEY", lib.ERR_LIB_SSL, 163))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_DH_RSA_CERT", lib.ERR_LIB_SSL, 164))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_DSA_SIGNING_CERT", lib.ERR_LIB_SSL, 165))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_ECDH_CERT", lib.ERR_LIB_SSL, 382))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_ECDSA_SIGNING_CERT", lib.ERR_LIB_SSL, 381))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_EXPORT_TMP_DH_KEY", lib.ERR_LIB_SSL, 166))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_EXPORT_TMP_RSA_KEY", lib.ERR_LIB_SSL, 167))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_RSA_CERTIFICATE", lib.ERR_LIB_SSL, 168))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_RSA_ENCRYPTING_CERT", lib.ERR_LIB_SSL, 169))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_RSA_SIGNING_CERT", lib.ERR_LIB_SSL, 170))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_SRP_PARAM", lib.ERR_LIB_SSL, 358))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_TMP_DH_KEY", lib.ERR_LIB_SSL, 171))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_TMP_ECDH_KEY", lib.ERR_LIB_SSL, 311))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_TMP_RSA_KEY", lib.ERR_LIB_SSL, 172))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_TMP_RSA_PKEY", lib.ERR_LIB_SSL, 173))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MISSING_VERIFY_MESSAGE", lib.ERR_LIB_SSL, 174))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("MULTIPLE_SGC_RESTARTS", lib.ERR_LIB_SSL, 346))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NON_SSLV2_INITIAL_PACKET", lib.ERR_LIB_SSL, 175))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CERTIFICATES_RETURNED", lib.ERR_LIB_SSL, 176))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CERTIFICATE_ASSIGNED", lib.ERR_LIB_SSL, 177))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CERTIFICATE_RETURNED", lib.ERR_LIB_SSL, 178))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CERTIFICATE_SET", lib.ERR_LIB_SSL, 179))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CERTIFICATE_SPECIFIED", lib.ERR_LIB_SSL, 180))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CIPHERS_AVAILABLE", lib.ERR_LIB_SSL, 181))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CIPHERS_PASSED", lib.ERR_LIB_SSL, 182))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CIPHERS_SPECIFIED", lib.ERR_LIB_SSL, 183))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CIPHER_LIST", lib.ERR_LIB_SSL, 184))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CIPHER_MATCH", lib.ERR_LIB_SSL, 185))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CLIENT_CERT_METHOD", lib.ERR_LIB_SSL, 331))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CLIENT_CERT_RECEIVED", lib.ERR_LIB_SSL, 186))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_COMPRESSION_SPECIFIED", lib.ERR_LIB_SSL, 187))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_GOST_CERTIFICATE_SENT_BY_PEER", lib.ERR_LIB_SSL, 330))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_METHOD_SPECIFIED", lib.ERR_LIB_SSL, 188))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_PEM_EXTENSIONS", lib.ERR_LIB_SSL, 389))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_PRIVATEKEY", lib.ERR_LIB_SSL, 189))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_PRIVATE_KEY_ASSIGNED", lib.ERR_LIB_SSL, 190))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_PROTOCOLS_AVAILABLE", lib.ERR_LIB_SSL, 191))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_PUBLICKEY", lib.ERR_LIB_SSL, 192))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_RENEGOTIATION", lib.ERR_LIB_SSL, 339))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_REQUIRED_DIGEST", lib.ERR_LIB_SSL, 324))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_SHARED_CIPHER", lib.ERR_LIB_SSL, 193))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_SHARED_SIGATURE_ALGORITHMS", lib.ERR_LIB_SSL, 376))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_SRTP_PROFILES", lib.ERR_LIB_SSL, 359))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_VERIFY_CALLBACK", lib.ERR_LIB_SSL, 194))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NULL_SSL_CTX", lib.ERR_LIB_SSL, 195))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NULL_SSL_METHOD_PASSED", lib.ERR_LIB_SSL, 196))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("OLD_SESSION_CIPHER_NOT_RETURNED", lib.ERR_LIB_SSL, 197))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", lib.ERR_LIB_SSL, 344))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE", lib.ERR_LIB_SSL, 387))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE", lib.ERR_LIB_SSL, 379))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ONLY_TLS_ALLOWED_IN_FIPS_MODE", lib.ERR_LIB_SSL, 297))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("OPAQUE_PRF_INPUT_TOO_LONG", lib.ERR_LIB_SSL, 327))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PACKET_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 198))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PARSE_TLSEXT", lib.ERR_LIB_SSL, 227))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PATH_TOO_LONG", lib.ERR_LIB_SSL, 270))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEER_DID_NOT_RETURN_A_CERTIFICATE", lib.ERR_LIB_SSL, 199))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEER_ERROR", lib.ERR_LIB_SSL, 200))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEER_ERROR_CERTIFICATE", lib.ERR_LIB_SSL, 201))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEER_ERROR_NO_CERTIFICATE", lib.ERR_LIB_SSL, 202))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEER_ERROR_NO_CIPHER", lib.ERR_LIB_SSL, 203))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 204))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEM_NAME_BAD_PREFIX", lib.ERR_LIB_SSL, 391))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PEM_NAME_TOO_SHORT", lib.ERR_LIB_SSL, 392))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PRE_MAC_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 205))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PROBLEMS_MAPPING_CIPHER_FUNCTIONS", lib.ERR_LIB_SSL, 206))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PROTOCOL_IS_SHUTDOWN", lib.ERR_LIB_SSL, 207))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PSK_IDENTITY_NOT_FOUND", lib.ERR_LIB_SSL, 223))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PSK_NO_CLIENT_CB", lib.ERR_LIB_SSL, 224))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PSK_NO_SERVER_CB", lib.ERR_LIB_SSL, 225))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PUBLIC_KEY_ENCRYPT_ERROR", lib.ERR_LIB_SSL, 208))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PUBLIC_KEY_IS_NOT_RSA", lib.ERR_LIB_SSL, 209))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PUBLIC_KEY_NOT_RSA", lib.ERR_LIB_SSL, 210))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("READ_BIO_NOT_SET", lib.ERR_LIB_SSL, 211))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("READ_TIMEOUT_EXPIRED", lib.ERR_LIB_SSL, 312))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("READ_WRONG_PACKET_TYPE", lib.ERR_LIB_SSL, 212))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("RECORD_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 213))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("RECORD_TOO_LARGE", lib.ERR_LIB_SSL, 214))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("RECORD_TOO_SMALL", lib.ERR_LIB_SSL, 298))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("RENEGOTIATE_EXT_TOO_LONG", lib.ERR_LIB_SSL, 335))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("RENEGOTIATION_ENCODING_ERR", lib.ERR_LIB_SSL, 336))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("RENEGOTIATION_MISMATCH", lib.ERR_LIB_SSL, 337))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("REQUIRED_CIPHER_MISSING", lib.ERR_LIB_SSL, 215))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("REQUIRED_COMPRESSSION_ALGORITHM_MISSING", lib.ERR_LIB_SSL, 342))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("REUSE_CERT_LENGTH_NOT_ZERO", lib.ERR_LIB_SSL, 216))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("REUSE_CERT_TYPE_NOT_ZERO", lib.ERR_LIB_SSL, 217))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("REUSE_CIPHER_LIST_NOT_ZERO", lib.ERR_LIB_SSL, 218))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SCSV_RECEIVED_WHEN_RENEGOTIATING", lib.ERR_LIB_SSL, 345))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SERVERHELLO_TLSEXT", lib.ERR_LIB_SSL, 275))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SESSION_ID_CONTEXT_UNINITIALIZED", lib.ERR_LIB_SSL, 277))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SHORT_READ", lib.ERR_LIB_SSL, 219))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SIGNATURE_ALGORITHMS_ERROR", lib.ERR_LIB_SSL, 360))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", lib.ERR_LIB_SSL, 220))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SRP_A_CALC", lib.ERR_LIB_SSL, 361))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SRTP_COULD_NOT_ALLOCATE_PROFILES", lib.ERR_LIB_SSL, 362))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", lib.ERR_LIB_SSL, 363))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SRTP_UNKNOWN_PROTECTION_PROFILE", lib.ERR_LIB_SSL, 364))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL23_DOING_SESSION_ID_REUSE", lib.ERR_LIB_SSL, 221))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL2_CONNECTION_ID_TOO_LONG", lib.ERR_LIB_SSL, 299))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL3_EXT_INVALID_ECPOINTFORMAT", lib.ERR_LIB_SSL, 321))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL3_EXT_INVALID_SERVERNAME", lib.ERR_LIB_SSL, 319))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL3_EXT_INVALID_SERVERNAME_TYPE", lib.ERR_LIB_SSL, 320))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL3_SESSION_ID_TOO_LONG", lib.ERR_LIB_SSL, 300))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL3_SESSION_ID_TOO_SHORT", lib.ERR_LIB_SSL, 222))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_BAD_CERTIFICATE", lib.ERR_LIB_SSL, 1042))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 1020))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_CERTIFICATE_EXPIRED", lib.ERR_LIB_SSL, 1045))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_CERTIFICATE_REVOKED", lib.ERR_LIB_SSL, 1044))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_CERTIFICATE_UNKNOWN", lib.ERR_LIB_SSL, 1046))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_DECOMPRESSION_FAILURE", lib.ERR_LIB_SSL, 1030))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 1040))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_ILLEGAL_PARAMETER", lib.ERR_LIB_SSL, 1047))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_NO_CERTIFICATE", lib.ERR_LIB_SSL, 1041))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 1010))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", lib.ERR_LIB_SSL, 1043))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", lib.ERR_LIB_SSL, 228))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 229))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 230))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_NEGATIVE_LENGTH", lib.ERR_LIB_SSL, 372))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_SESSION_ID_CALLBACK_FAILED", lib.ERR_LIB_SSL, 301))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_SESSION_ID_CONFLICT", lib.ERR_LIB_SSL, 302))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_SESSION_ID_CONTEXT_TOO_LONG", lib.ERR_LIB_SSL, 273))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_SESSION_ID_HAS_BAD_LENGTH", lib.ERR_LIB_SSL, 303))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SSL_SESSION_ID_IS_DIFFERENT", lib.ERR_LIB_SSL, 231))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_ACCESS_DENIED", lib.ERR_LIB_SSL, 1049))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_DECODE_ERROR", lib.ERR_LIB_SSL, 1050))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_DECRYPTION_FAILED", lib.ERR_LIB_SSL, 1021))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_DECRYPT_ERROR", lib.ERR_LIB_SSL, 1051))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_EXPORT_RESTRICTION", lib.ERR_LIB_SSL, 1060))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 1086))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_INSUFFICIENT_SECURITY", lib.ERR_LIB_SSL, 1071))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_INTERNAL_ERROR", lib.ERR_LIB_SSL, 1080))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_NO_RENEGOTIATION", lib.ERR_LIB_SSL, 1100))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_PROTOCOL_VERSION", lib.ERR_LIB_SSL, 1070))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_RECORD_OVERFLOW", lib.ERR_LIB_SSL, 1022))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_UNKNOWN_CA", lib.ERR_LIB_SSL, 1048))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_ALERT_USER_CANCELLED", lib.ERR_LIB_SSL, 1090))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_BAD_CERTIFICATE_HASH_VALUE", lib.ERR_LIB_SSL, 1114))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", lib.ERR_LIB_SSL, 1113))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_CERTIFICATE_UNOBTAINABLE", lib.ERR_LIB_SSL, 1111))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_UNRECOGNIZED_NAME", lib.ERR_LIB_SSL, 1112))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLSV1_UNSUPPORTED_EXTENSION", lib.ERR_LIB_SSL, 1110))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER", lib.ERR_LIB_SSL, 232))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", lib.ERR_LIB_SSL, 365))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_HEARTBEAT_PENDING", lib.ERR_LIB_SSL, 366))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_ILLEGAL_EXPORTER_LABEL", lib.ERR_LIB_SSL, 367))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_INVALID_ECPOINTFORMAT_LIST", lib.ERR_LIB_SSL, 157))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST", lib.ERR_LIB_SSL, 233))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG", lib.ERR_LIB_SSL, 234))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("TRIED_TO_USE_UNSUPPORTED_CIPHER", lib.ERR_LIB_SSL, 235))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_DECODE_DH_CERTS", lib.ERR_LIB_SSL, 236))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_DECODE_ECDH_CERTS", lib.ERR_LIB_SSL, 313))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_EXTRACT_PUBLIC_KEY", lib.ERR_LIB_SSL, 237))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_FIND_DH_PARAMETERS", lib.ERR_LIB_SSL, 238))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_FIND_ECDH_PARAMETERS", lib.ERR_LIB_SSL, 314))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", lib.ERR_LIB_SSL, 239))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_FIND_SSL_METHOD", lib.ERR_LIB_SSL, 240))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_LOAD_SSL2_MD5_ROUTINES", lib.ERR_LIB_SSL, 241))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", lib.ERR_LIB_SSL, 242))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", lib.ERR_LIB_SSL, 243))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 244))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNEXPECTED_RECORD", lib.ERR_LIB_SSL, 245))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNINITIALIZED", lib.ERR_LIB_SSL, 276))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_ALERT_TYPE", lib.ERR_LIB_SSL, 246))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 247))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_CIPHER_RETURNED", lib.ERR_LIB_SSL, 248))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_CIPHER_TYPE", lib.ERR_LIB_SSL, 249))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_CMD_NAME", lib.ERR_LIB_SSL, 386))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_DIGEST", lib.ERR_LIB_SSL, 368))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_KEY_EXCHANGE_TYPE", lib.ERR_LIB_SSL, 250))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_PKEY_TYPE", lib.ERR_LIB_SSL, 251))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_PROTOCOL", lib.ERR_LIB_SSL, 252))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_REMOTE_ERROR_TYPE", lib.ERR_LIB_SSL, 253))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_SSL_VERSION", lib.ERR_LIB_SSL, 254))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_STATE", lib.ERR_LIB_SSL, 255))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSAFE_LEGACY_RENEGOTIATION_DISABLED", lib.ERR_LIB_SSL, 338))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_CIPHER", lib.ERR_LIB_SSL, 256))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 257))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_DIGEST_TYPE", lib.ERR_LIB_SSL, 326))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_ELLIPTIC_CURVE", lib.ERR_LIB_SSL, 315))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_PROTOCOL", lib.ERR_LIB_SSL, 258))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_SSL_VERSION", lib.ERR_LIB_SSL, 259))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_STATUS_TYPE", lib.ERR_LIB_SSL, 329))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("USE_SRTP_NOT_NEGOTIATED", lib.ERR_LIB_SSL, 369))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("VERSION_TOO_LOW", lib.ERR_LIB_SSL, 396))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRITE_BIO_NOT_SET", lib.ERR_LIB_SSL, 260))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 383))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_CIPHER_RETURNED", lib.ERR_LIB_SSL, 261))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_CURVE", lib.ERR_LIB_SSL, 378))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_MESSAGE_TYPE", lib.ERR_LIB_SSL, 262))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_NUMBER_OF_KEY_BITS", lib.ERR_LIB_SSL, 263))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_SIGNATURE_LENGTH", lib.ERR_LIB_SSL, 264))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_SIGNATURE_SIZE", lib.ERR_LIB_SSL, 265))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_SIGNATURE_TYPE", lib.ERR_LIB_SSL, 370))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_SSL_VERSION", lib.ERR_LIB_SSL, 266))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_VERSION_NUMBER", lib.ERR_LIB_SSL, 267))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("X509_LIB", lib.ERR_LIB_SSL, 268))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("X509_VERIFICATION_SETUP_PROBLEMS", lib.ERR_LIB_SSL, 269))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("AKID_MISMATCH", lib.ERR_LIB_X509, 110))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BAD_X509_FILETYPE", lib.ERR_LIB_X509, 100))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("BASE64_DECODE_ERROR", lib.ERR_LIB_X509, 118))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CANT_CHECK_DH_KEY", lib.ERR_LIB_X509, 114))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CERT_ALREADY_IN_HASH_TABLE", lib.ERR_LIB_X509, 101))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CRL_ALREADY_DELTA", lib.ERR_LIB_X509, 127))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("CRL_VERIFY_FAILURE", lib.ERR_LIB_X509, 131))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ERR_ASN1_LIB", lib.ERR_LIB_X509, 102))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("IDP_MISMATCH", lib.ERR_LIB_X509, 128))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_DIRECTORY", lib.ERR_LIB_X509, 113))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_FIELD_NAME", lib.ERR_LIB_X509, 119))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("INVALID_TRUST", lib.ERR_LIB_X509, 123))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("ISSUER_MISMATCH", lib.ERR_LIB_X509, 129))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KEY_TYPE_MISMATCH", lib.ERR_LIB_X509, 115))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("KEY_VALUES_MISMATCH", lib.ERR_LIB_X509, 116))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("LOADING_CERT_DIR", lib.ERR_LIB_X509, 103))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("LOADING_DEFAULTS", lib.ERR_LIB_X509, 104))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("METHOD_NOT_SUPPORTED", lib.ERR_LIB_X509, 124))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NEWER_CRL_NOT_NEWER", lib.ERR_LIB_X509, 132))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CERT_SET_FOR_US_TO_VERIFY", lib.ERR_LIB_X509, 105))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("NO_CRL_NUMBER", lib.ERR_LIB_X509, 130))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PUBLIC_KEY_DECODE_ERROR", lib.ERR_LIB_X509, 125))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("PUBLIC_KEY_ENCODE_ERROR", lib.ERR_LIB_X509, 126))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("SHOULD_RETRY", lib.ERR_LIB_X509, 106))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", lib.ERR_LIB_X509, 107))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNABLE_TO_GET_CERTS_PUBLIC_KEY", lib.ERR_LIB_X509, 108))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_KEY_TYPE", lib.ERR_LIB_X509, 117))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_NID", lib.ERR_LIB_X509, 109))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_PURPOSE_ID", lib.ERR_LIB_X509, 121))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNKNOWN_TRUST_ID", lib.ERR_LIB_X509, 120))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_X509, 111))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_LOOKUP_TYPE", lib.ERR_LIB_X509, 112))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_error_codes.append(("WRONG_TYPE", lib.ERR_LIB_X509, 122))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++_error_codes = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ADDING_OBJECT", lib.ERR_LIB_ASN1, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASN1_PARSE_ERROR", lib.ERR_LIB_ASN1, 203),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASN1_SIG_PARSE_ERROR", lib.ERR_LIB_ASN1, 204),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("AUX_ERROR", lib.ERR_LIB_ASN1, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_OBJECT_HEADER", lib.ERR_LIB_ASN1, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_TEMPLATE", lib.ERR_LIB_ASN1, 230),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BMPSTRING_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 214),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_LIB", lib.ERR_LIB_ASN1, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BOOLEAN_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BUFFER_TOO_SMALL", lib.ERR_LIB_ASN1, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_HAS_NO_OBJECT_IDENTIFIER", lib.ERR_LIB_ASN1, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTEXT_NOT_INITIALISED", lib.ERR_LIB_ASN1, 217),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_IS_WRONG", lib.ERR_LIB_ASN1, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_ASN1, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DEPTH_EXCEEDED", lib.ERR_LIB_ASN1, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_AND_KEY_TYPE_NOT_SUPPORTED", lib.ERR_LIB_ASN1, 198),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCODE_ERROR", lib.ERR_LIB_ASN1, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_GETTING_TIME", lib.ERR_LIB_ASN1, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_LOADING_SECTION", lib.ERR_LIB_ASN1, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_CIPHER_PARAMS", lib.ERR_LIB_ASN1, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_AN_INTEGER", lib.ERR_LIB_ASN1, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_AN_OBJECT", lib.ERR_LIB_ASN1, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPLICIT_LENGTH_MISMATCH", lib.ERR_LIB_ASN1, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPLICIT_TAG_NOT_CONSTRUCTED", lib.ERR_LIB_ASN1, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIELD_MISSING", lib.ERR_LIB_ASN1, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIRST_NUM_TOO_LARGE", lib.ERR_LIB_ASN1, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HEADER_TOO_LONG", lib.ERR_LIB_ASN1, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_BITSTRING_FORMAT", lib.ERR_LIB_ASN1, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_BOOLEAN", lib.ERR_LIB_ASN1, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_CHARACTERS", lib.ERR_LIB_ASN1, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_FORMAT", lib.ERR_LIB_ASN1, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_HEX", lib.ERR_LIB_ASN1, 178),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_IMPLICIT_TAG", lib.ERR_LIB_ASN1, 179),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_INTEGER", lib.ERR_LIB_ASN1, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_NEGATIVE_VALUE", lib.ERR_LIB_ASN1, 226),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_NESTED_TAGGING", lib.ERR_LIB_ASN1, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_NULL", lib.ERR_LIB_ASN1, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_NULL_VALUE", lib.ERR_LIB_ASN1, 182),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_OBJECT", lib.ERR_LIB_ASN1, 183),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_OPTIONAL_ANY", lib.ERR_LIB_ASN1, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE", lib.ERR_LIB_ASN1, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_PADDING", lib.ERR_LIB_ASN1, 221),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_TAGGED_ANY", lib.ERR_LIB_ASN1, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_TIME_VALUE", lib.ERR_LIB_ASN1, 184),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_ZERO_CONTENT", lib.ERR_LIB_ASN1, 222),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INTEGER_NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 185),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INTEGER_TOO_LARGE_FOR_LONG", lib.ERR_LIB_ASN1, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_BIT_STRING_BITS_LEFT", lib.ERR_LIB_ASN1, 220),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_BMPSTRING_LENGTH", lib.ERR_LIB_ASN1, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGIT", lib.ERR_LIB_ASN1, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MIME_TYPE", lib.ERR_LIB_ASN1, 205),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MODIFIER", lib.ERR_LIB_ASN1, 186),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NUMBER", lib.ERR_LIB_ASN1, 187),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OBJECT_ENCODING", lib.ERR_LIB_ASN1, 216),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SCRYPT_PARAMETERS", lib.ERR_LIB_ASN1, 227),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SEPARATOR", lib.ERR_LIB_ASN1, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_STRING_TABLE_VALUE", lib.ERR_LIB_ASN1, 218),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_UNIVERSALSTRING_LENGTH", lib.ERR_LIB_ASN1, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_UTF8STRING", lib.ERR_LIB_ASN1, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_VALUE", lib.ERR_LIB_ASN1, 219),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LENGTH_TOO_LONG", lib.ERR_LIB_ASN1, 231),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LIST_ERROR", lib.ERR_LIB_ASN1, 188),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MIME_NO_CONTENT_TYPE", lib.ERR_LIB_ASN1, 206),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MIME_PARSE_ERROR", lib.ERR_LIB_ASN1, 207),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MIME_SIG_PARSE_ERROR", lib.ERR_LIB_ASN1, 208),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_EOC", lib.ERR_LIB_ASN1, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SECOND_NUMBER", lib.ERR_LIB_ASN1, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_VALUE", lib.ERR_LIB_ASN1, 189),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MSTRING_NOT_UNIVERSAL", lib.ERR_LIB_ASN1, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MSTRING_WRONG_TAG", lib.ERR_LIB_ASN1, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NESTED_ASN1_STRING", lib.ERR_LIB_ASN1, 197),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NESTED_TOO_DEEP", lib.ERR_LIB_ASN1, 201),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NON_HEX_CHARACTERS", lib.ERR_LIB_ASN1, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 190),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_ENOUGH_DATA", lib.ERR_LIB_ASN1, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONTENT_TYPE", lib.ERR_LIB_ASN1, 209),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MATCHING_CHOICE_TYPE", lib.ERR_LIB_ASN1, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MULTIPART_BODY_FAILURE", lib.ERR_LIB_ASN1, 210),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MULTIPART_BOUNDARY", lib.ERR_LIB_ASN1, 211),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SIG_CONTENT_TYPE", lib.ERR_LIB_ASN1, 212),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OBJECT_NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 191),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ODD_NUMBER_OF_CHARS", lib.ERR_LIB_ASN1, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SECOND_NUMBER_TOO_LARGE", lib.ERR_LIB_ASN1, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEQUENCE_LENGTH_MISMATCH", lib.ERR_LIB_ASN1, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEQUENCE_NOT_CONSTRUCTED", lib.ERR_LIB_ASN1, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEQUENCE_OR_SET_NEEDS_CONFIG", lib.ERR_LIB_ASN1, 192),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHORT_LINE", lib.ERR_LIB_ASN1, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIG_INVALID_MIME_TYPE", lib.ERR_LIB_ASN1, 213),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STREAMING_NOT_SUPPORTED", lib.ERR_LIB_ASN1, 202),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STRING_TOO_LONG", lib.ERR_LIB_ASN1, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STRING_TOO_SHORT", lib.ERR_LIB_ASN1, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", lib.ERR_LIB_ASN1, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TIME_NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 193),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_LARGE", lib.ERR_LIB_ASN1, 223),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_LONG", lib.ERR_LIB_ASN1, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_SMALL", lib.ERR_LIB_ASN1, 224),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_CONSTRUCTED", lib.ERR_LIB_ASN1, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_PRIMITIVE", lib.ERR_LIB_ASN1, 195),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_EOC", lib.ERR_LIB_ASN1, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNIVERSALSTRING_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 215),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST", lib.ERR_LIB_ASN1, 229),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_FORMAT", lib.ERR_LIB_ASN1, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_MESSAGE_DIGEST_ALGORITHM", lib.ERR_LIB_ASN1, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_OBJECT_TYPE", lib.ERR_LIB_ASN1, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PUBLIC_KEY_TYPE", lib.ERR_LIB_ASN1, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_SIGNATURE_ALGORITHM", lib.ERR_LIB_ASN1, 199),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_TAG", lib.ERR_LIB_ASN1, 194),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ANY_DEFINED_BY_TYPE", lib.ERR_LIB_ASN1, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_ASN1, 228),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PUBLIC_KEY_TYPE", lib.ERR_LIB_ASN1, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_TYPE", lib.ERR_LIB_ASN1, 196),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_INTEGER_TYPE", lib.ERR_LIB_ASN1, 225),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_PUBLIC_KEY_TYPE", lib.ERR_LIB_ASN1, 200),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_TAG", lib.ERR_LIB_ASN1, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_SET_POOL", lib.ERR_LIB_ASYNC, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_SWAP_CONTEXT", lib.ERR_LIB_ASYNC, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INIT_FAILED", lib.ERR_LIB_ASYNC, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_POOL_SIZE", lib.ERR_LIB_ASYNC, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ACCEPT_ERROR", lib.ERR_LIB_BIO, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ADDRINFO_ADDR_IS_NOT_AF_INET", lib.ERR_LIB_BIO, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("AMBIGUOUS_HOST_OR_SERVICE", lib.ERR_LIB_BIO, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_FOPEN_MODE", lib.ERR_LIB_BIO, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BROKEN_PIPE", lib.ERR_LIB_BIO, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONNECT_ERROR", lib.ERR_LIB_BIO, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONNECT_TIMEOUT", lib.ERR_LIB_BIO, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GETHOSTBYNAME_ADDR_IS_NOT_AF_INET", lib.ERR_LIB_BIO, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GETSOCKNAME_ERROR", lib.ERR_LIB_BIO, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GETSOCKNAME_TRUNCATED_ADDRESS", lib.ERR_LIB_BIO, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GETTING_SOCKTYPE", lib.ERR_LIB_BIO, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ARGUMENT", lib.ERR_LIB_BIO, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SOCKET", lib.ERR_LIB_BIO, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IN_USE", lib.ERR_LIB_BIO, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LENGTH_TOO_LONG", lib.ERR_LIB_BIO, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LISTEN_V6_ONLY", lib.ERR_LIB_BIO, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOOKUP_RETURNED_NOTHING", lib.ERR_LIB_BIO, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MALFORMED_HOST_OR_SERVICE", lib.ERR_LIB_BIO, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NBIO_CONNECT_ERROR", lib.ERR_LIB_BIO, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED", lib.ERR_LIB_BIO, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_HOSTNAME_OR_SERVICE_SPECIFIED", lib.ERR_LIB_BIO, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PORT_DEFINED", lib.ERR_LIB_BIO, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUCH_FILE", lib.ERR_LIB_BIO, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TRANSFER_ERROR", lib.ERR_LIB_BIO, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TRANSFER_TIMEOUT", lib.ERR_LIB_BIO, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_BIND_SOCKET", lib.ERR_LIB_BIO, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_CREATE_SOCKET", lib.ERR_LIB_BIO, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_KEEPALIVE", lib.ERR_LIB_BIO, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LISTEN_SOCKET", lib.ERR_LIB_BIO, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_NODELAY", lib.ERR_LIB_BIO, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_REUSEADDR", lib.ERR_LIB_BIO, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNAVAILABLE_IP_FAMILY", lib.ERR_LIB_BIO, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNINITIALIZED", lib.ERR_LIB_BIO, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_INFO_TYPE", lib.ERR_LIB_BIO, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_IP_FAMILY", lib.ERR_LIB_BIO, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_METHOD", lib.ERR_LIB_BIO, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PROTOCOL_FAMILY", lib.ERR_LIB_BIO, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRITE_TO_READ_ONLY_BIO", lib.ERR_LIB_BIO, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WSASTARTUP", lib.ERR_LIB_BIO, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ARG2_LT_ARG3", lib.ERR_LIB_BN, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_RECIPROCAL", lib.ERR_LIB_BN, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BIGNUM_TOO_LONG", lib.ERR_LIB_BN, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BITS_TOO_SMALL", lib.ERR_LIB_BN, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CALLED_WITH_EVEN_MODULUS", lib.ERR_LIB_BN, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIV_BY_ZERO", lib.ERR_LIB_BN, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCODING_ERROR", lib.ERR_LIB_BN, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPAND_ON_STATIC_BIGNUM_DATA", lib.ERR_LIB_BN, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INPUT_NOT_REDUCED", lib.ERR_LIB_BN, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LENGTH", lib.ERR_LIB_BN, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_RANGE", lib.ERR_LIB_BN, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SHIFT", lib.ERR_LIB_BN, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_SQUARE", lib.ERR_LIB_BN, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_INITIALIZED", lib.ERR_LIB_BN, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_INVERSE", lib.ERR_LIB_BN, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SOLUTION", lib.ERR_LIB_BN, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUITABLE_DIGEST", lib.ERR_LIB_BN, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_TOO_LARGE", lib.ERR_LIB_BN, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("P_IS_NOT_PRIME", lib.ERR_LIB_BN, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_ITERATIONS", lib.ERR_LIB_BN, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_TEMPORARY_VARIABLES", lib.ERR_LIB_BN, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ALGORITHM_NOT_SUPPORTED", lib.ERR_LIB_CMP, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_CHECKAFTER_IN_POLLREP", lib.ERR_LIB_CMP, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_REQUEST_ID", lib.ERR_LIB_CMP, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTHASH_UNMATCHED", lib.ERR_LIB_CMP, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTID_NOT_FOUND", lib.ERR_LIB_CMP, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_NOT_ACCEPTED", lib.ERR_LIB_CMP, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_NOT_FOUND", lib.ERR_LIB_CMP, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTREQMSG_NOT_FOUND", lib.ERR_LIB_CMP, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTRESPONSE_NOT_FOUND", lib.ERR_LIB_CMP, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERT_AND_KEY_DO_NOT_MATCH", lib.ERR_LIB_CMP, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECKAFTER_OUT_OF_RANGE", lib.ERR_LIB_CMP, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCOUNTERED_KEYUPDATEWARNING", lib.ERR_LIB_CMP, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCOUNTERED_WAITING", lib.ERR_LIB_CMP, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CALCULATING_PROTECTION", lib.ERR_LIB_CMP, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_CERTCONF", lib.ERR_LIB_CMP, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_CERTREP", lib.ERR_LIB_CMP, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_CERTREQ", lib.ERR_LIB_CMP, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_ERROR", lib.ERR_LIB_CMP, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_GENM", lib.ERR_LIB_CMP, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_GENP", lib.ERR_LIB_CMP, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_PKICONF", lib.ERR_LIB_CMP, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_POLLREP", lib.ERR_LIB_CMP, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_POLLREQ", lib.ERR_LIB_CMP, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_RP", lib.ERR_LIB_CMP, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_RR", lib.ERR_LIB_CMP, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_PARSING_PKISTATUS", lib.ERR_LIB_CMP, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_PROCESSING_MESSAGE", lib.ERR_LIB_CMP, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_PROTECTING_MESSAGE", lib.ERR_LIB_CMP, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_CERTHASH", lib.ERR_LIB_CMP, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_UNEXPECTED_CERTCONF", lib.ERR_LIB_CMP, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_VALIDATING_PROTECTION", lib.ERR_LIB_CMP, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_VALIDATING_SIGNATURE", lib.ERR_LIB_CMP, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_BUILDING_OWN_CHAIN", lib.ERR_LIB_CMP, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_EXTRACTING_PUBKEY", lib.ERR_LIB_CMP, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILURE_OBTAINING_RANDOM", lib.ERR_LIB_CMP, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAIL_INFO_OUT_OF_RANGE", lib.ERR_LIB_CMP, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ARGS", lib.ERR_LIB_CMP, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OPTION", lib.ERR_LIB_CMP, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CERTID", lib.ERR_LIB_CMP, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_KEY_INPUT_FOR_CREATING_PROTECTION", lib.ERR_LIB_CMP, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_KEY_USAGE_DIGITALSIGNATURE", lib.ERR_LIB_CMP, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_P10CSR", lib.ERR_LIB_CMP, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PBM_SECRET", lib.ERR_LIB_CMP, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_CMP, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PROTECTION", lib.ERR_LIB_CMP, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_REFERENCE_CERT", lib.ERR_LIB_CMP, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SENDER_IDENTIFICATION", lib.ERR_LIB_CMP, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_TRUST_STORE", lib.ERR_LIB_CMP, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MULTIPLE_REQUESTS_NOT_SUPPORTED", lib.ERR_LIB_CMP, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MULTIPLE_RESPONSES_NOT_SUPPORTED", lib.ERR_LIB_CMP, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MULTIPLE_SAN_SOURCES", lib.ERR_LIB_CMP, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_STDIO", lib.ERR_LIB_CMP, 194),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUITABLE_SENDER_CERT", lib.ERR_LIB_CMP, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_ARGUMENT", lib.ERR_LIB_CMP, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKIBODY_ERROR", lib.ERR_LIB_CMP, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKISTATUSINFO_NOT_FOUND", lib.ERR_LIB_CMP, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POLLING_FAILED", lib.ERR_LIB_CMP, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POTENTIALLY_INVALID_CERTIFICATE", lib.ERR_LIB_CMP, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECEIVED_ERROR", lib.ERR_LIB_CMP, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECIPNONCE_UNMATCHED", lib.ERR_LIB_CMP, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_NOT_ACCEPTED", lib.ERR_LIB_CMP, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_REJECTED_BY_SERVER", lib.ERR_LIB_CMP, 182),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SENDER_GENERALNAME_TYPE_NOT_SUPPORTED", lib.ERR_LIB_CMP, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SRVCERT_DOES_NOT_VALIDATE_MSG", lib.ERR_LIB_CMP, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOTAL_TIMEOUT", lib.ERR_LIB_CMP, 184),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TRANSACTIONID_UNMATCHED", lib.ERR_LIB_CMP, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TRANSFER_ERROR", lib.ERR_LIB_CMP, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_PKIBODY", lib.ERR_LIB_CMP, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_PKISTATUS", lib.ERR_LIB_CMP, 185),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_PVNO", lib.ERR_LIB_CMP, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_ALGORITHM_ID", lib.ERR_LIB_CMP, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CERT_TYPE", lib.ERR_LIB_CMP, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PKISTATUS", lib.ERR_LIB_CMP, 186),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_CMP, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_TYPE", lib.ERR_LIB_CMP, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC", lib.ERR_LIB_CMP, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VALUE_TOO_LARGE", lib.ERR_LIB_CMP, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VALUE_TOO_SMALL", lib.ERR_LIB_CMP, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_ALGORITHM_OID", lib.ERR_LIB_CMP, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CERTID", lib.ERR_LIB_CMP, 189),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CERTID_IN_RP", lib.ERR_LIB_CMP, 187),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_PBM_VALUE", lib.ERR_LIB_CMP, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_RP_COMPONENT_COUNT", lib.ERR_LIB_CMP, 188),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_SERIAL_IN_RP", lib.ERR_LIB_CMP, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ADD_SIGNER_ERROR", lib.ERR_LIB_CMS, 99),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ATTRIBUTE_ERROR", lib.ERR_LIB_CMS, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_ALREADY_PRESENT", lib.ERR_LIB_CMS, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_HAS_NO_KEYID", lib.ERR_LIB_CMS, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_CMS, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_AEAD_SET_TAG_ERROR", lib.ERR_LIB_CMS, 184),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_GET_TAG", lib.ERR_LIB_CMS, 185),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_INITIALISATION_ERROR", lib.ERR_LIB_CMS, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_PARAMETER_INITIALISATION_ERROR", lib.ERR_LIB_CMS, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CMS_DATAFINAL_ERROR", lib.ERR_LIB_CMS, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CMS_LIB", lib.ERR_LIB_CMS, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENTIDENTIFIER_MISMATCH", lib.ERR_LIB_CMS, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_NOT_FOUND", lib.ERR_LIB_CMS, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_TYPE_MISMATCH", lib.ERR_LIB_CMS, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_TYPE_NOT_COMPRESSED_DATA", lib.ERR_LIB_CMS, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_TYPE_NOT_ENVELOPED_DATA", lib.ERR_LIB_CMS, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_TYPE_NOT_SIGNED_DATA", lib.ERR_LIB_CMS, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_VERIFY_ERROR", lib.ERR_LIB_CMS, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_ERROR", lib.ERR_LIB_CMS, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_FAILURE", lib.ERR_LIB_CMS, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_CMS, 187),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECRYPT_ERROR", lib.ERR_LIB_CMS, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_GETTING_PUBLIC_KEY", lib.ERR_LIB_CMS, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_READING_MESSAGEDIGEST_ATTRIBUTE", lib.ERR_LIB_CMS, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_KEY", lib.ERR_LIB_CMS, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_RECIPIENTINFO", lib.ERR_LIB_CMS, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_SIGNING_CERTID_MISMATCH_ERROR", lib.ERR_LIB_CMS, 183),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ENCRYPTED_KEY_LENGTH", lib.ERR_LIB_CMS, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY_ENCRYPTION_PARAMETER", lib.ERR_LIB_CMS, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY_LENGTH", lib.ERR_LIB_CMS, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LABEL", lib.ERR_LIB_CMS, 190),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OAEP_PARAMETERS", lib.ERR_LIB_CMS, 191),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KDF_PARAMETER_ERROR", lib.ERR_LIB_CMS, 186),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MD_BIO_INIT_ERROR", lib.ERR_LIB_CMS, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH", lib.ERR_LIB_CMS, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MESSAGEDIGEST_WRONG_LENGTH", lib.ERR_LIB_CMS, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MSGSIGDIGEST_ERROR", lib.ERR_LIB_CMS, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MSGSIGDIGEST_VERIFICATION_FAILURE", lib.ERR_LIB_CMS, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MSGSIGDIGEST_WRONG_LENGTH", lib.ERR_LIB_CMS, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NEED_ONE_SIGNER", lib.ERR_LIB_CMS, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_SIGNED_RECEIPT", lib.ERR_LIB_CMS, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_ENCRYPTED_DATA", lib.ERR_LIB_CMS, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_KEK", lib.ERR_LIB_CMS, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_KEY_AGREEMENT", lib.ERR_LIB_CMS, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_KEY_TRANSPORT", lib.ERR_LIB_CMS, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_PWRI", lib.ERR_LIB_CMS, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_SUPPORTED_FOR_THIS_KEY_TYPE", lib.ERR_LIB_CMS, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CIPHER", lib.ERR_LIB_CMS, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONTENT", lib.ERR_LIB_CMS, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONTENT_TYPE", lib.ERR_LIB_CMS, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_DEFAULT_DIGEST", lib.ERR_LIB_CMS, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_DIGEST_SET", lib.ERR_LIB_CMS, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_KEY", lib.ERR_LIB_CMS, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_KEY_OR_CERT", lib.ERR_LIB_CMS, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MATCHING_DIGEST", lib.ERR_LIB_CMS, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MATCHING_RECIPIENT", lib.ERR_LIB_CMS, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MATCHING_SIGNATURE", lib.ERR_LIB_CMS, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MSGSIGDIGEST", lib.ERR_LIB_CMS, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PASSWORD", lib.ERR_LIB_CMS, 178),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PRIVATE_KEY", lib.ERR_LIB_CMS, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PUBLIC_KEY", lib.ERR_LIB_CMS, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_RECEIPT_REQUEST", lib.ERR_LIB_CMS, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SIGNERS", lib.ERR_LIB_CMS, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEER_KEY_ERROR", lib.ERR_LIB_CMS, 188),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_CMS, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECEIPT_DECODE_ERROR", lib.ERR_LIB_CMS, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECIPIENT_ERROR", lib.ERR_LIB_CMS, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHARED_INFO_ERROR", lib.ERR_LIB_CMS, 189),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNER_CERTIFICATE_NOT_FOUND", lib.ERR_LIB_CMS, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNFINAL_ERROR", lib.ERR_LIB_CMS, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SMIME_TEXT_ERROR", lib.ERR_LIB_CMS, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STORE_INIT_ERROR", lib.ERR_LIB_CMS, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_COMPRESSED_DATA", lib.ERR_LIB_CMS, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_DATA", lib.ERR_LIB_CMS, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_DIGESTED_DATA", lib.ERR_LIB_CMS, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_ENCRYPTED_DATA", lib.ERR_LIB_CMS, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TYPE_NOT_ENVELOPED_DATA", lib.ERR_LIB_CMS, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FINALIZE_CONTEXT", lib.ERR_LIB_CMS, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CIPHER", lib.ERR_LIB_CMS, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST_ALGORITHM", lib.ERR_LIB_CMS, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_ID", lib.ERR_LIB_CMS, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_COMPRESSION_ALGORITHM", lib.ERR_LIB_CMS, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CONTENT_TYPE", lib.ERR_LIB_CMS, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ENCRYPTION_TYPE", lib.ERR_LIB_CMS, 192),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEK_ALGORITHM", lib.ERR_LIB_CMS, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM", lib.ERR_LIB_CMS, 179),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_LABEL_SOURCE", lib.ERR_LIB_CMS, 193),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_RECIPIENTINFO_TYPE", lib.ERR_LIB_CMS, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_RECIPIENT_TYPE", lib.ERR_LIB_CMS, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_TYPE", lib.ERR_LIB_CMS, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNWRAP_ERROR", lib.ERR_LIB_CMS, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNWRAP_FAILURE", lib.ERR_LIB_CMS, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VERIFICATION_FAILURE", lib.ERR_LIB_CMS, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRAP_ERROR", lib.ERR_LIB_CMS, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ZLIB_DEFLATE_ERROR", lib.ERR_LIB_COMP, 99),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ZLIB_INFLATE_ERROR", lib.ERR_LIB_COMP, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ZLIB_NOT_SUPPORTED", lib.ERR_LIB_COMP, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_LOADING_DSO", lib.ERR_LIB_CONF, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PRAGMA", lib.ERR_LIB_CONF, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LIST_CANNOT_BE_NULL", lib.ERR_LIB_CONF, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MANDATORY_BRACES_IN_VARIABLE_EXPANSION", lib.ERR_LIB_CONF, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CLOSE_SQUARE_BRACKET", lib.ERR_LIB_CONF, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_EQUAL_SIGN", lib.ERR_LIB_CONF, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_INIT_FUNCTION", lib.ERR_LIB_CONF, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MODULE_INITIALIZATION_ERROR", lib.ERR_LIB_CONF, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CLOSE_BRACE", lib.ERR_LIB_CONF, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONF", lib.ERR_LIB_CONF, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONF_OR_ENVIRONMENT_VARIABLE", lib.ERR_LIB_CONF, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SECTION", lib.ERR_LIB_CONF, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUCH_FILE", lib.ERR_LIB_CONF, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_VALUE", lib.ERR_LIB_CONF, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NUMBER_TOO_LARGE", lib.ERR_LIB_CONF, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPENSSL_CONF_REFERENCES_MISSING_SECTION", lib.ERR_LIB_CONF, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECURSIVE_DIRECTORY_INCLUDE", lib.ERR_LIB_CONF, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RELATIVE_PATH", lib.ERR_LIB_CONF, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_COMMAND_SECTION_EMPTY", lib.ERR_LIB_CONF, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_COMMAND_SECTION_NOT_FOUND", lib.ERR_LIB_CONF, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SECTION_EMPTY", lib.ERR_LIB_CONF, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SECTION_NOT_FOUND", lib.ERR_LIB_CONF, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_CREATE_NEW_SECTION", lib.ERR_LIB_CONF, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_MODULE_NAME", lib.ERR_LIB_CONF, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VARIABLE_EXPANSION_TOO_LONG", lib.ERR_LIB_CONF, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VARIABLE_HAS_NO_VALUE", lib.ERR_LIB_CONF, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PBM_ITERATIONCOUNT", lib.ERR_LIB_CRMF, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CRMFERROR", lib.ERR_LIB_CRMF, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR", lib.ERR_LIB_CRMF, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_DECODING_CERTIFICATE", lib.ERR_LIB_CRMF, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_DECRYPTING_CERTIFICATE", lib.ERR_LIB_CRMF, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_DECRYPTING_SYMMETRIC_KEY", lib.ERR_LIB_CRMF, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILURE_OBTAINING_RANDOM", lib.ERR_LIB_CRMF, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ITERATIONCOUNT_BELOW_100", lib.ERR_LIB_CRMF, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MALFORMED_IV", lib.ERR_LIB_CRMF, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_ARGUMENT", lib.ERR_LIB_CRMF, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POPOSKINPUT_NOT_SUPPORTED", lib.ERR_LIB_CRMF, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POPO_INCONSISTENT_PUBLIC_KEY", lib.ERR_LIB_CRMF, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POPO_MISSING", lib.ERR_LIB_CRMF, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POPO_MISSING_PUBLIC_KEY", lib.ERR_LIB_CRMF, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POPO_MISSING_SUBJECT", lib.ERR_LIB_CRMF, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POPO_RAVERIFIED_NOT_ACCEPTED", lib.ERR_LIB_CRMF, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SETTING_MAC_ALGOR_FAILURE", lib.ERR_LIB_CRMF, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SETTING_OWF_ALGOR_FAILURE", lib.ERR_LIB_CRMF, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_CRMF, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_CRMF, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_METHOD_FOR_CREATING_POPO", lib.ERR_LIB_CRMF, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_POPO_METHOD", lib.ERR_LIB_CRMF, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_ALGORITHM_NAME", lib.ERR_LIB_CRYPTO, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONFLICTING_NAMES", lib.ERR_LIB_CRYPTO, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HEX_STRING_TOO_SHORT", lib.ERR_LIB_CRYPTO, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_HEX_DIGIT", lib.ERR_LIB_CRYPTO, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INSUFFICIENT_DATA_SPACE", lib.ERR_LIB_CRYPTO, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INSUFFICIENT_PARAM_SIZE", lib.ERR_LIB_CRYPTO, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INSUFFICIENT_SECURE_DATA_SPACE", lib.ERR_LIB_CRYPTO, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_ARGUMENT", lib.ERR_LIB_CRYPTO, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OSSL_PARAM_TYPE", lib.ERR_LIB_CRYPTO, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ODD_NUMBER_OF_DIGITS", lib.ERR_LIB_CRYPTO, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROVIDER_ALREADY_EXISTS", lib.ERR_LIB_CRYPTO, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROVIDER_SECTION_ERROR", lib.ERR_LIB_CRYPTO, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RANDOM_SECTION_ERROR", lib.ERR_LIB_CRYPTO, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SECURE_MALLOC_FAILURE", lib.ERR_LIB_CRYPTO, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STRING_TOO_LONG", lib.ERR_LIB_CRYPTO, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_BYTES", lib.ERR_LIB_CRYPTO, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_RECORDS", lib.ERR_LIB_CRYPTO, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_SMALL_BUFFER", lib.ERR_LIB_CRYPTO, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_NAME_IN_RANDOM_SECTION", lib.ERR_LIB_CRYPTO, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ZERO_LENGTH_NUMBER", lib.ERR_LIB_CRYPTO, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BASE64_DECODE_ERROR", lib.ERR_LIB_CT, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LOG_ID_LENGTH", lib.ERR_LIB_CT, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOG_CONF_INVALID", lib.ERR_LIB_CT, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOG_CONF_INVALID_KEY", lib.ERR_LIB_CT, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOG_CONF_MISSING_DESCRIPTION", lib.ERR_LIB_CT, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOG_CONF_MISSING_KEY", lib.ERR_LIB_CT, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOG_KEY_INVALID", lib.ERR_LIB_CT, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_FUTURE_TIMESTAMP", lib.ERR_LIB_CT, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_INVALID", lib.ERR_LIB_CT, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_INVALID_SIGNATURE", lib.ERR_LIB_CT, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_LIST_INVALID", lib.ERR_LIB_CT, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_LOG_ID_MISMATCH", lib.ERR_LIB_CT, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_NOT_SET", lib.ERR_LIB_CT, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_UNSUPPORTED_VERSION", lib.ERR_LIB_CT, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNRECOGNIZED_SIGNATURE_NID", lib.ERR_LIB_CT, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ENTRY_TYPE", lib.ERR_LIB_CT, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_VERSION", lib.ERR_LIB_CT, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_FFC_PARAMETERS", lib.ERR_LIB_DH, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_GENERATOR", lib.ERR_LIB_DH, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_DECODE_ERROR", lib.ERR_LIB_DH, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_ERROR", lib.ERR_LIB_DH, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_INVALID_J_VALUE", lib.ERR_LIB_DH, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_INVALID_Q_VALUE", lib.ERR_LIB_DH, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_PUBKEY_INVALID", lib.ERR_LIB_DH, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_PUBKEY_TOO_LARGE", lib.ERR_LIB_DH, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_PUBKEY_TOO_SMALL", lib.ERR_LIB_DH, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_P_NOT_PRIME", lib.ERR_LIB_DH, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_P_NOT_SAFE_PRIME", lib.ERR_LIB_DH, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CHECK_Q_NOT_PRIME", lib.ERR_LIB_DH, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_DH, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PARAMETER_NAME", lib.ERR_LIB_DH, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PARAMETER_NID", lib.ERR_LIB_DH, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PUBKEY", lib.ERR_LIB_DH, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SECRET", lib.ERR_LIB_DH, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KDF_PARAMETER_ERROR", lib.ERR_LIB_DH, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEYS_NOT_SET", lib.ERR_LIB_DH, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PUBKEY", lib.ERR_LIB_DH, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MODULUS_TOO_LARGE", lib.ERR_LIB_DH, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MODULUS_TOO_SMALL", lib.ERR_LIB_DH, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_SUITABLE_GENERATOR", lib.ERR_LIB_DH, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PARAMETERS_SET", lib.ERR_LIB_DH, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PRIVATE_VALUE", lib.ERR_LIB_DH, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARAMETER_ENCODING_ERROR", lib.ERR_LIB_DH, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEER_KEY_ERROR", lib.ERR_LIB_DH, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHARED_INFO_ERROR", lib.ERR_LIB_DH, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_CHECK_GENERATOR", lib.ERR_LIB_DH, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_FFC_PARAMETERS", lib.ERR_LIB_DSA, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_Q_VALUE", lib.ERR_LIB_DSA, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_DECODE_ERROR", lib.ERR_LIB_DSA, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_ERROR", lib.ERR_LIB_DSA, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_DSA, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST_TYPE", lib.ERR_LIB_DSA, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PARAMETERS", lib.ERR_LIB_DSA, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PARAMETERS", lib.ERR_LIB_DSA, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_DSA, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MODULUS_TOO_LARGE", lib.ERR_LIB_DSA, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PARAMETERS_SET", lib.ERR_LIB_DSA, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARAMETER_ENCODING_ERROR", lib.ERR_LIB_DSA, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("P_NOT_PRIME", lib.ERR_LIB_DSA, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("Q_NOT_PRIME", lib.ERR_LIB_DSA, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEED_LEN_SMALL", lib.ERR_LIB_DSA, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_FAILED", lib.ERR_LIB_DSO, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DSO_ALREADY_LOADED", lib.ERR_LIB_DSO, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EMPTY_FILE_STRUCTURE", lib.ERR_LIB_DSO, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILURE", lib.ERR_LIB_DSO, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FILENAME_TOO_BIG", lib.ERR_LIB_DSO, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FINISH_FAILED", lib.ERR_LIB_DSO, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCORRECT_FILE_SYNTAX", lib.ERR_LIB_DSO, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOAD_FAILED", lib.ERR_LIB_DSO, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NAME_TRANSLATION_FAILED", lib.ERR_LIB_DSO, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_FILENAME", lib.ERR_LIB_DSO, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_HANDLE", lib.ERR_LIB_DSO, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SET_FILENAME_FAILED", lib.ERR_LIB_DSO, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STACK_ERROR", lib.ERR_LIB_DSO, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SYM_FAILURE", lib.ERR_LIB_DSO, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNLOAD_FAILED", lib.ERR_LIB_DSO, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED", lib.ERR_LIB_DSO, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASN1_ERROR", lib.ERR_LIB_EC, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SIGNATURE", lib.ERR_LIB_EC, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BIGNUM_OUT_OF_RANGE", lib.ERR_LIB_EC, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BUFFER_TOO_SMALL", lib.ERR_LIB_EC, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_INVERT", lib.ERR_LIB_EC, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COORDINATES_OUT_OF_RANGE", lib.ERR_LIB_EC, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CURVE_DOES_NOT_SUPPORT_ECDH", lib.ERR_LIB_EC, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CURVE_DOES_NOT_SUPPORT_ECDSA", lib.ERR_LIB_EC, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CURVE_DOES_NOT_SUPPORT_SIGNING", lib.ERR_LIB_EC, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_EC, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DISCRIMINANT_IS_ZERO", lib.ERR_LIB_EC, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EC_GROUP_NEW_BY_NAME_FAILURE", lib.ERR_LIB_EC, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_MAKING_PUBLIC_KEY", lib.ERR_LIB_EC, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIELD_TOO_LARGE", lib.ERR_LIB_EC, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GF2M_NOT_SUPPORTED", lib.ERR_LIB_EC, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GROUP2PKPARAMETERS_FAILURE", lib.ERR_LIB_EC, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("I2D_ECPKPARAMETERS_FAILURE", lib.ERR_LIB_EC, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCOMPATIBLE_OBJECTS", lib.ERR_LIB_EC, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_A", lib.ERR_LIB_EC, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ARGUMENT", lib.ERR_LIB_EC, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_B", lib.ERR_LIB_EC, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_COFACTOR", lib.ERR_LIB_EC, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_COMPRESSED_POINT", lib.ERR_LIB_EC, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_COMPRESSION_BIT", lib.ERR_LIB_EC, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CURVE", lib.ERR_LIB_EC, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST", lib.ERR_LIB_EC, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST_TYPE", lib.ERR_LIB_EC, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ENCODING", lib.ERR_LIB_EC, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_FIELD", lib.ERR_LIB_EC, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_FORM", lib.ERR_LIB_EC, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_GENERATOR", lib.ERR_LIB_EC, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_GROUP_ORDER", lib.ERR_LIB_EC, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY", lib.ERR_LIB_EC, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LENGTH", lib.ERR_LIB_EC, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NAMED_GROUP_CONVERSION", lib.ERR_LIB_EC, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OUTPUT_LENGTH", lib.ERR_LIB_EC, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_P", lib.ERR_LIB_EC, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PEER_KEY", lib.ERR_LIB_EC, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PENTANOMIAL_BASIS", lib.ERR_LIB_EC, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PRIVATE_KEY", lib.ERR_LIB_EC, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SEED", lib.ERR_LIB_EC, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TRINOMIAL_BASIS", lib.ERR_LIB_EC, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KDF_PARAMETER_ERROR", lib.ERR_LIB_EC, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEYS_NOT_SET", lib.ERR_LIB_EC, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LADDER_POST_FAILURE", lib.ERR_LIB_EC, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LADDER_PRE_FAILURE", lib.ERR_LIB_EC, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LADDER_STEP_FAILURE", lib.ERR_LIB_EC, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_OID", lib.ERR_LIB_EC, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PARAMETERS", lib.ERR_LIB_EC, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_EC, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NEED_NEW_SETUP_VALUES", lib.ERR_LIB_EC, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_NIST_PRIME", lib.ERR_LIB_EC, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_IMPLEMENTED", lib.ERR_LIB_EC, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_INITIALIZED", lib.ERR_LIB_EC, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PARAMETERS_SET", lib.ERR_LIB_EC, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PRIVATE_VALUE", lib.ERR_LIB_EC, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_SUPPORTED", lib.ERR_LIB_EC, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PASSED_NULL_PARAMETER", lib.ERR_LIB_EC, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEER_KEY_ERROR", lib.ERR_LIB_EC, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POINT_ARITHMETIC_FAILURE", lib.ERR_LIB_EC, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POINT_AT_INFINITY", lib.ERR_LIB_EC, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POINT_COORDINATES_BLIND_FAILURE", lib.ERR_LIB_EC, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POINT_IS_NOT_ON_CURVE", lib.ERR_LIB_EC, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RANDOM_NUMBER_GENERATION_FAILED", lib.ERR_LIB_EC, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHARED_INFO_ERROR", lib.ERR_LIB_EC, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SLOT_FULL", lib.ERR_LIB_EC, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNDEFINED_GENERATOR", lib.ERR_LIB_EC, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNDEFINED_ORDER", lib.ERR_LIB_EC, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_COFACTOR", lib.ERR_LIB_EC, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_GROUP", lib.ERR_LIB_EC, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_ORDER", lib.ERR_LIB_EC, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_FIELD", lib.ERR_LIB_EC, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CURVE_PARAMETERS", lib.ERR_LIB_EC, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_ORDER", lib.ERR_LIB_EC, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ALREADY_LOADED", lib.ERR_LIB_ENGINE, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ARGUMENT_IS_NOT_A_NUMBER", lib.ERR_LIB_ENGINE, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CMD_NOT_EXECUTABLE", lib.ERR_LIB_ENGINE, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMMAND_TAKES_INPUT", lib.ERR_LIB_ENGINE, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMMAND_TAKES_NO_INPUT", lib.ERR_LIB_ENGINE, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONFLICTING_ENGINE_ID", lib.ERR_LIB_ENGINE, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_COMMAND_NOT_IMPLEMENTED", lib.ERR_LIB_ENGINE, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DSO_FAILURE", lib.ERR_LIB_ENGINE, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DSO_NOT_FOUND", lib.ERR_LIB_ENGINE, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENGINES_SECTION_ERROR", lib.ERR_LIB_ENGINE, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENGINE_CONFIGURATION_ERROR", lib.ERR_LIB_ENGINE, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENGINE_IS_NOT_IN_LIST", lib.ERR_LIB_ENGINE, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENGINE_SECTION_ERROR", lib.ERR_LIB_ENGINE, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_LOADING_PRIVATE_KEY", lib.ERR_LIB_ENGINE, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_LOADING_PUBLIC_KEY", lib.ERR_LIB_ENGINE, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FINISH_FAILED", lib.ERR_LIB_ENGINE, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ID_OR_NAME_MISSING", lib.ERR_LIB_ENGINE, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INIT_FAILED", lib.ERR_LIB_ENGINE, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INTERNAL_LIST_ERROR", lib.ERR_LIB_ENGINE, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ARGUMENT", lib.ERR_LIB_ENGINE, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CMD_NAME", lib.ERR_LIB_ENGINE, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CMD_NUMBER", lib.ERR_LIB_ENGINE, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_INIT_VALUE", lib.ERR_LIB_ENGINE, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_STRING", lib.ERR_LIB_ENGINE, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_INITIALISED", lib.ERR_LIB_ENGINE, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_LOADED", lib.ERR_LIB_ENGINE, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONTROL_FUNCTION", lib.ERR_LIB_ENGINE, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_INDEX", lib.ERR_LIB_ENGINE, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_LOAD_FUNCTION", lib.ERR_LIB_ENGINE, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_REFERENCE", lib.ERR_LIB_ENGINE, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUCH_ENGINE", lib.ERR_LIB_ENGINE, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNIMPLEMENTED_CIPHER", lib.ERR_LIB_ENGINE, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNIMPLEMENTED_DIGEST", lib.ERR_LIB_ENGINE, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNIMPLEMENTED_PUBLIC_KEY_METHOD", lib.ERR_LIB_ENGINE, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VERSION_INCOMPATIBILITY", lib.ERR_LIB_ENGINE, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EMPTY_ESS_CERT_ID_LIST", lib.ERR_LIB_ESS, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_CERT_DIGEST_ERROR", lib.ERR_LIB_ESS, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_CERT_ID_NOT_FOUND", lib.ERR_LIB_ESS, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_CERT_ID_WRONG_ORDER", lib.ERR_LIB_ESS, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_DIGEST_ALG_UNKNOWN", lib.ERR_LIB_ESS, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_SIGNING_CERTIFICATE_ERROR", lib.ERR_LIB_ESS, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_SIGNING_CERT_ADD_ERROR", lib.ERR_LIB_ESS, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_SIGNING_CERT_V2_ADD_ERROR", lib.ERR_LIB_ESS, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SIGNING_CERTIFICATE_ATTRIBUTE", lib.ERR_LIB_ESS, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("AES_KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ARIA_KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_ALGORITHM_NAME", lib.ERR_LIB_EVP, 200),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DECRYPT", lib.ERR_LIB_EVP, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_KEY_LENGTH", lib.ERR_LIB_EVP, 195),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BUFFER_TOO_SMALL", lib.ERR_LIB_EVP, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CACHE_CONSTANTS_FAILED", lib.ERR_LIB_EVP, 225),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CAMELLIA_KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_GET_PARAMETERS", lib.ERR_LIB_EVP, 197),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_SET_PARAMETERS", lib.ERR_LIB_EVP, 198),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_NOT_GCM_MODE", lib.ERR_LIB_EVP, 184),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_PARAMETER_ERROR", lib.ERR_LIB_EVP, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMMAND_NOT_SUPPORTED", lib.ERR_LIB_EVP, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONFLICTING_ALGORITHM_NAME", lib.ERR_LIB_EVP, 201),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COPY_ERROR", lib.ERR_LIB_EVP, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_NOT_IMPLEMENTED", lib.ERR_LIB_EVP, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_OPERATION_NOT_IMPLEMENTED", lib.ERR_LIB_EVP, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH", lib.ERR_LIB_EVP, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_EVP, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DEFAULT_QUERY_PARSE_ERROR", lib.ERR_LIB_EVP, 210),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIFFERENT_KEY_TYPES", lib.ERR_LIB_EVP, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIFFERENT_PARAMETERS", lib.ERR_LIB_EVP, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_LOADING_SECTION", lib.ERR_LIB_EVP, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_AN_HMAC_KEY", lib.ERR_LIB_EVP, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_AN_RSA_KEY", lib.ERR_LIB_EVP, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_A_DH_KEY", lib.ERR_LIB_EVP, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_A_DSA_KEY", lib.ERR_LIB_EVP, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_A_ECX_KEY", lib.ERR_LIB_EVP, 219),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_A_EC_KEY", lib.ERR_LIB_EVP, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_A_POLY1305_KEY", lib.ERR_LIB_EVP, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_A_SIPHASH_KEY", lib.ERR_LIB_EVP, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FINAL_ERROR", lib.ERR_LIB_EVP, 188),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GENERATE_ERROR", lib.ERR_LIB_EVP, 214),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GET_RAW_KEY_FAILED", lib.ERR_LIB_EVP, 182),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_SCRYPT_PARAMETERS", lib.ERR_LIB_EVP, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INACCESSIBLE_DOMAIN_PARAMETERS", lib.ERR_LIB_EVP, 204),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INACCESSIBLE_KEY", lib.ERR_LIB_EVP, 203),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INITIALIZATION_ERROR", lib.ERR_LIB_EVP, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INPUT_NOT_INITIALIZED", lib.ERR_LIB_EVP, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CUSTOM_LENGTH", lib.ERR_LIB_EVP, 185),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST", lib.ERR_LIB_EVP, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_IV_LENGTH", lib.ERR_LIB_EVP, 194),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY", lib.ERR_LIB_EVP, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY_LENGTH", lib.ERR_LIB_EVP, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LENGTH", lib.ERR_LIB_EVP, 221),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_ALGORITHM", lib.ERR_LIB_EVP, 218),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OPERATION", lib.ERR_LIB_EVP, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PROVIDER_FUNCTIONS", lib.ERR_LIB_EVP, 193),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SALT_LENGTH", lib.ERR_LIB_EVP, 186),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SECRET_LENGTH", lib.ERR_LIB_EVP, 223),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SEED_LENGTH", lib.ERR_LIB_EVP, 220),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_VALUE", lib.ERR_LIB_EVP, 222),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEYMGMT_EXPORT_FAILURE", lib.ERR_LIB_EVP, 205),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOCKING_NOT_SUPPORTED", lib.ERR_LIB_EVP, 213),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MEMORY_LIMIT_EXCEEDED", lib.ERR_LIB_EVP, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MESSAGE_DIGEST_IS_NULL", lib.ERR_LIB_EVP, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("METHOD_NOT_SUPPORTED", lib.ERR_LIB_EVP, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PARAMETERS", lib.ERR_LIB_EVP, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_ABLE_TO_COPY_CTX", lib.ERR_LIB_EVP, 190),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_XOF_OR_INVALID_LENGTH", lib.ERR_LIB_EVP, 178),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CIPHER_SET", lib.ERR_LIB_EVP, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_DEFAULT_DIGEST", lib.ERR_LIB_EVP, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_DIGEST_SET", lib.ERR_LIB_EVP, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_IMPORT_FUNCTION", lib.ERR_LIB_EVP, 206),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_KEYMGMT_AVAILABLE", lib.ERR_LIB_EVP, 199),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_KEYMGMT_PRESENT", lib.ERR_LIB_EVP, 196),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_KEY_SET", lib.ERR_LIB_EVP, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_OPERATION_SET", lib.ERR_LIB_EVP, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_MAC_PKEY_CTX", lib.ERR_LIB_EVP, 208),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ONLY_ONESHOT_SUPPORTED", lib.ERR_LIB_EVP, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_INITIALIZED", lib.ERR_LIB_EVP, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", lib.ERR_LIB_EVP, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OUTPUT_WOULD_OVERFLOW", lib.ERR_LIB_EVP, 202),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARAMETER_TOO_LARGE", lib.ERR_LIB_EVP, 187),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARTIALLY_OVERLAPPING", lib.ERR_LIB_EVP, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PBKDF2_ERROR", lib.ERR_LIB_EVP, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED", lib.ERR_LIB_EVP, 179),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_DECODE_ERROR", lib.ERR_LIB_EVP, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_ENCODE_ERROR", lib.ERR_LIB_EVP, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PUBLIC_KEY_NOT_RSA", lib.ERR_LIB_EVP, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SETTING_XOF_FAILED", lib.ERR_LIB_EVP, 227),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SET_DEFAULT_PROPERTY_FAILURE", lib.ERR_LIB_EVP, 209),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_RECORDS", lib.ERR_LIB_EVP, 183),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_ENABLE_LOCKING", lib.ERR_LIB_EVP, 212),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE", lib.ERR_LIB_EVP, 215),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_RANDOM_STRENGTH", lib.ERR_LIB_EVP, 216),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LOCK_CONTEXT", lib.ERR_LIB_EVP, 211),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_SET_CALLBACKS", lib.ERR_LIB_EVP, 217),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CIPHER", lib.ERR_LIB_EVP, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST", lib.ERR_LIB_EVP, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_KEY_TYPE", lib.ERR_LIB_EVP, 207),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_OPTION", lib.ERR_LIB_EVP, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PBE_ALGORITHM", lib.ERR_LIB_EVP, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_EVP, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_EVP, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEYLENGTH", lib.ERR_LIB_EVP, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_DERIVATION_FUNCTION", lib.ERR_LIB_EVP, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_SIZE", lib.ERR_LIB_EVP, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_TYPE", lib.ERR_LIB_EVP, 224),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_NUMBER_OF_ROUNDS", lib.ERR_LIB_EVP, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PRF", lib.ERR_LIB_EVP, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PRIVATE_KEY_ALGORITHM", lib.ERR_LIB_EVP, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_SALT_TYPE", lib.ERR_LIB_EVP, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UPDATE_ERROR", lib.ERR_LIB_EVP, 189),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRAP_MODE_NOT_ALLOWED", lib.ERR_LIB_EVP, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_FINAL_BLOCK_LENGTH", lib.ERR_LIB_EVP, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("XTS_DATA_UNIT_IS_TOO_LARGE", lib.ERR_LIB_EVP, 191),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("XTS_DUPLICATED_KEYS", lib.ERR_LIB_EVP, 192),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASN1_LEN_EXCEEDS_MAX_RESP_LEN", lib.ERR_LIB_HTTP, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONNECT_FAILURE", lib.ERR_LIB_HTTP, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_PARSING_ASN1_LENGTH", lib.ERR_LIB_HTTP, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_PARSING_CONTENT_LENGTH", lib.ERR_LIB_HTTP, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_PARSING_URL", lib.ERR_LIB_HTTP, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_RECEIVING", lib.ERR_LIB_HTTP, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SENDING", lib.ERR_LIB_HTTP, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_READING_DATA", lib.ERR_LIB_HTTP, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HEADER_PARSE_ERROR", lib.ERR_LIB_HTTP, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCONSISTENT_CONTENT_LENGTH", lib.ERR_LIB_HTTP, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PORT_NUMBER", lib.ERR_LIB_HTTP, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_URL_PATH", lib.ERR_LIB_HTTP, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_URL_SCHEME", lib.ERR_LIB_HTTP, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MAX_RESP_LEN_EXCEEDED", lib.ERR_LIB_HTTP, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_ASN1_ENCODING", lib.ERR_LIB_HTTP, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CONTENT_TYPE", lib.ERR_LIB_HTTP, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_REDIRECT_LOCATION", lib.ERR_LIB_HTTP, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECEIVED_ERROR", lib.ERR_LIB_HTTP, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECEIVED_WRONG_HTTP_VERSION", lib.ERR_LIB_HTTP, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REDIRECTION_FROM_HTTPS_TO_HTTP", lib.ERR_LIB_HTTP, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REDIRECTION_NOT_ENABLED", lib.ERR_LIB_HTTP, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESPONSE_LINE_TOO_LONG", lib.ERR_LIB_HTTP, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESPONSE_PARSE_ERROR", lib.ERR_LIB_HTTP, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SERVER_CANCELED_CONNECTION", lib.ERR_LIB_HTTP, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SOCK_NOT_SUPPORTED", lib.ERR_LIB_HTTP, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STATUS_CODE_UNSUPPORTED", lib.ERR_LIB_HTTP, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLS_NOT_ENABLED", lib.ERR_LIB_HTTP, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_REDIRECTIONS", lib.ERR_LIB_HTTP, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_CONTENT_TYPE", lib.ERR_LIB_HTTP, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OID_EXISTS", lib.ERR_LIB_OBJ, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_NID", lib.ERR_LIB_OBJ, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_OBJECT_NAME", lib.ERR_LIB_OBJ, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_OCSP, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_ERR", lib.ERR_LIB_OCSP, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_NAME_ERR", lib.ERR_LIB_OCSP, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_SIZE_ERR", lib.ERR_LIB_OCSP, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_IN_NEXTUPDATE_FIELD", lib.ERR_LIB_OCSP, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_IN_THISUPDATE_FIELD", lib.ERR_LIB_OCSP, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_OCSPSIGNING_USAGE", lib.ERR_LIB_OCSP, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NEXTUPDATE_BEFORE_THISUPDATE", lib.ERR_LIB_OCSP, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_BASIC_RESPONSE", lib.ERR_LIB_OCSP, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERTIFICATES_IN_CHAIN", lib.ERR_LIB_OCSP, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_RESPONSE_DATA", lib.ERR_LIB_OCSP, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_REVOKED_TIME", lib.ERR_LIB_OCSP, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SIGNER_KEY", lib.ERR_LIB_OCSP, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_OCSP, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_NOT_SIGNED", lib.ERR_LIB_OCSP, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESPONSE_CONTAINS_NO_REVOCATION_DATA", lib.ERR_LIB_OCSP, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ROOT_CA_NOT_TRUSTED", lib.ERR_LIB_OCSP, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNATURE_FAILURE", lib.ERR_LIB_OCSP, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNER_CERTIFICATE_NOT_FOUND", lib.ERR_LIB_OCSP, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STATUS_EXPIRED", lib.ERR_LIB_OCSP, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STATUS_NOT_YET_VALID", lib.ERR_LIB_OCSP, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STATUS_TOO_OLD", lib.ERR_LIB_OCSP, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_MESSAGE_DIGEST", lib.ERR_LIB_OCSP, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_NID", lib.ERR_LIB_OCSP, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_REQUESTORNAME_TYPE", lib.ERR_LIB_OCSP, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COULD_NOT_DECODE_OBJECT", lib.ERR_LIB_OSSL_DECODER, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODER_NOT_FOUND", lib.ERR_LIB_OSSL_DECODER, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_GET_PARAMS", lib.ERR_LIB_OSSL_DECODER, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCODER_NOT_FOUND", lib.ERR_LIB_OSSL_ENCODER, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCORRECT_PROPERTY_QUERY", lib.ERR_LIB_OSSL_ENCODER, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_GET_PARAMS", lib.ERR_LIB_OSSL_ENCODER, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("AMBIGUOUS_CONTENT_TYPE", lib.ERR_LIB_OSSL_STORE, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PASSWORD_READ", lib.ERR_LIB_OSSL_STORE, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_VERIFYING_PKCS12_MAC", lib.ERR_LIB_OSSL_STORE, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST", lib.ERR_LIB_OSSL_STORE, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SCHEME", lib.ERR_LIB_OSSL_STORE, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IS_NOT_A", lib.ERR_LIB_OSSL_STORE, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOADER_INCOMPLETE", lib.ERR_LIB_OSSL_STORE, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOADING_STARTED", lib.ERR_LIB_OSSL_STORE, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_CERTIFICATE", lib.ERR_LIB_OSSL_STORE, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_CRL", lib.ERR_LIB_OSSL_STORE, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_NAME", lib.ERR_LIB_OSSL_STORE, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_PRIVATE_KEY", lib.ERR_LIB_OSSL_STORE, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_PUBLIC_KEY", lib.ERR_LIB_OSSL_STORE, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_PARAMETERS", lib.ERR_LIB_OSSL_STORE, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_LOADERS_FOUND", lib.ERR_LIB_OSSL_STORE, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PASSPHRASE_CALLBACK_ERROR", lib.ERR_LIB_OSSL_STORE, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PATH_MUST_BE_ABSOLUTE", lib.ERR_LIB_OSSL_STORE, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", lib.ERR_LIB_OSSL_STORE, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UI_PROCESS_INTERRUPTED_OR_CANCELLED", lib.ERR_LIB_OSSL_STORE, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNREGISTERED_SCHEME", lib.ERR_LIB_OSSL_STORE, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CONTENT_TYPE", lib.ERR_LIB_OSSL_STORE, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_OPERATION", lib.ERR_LIB_OSSL_STORE, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_SEARCH_TYPE", lib.ERR_LIB_OSSL_STORE, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("URI_AUTHORITY_UNSUPPORTED", lib.ERR_LIB_OSSL_STORE, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_BASE64_DECODE", lib.ERR_LIB_PEM, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DECRYPT", lib.ERR_LIB_PEM, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_END_LINE", lib.ERR_LIB_PEM, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_IV_CHARS", lib.ERR_LIB_PEM, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_MAGIC_NUMBER", lib.ERR_LIB_PEM, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PASSWORD_READ", lib.ERR_LIB_PEM, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_VERSION_NUMBER", lib.ERR_LIB_PEM, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BIO_WRITE_FAILURE", lib.ERR_LIB_PEM, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_IS_NULL", lib.ERR_LIB_PEM, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CONVERTING_PRIVATE_KEY", lib.ERR_LIB_PEM, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_DSS_KEY_BLOB", lib.ERR_LIB_PEM, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_PRIVATE_KEY_BLOB", lib.ERR_LIB_PEM, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_PUBLIC_KEY_BLOB", lib.ERR_LIB_PEM, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTING_RSA_KEY_BLOB", lib.ERR_LIB_PEM, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HEADER_TOO_LONG", lib.ERR_LIB_PEM, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCONSISTENT_HEADER", lib.ERR_LIB_PEM, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEYBLOB_HEADER_PARSE_ERROR", lib.ERR_LIB_PEM, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEYBLOB_TOO_SHORT", lib.ERR_LIB_PEM, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_DEK_IV", lib.ERR_LIB_PEM, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_DEK_INFO", lib.ERR_LIB_PEM, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_ENCRYPTED", lib.ERR_LIB_PEM, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_PROC_TYPE", lib.ERR_LIB_PEM, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_START_LINE", lib.ERR_LIB_PEM, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROBLEMS_GETTING_PASSWORD", lib.ERR_LIB_PEM, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PVK_DATA_TOO_SHORT", lib.ERR_LIB_PEM, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PVK_TOO_SHORT", lib.ERR_LIB_PEM, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("READ_KEY", lib.ERR_LIB_PEM, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHORT_HEADER", lib.ERR_LIB_PEM, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_DEK_IV", lib.ERR_LIB_PEM, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_PEM, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ENCRYPTION", lib.ERR_LIB_PEM, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_COMPONENTS", lib.ERR_LIB_PEM, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PUBLIC_KEY_TYPE", lib.ERR_LIB_PEM, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANT_PACK_STRUCTURE", lib.ERR_LIB_PKCS12, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_TYPE_NOT_DATA", lib.ERR_LIB_PKCS12, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECODE_ERROR", lib.ERR_LIB_PKCS12, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCODE_ERROR", lib.ERR_LIB_PKCS12, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCRYPT_ERROR", lib.ERR_LIB_PKCS12, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_ENCRYPTED_DATA_TYPE", lib.ERR_LIB_PKCS12, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_ARGUMENT", lib.ERR_LIB_PKCS12, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_PKCS12_POINTER", lib.ERR_LIB_PKCS12, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TYPE", lib.ERR_LIB_PKCS12, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IV_GEN_ERROR", lib.ERR_LIB_PKCS12, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_GEN_ERROR", lib.ERR_LIB_PKCS12, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MAC_ABSENT", lib.ERR_LIB_PKCS12, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MAC_GENERATION_ERROR", lib.ERR_LIB_PKCS12, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MAC_SETUP_ERROR", lib.ERR_LIB_PKCS12, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MAC_STRING_SET_ERROR", lib.ERR_LIB_PKCS12, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MAC_VERIFY_FAILURE", lib.ERR_LIB_PKCS12, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARSE_ERROR", lib.ERR_LIB_PKCS12, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS12_CIPHERFINAL_ERROR", lib.ERR_LIB_PKCS12, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST_ALGORITHM", lib.ERR_LIB_PKCS12, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PKCS12_MODE", lib.ERR_LIB_PKCS12, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_PKCS7, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_HAS_NO_OBJECT_IDENTIFIER", lib.ERR_LIB_PKCS7, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_NOT_INITIALIZED", lib.ERR_LIB_PKCS7, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTENT_AND_DATA_PRESENT", lib.ERR_LIB_PKCS7, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CTRL_ERROR", lib.ERR_LIB_PKCS7, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECRYPT_ERROR", lib.ERR_LIB_PKCS7, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_FAILURE", lib.ERR_LIB_PKCS7, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCRYPTION_CTRL_FAILURE", lib.ERR_LIB_PKCS7, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", lib.ERR_LIB_PKCS7, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_ADDING_RECIPIENT", lib.ERR_LIB_PKCS7, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_CIPHER", lib.ERR_LIB_PKCS7, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_POINTER", lib.ERR_LIB_PKCS7, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SIGNED_DATA_TYPE", lib.ERR_LIB_PKCS7, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONTENT", lib.ERR_LIB_PKCS7, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_DEFAULT_DIGEST", lib.ERR_LIB_PKCS7, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MATCHING_DIGEST_TYPE_FOUND", lib.ERR_LIB_PKCS7, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_RECIPIENT_MATCHES_CERTIFICATE", lib.ERR_LIB_PKCS7, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SIGNATURES_ON_DATA", lib.ERR_LIB_PKCS7, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SIGNERS", lib.ERR_LIB_PKCS7, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_SUPPORTED_ON_THIS_TYPE", lib.ERR_LIB_PKCS7, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7_ADD_SIGNATURE_ERROR", lib.ERR_LIB_PKCS7, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7_ADD_SIGNER_ERROR", lib.ERR_LIB_PKCS7, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7_DATASIGN", lib.ERR_LIB_PKCS7, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_PKCS7, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNATURE_FAILURE", lib.ERR_LIB_PKCS7, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNER_CERTIFICATE_NOT_FOUND", lib.ERR_LIB_PKCS7, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNING_CTRL_FAILURE", lib.ERR_LIB_PKCS7, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", lib.ERR_LIB_PKCS7, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SMIME_TEXT_ERROR", lib.ERR_LIB_PKCS7, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_CERTIFICATE", lib.ERR_LIB_PKCS7, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_MEM_BIO", lib.ERR_LIB_PKCS7, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_MESSAGE_DIGEST", lib.ERR_LIB_PKCS7, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST_TYPE", lib.ERR_LIB_PKCS7, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_OPERATION", lib.ERR_LIB_PKCS7, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CIPHER_TYPE", lib.ERR_LIB_PKCS7, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CONTENT_TYPE", lib.ERR_LIB_PKCS7, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CONTENT_TYPE", lib.ERR_LIB_PKCS7, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_PKCS7_TYPE", lib.ERR_LIB_PKCS7, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NAME_TOO_LONG", lib.ERR_LIB_PROP, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_AN_ASCII_CHARACTER", lib.ERR_LIB_PROP, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_AN_HEXADECIMAL_DIGIT", lib.ERR_LIB_PROP, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_AN_IDENTIFIER", lib.ERR_LIB_PROP, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_AN_OCTAL_DIGIT", lib.ERR_LIB_PROP, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_DECIMAL_DIGIT", lib.ERR_LIB_PROP, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_MATCHING_STRING_DELIMITER", lib.ERR_LIB_PROP, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_VALUE", lib.ERR_LIB_PROP, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARSE_FAILED", lib.ERR_LIB_PROP, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STRING_TOO_LONG", lib.ERR_LIB_PROP, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TRAILING_CHARACTERS", lib.ERR_LIB_PROP, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ADDITIONAL_INPUT_TOO_LONG", lib.ERR_LIB_PROV, 184),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ALGORITHM_MISMATCH", lib.ERR_LIB_PROV, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ALREADY_INSTANTIATED", lib.ERR_LIB_PROV, 185),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DECRYPT", lib.ERR_LIB_PROV, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_ENCODING", lib.ERR_LIB_PROV, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_LENGTH", lib.ERR_LIB_PROV, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_TLS_CLIENT_VERSION", lib.ERR_LIB_PROV, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_ERROR", lib.ERR_LIB_PROV, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_OPERATION_FAILED", lib.ERR_LIB_PROV, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DERIVATION_FUNCTION_INIT_FAILED", lib.ERR_LIB_PROV, 205),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_NOT_ALLOWED", lib.ERR_LIB_PROV, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENTROPY_SOURCE_STRENGTH_TOO_WEAK", lib.ERR_LIB_PROV, 186),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_INSTANTIATING_DRBG", lib.ERR_LIB_PROV, 188),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_RETRIEVING_ENTROPY", lib.ERR_LIB_PROV, 189),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_RETRIEVING_NONCE", lib.ERR_LIB_PROV, 190),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_DURING_DERIVATION", lib.ERR_LIB_PROV, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_CREATE_LOCK", lib.ERR_LIB_PROV, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_DECRYPT", lib.ERR_LIB_PROV, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_GENERATE_KEY", lib.ERR_LIB_PROV, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_GET_PARAMETER", lib.ERR_LIB_PROV, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_SET_PARAMETER", lib.ERR_LIB_PROV, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_SIGN", lib.ERR_LIB_PROV, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIPS_MODULE_CONDITIONAL_ERROR", lib.ERR_LIB_PROV, 227),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIPS_MODULE_ENTERING_ERROR_STATE", lib.ERR_LIB_PROV, 224),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIPS_MODULE_IN_ERROR_STATE", lib.ERR_LIB_PROV, 225),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GENERATE_ERROR", lib.ERR_LIB_PROV, 191),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", lib.ERR_LIB_PROV, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INDICATOR_INTEGRITY_FAILURE", lib.ERR_LIB_PROV, 210),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INSUFFICIENT_DRBG_STRENGTH", lib.ERR_LIB_PROV, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_AAD", lib.ERR_LIB_PROV, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CONFIG_DATA", lib.ERR_LIB_PROV, 211),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CONSTANT_LENGTH", lib.ERR_LIB_PROV, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CURVE", lib.ERR_LIB_PROV, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CUSTOM_LENGTH", lib.ERR_LIB_PROV, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DATA", lib.ERR_LIB_PROV, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST", lib.ERR_LIB_PROV, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST_LENGTH", lib.ERR_LIB_PROV, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST_SIZE", lib.ERR_LIB_PROV, 218),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_INPUT_LENGTH", lib.ERR_LIB_PROV, 230),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ITERATION_COUNT", lib.ERR_LIB_PROV, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_IV_LENGTH", lib.ERR_LIB_PROV, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY", lib.ERR_LIB_PROV, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY_LENGTH", lib.ERR_LIB_PROV, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MAC", lib.ERR_LIB_PROV, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MGF1_MD", lib.ERR_LIB_PROV, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MODE", lib.ERR_LIB_PROV, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OUTPUT_LENGTH", lib.ERR_LIB_PROV, 217),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PADDING_MODE", lib.ERR_LIB_PROV, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PUBINFO", lib.ERR_LIB_PROV, 198),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SALT_LENGTH", lib.ERR_LIB_PROV, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SEED_LENGTH", lib.ERR_LIB_PROV, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SIGNATURE_SIZE", lib.ERR_LIB_PROV, 179),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_STATE", lib.ERR_LIB_PROV, 212),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TAG", lib.ERR_LIB_PROV, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TAG_LENGTH", lib.ERR_LIB_PROV, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_UKM_LENGTH", lib.ERR_LIB_PROV, 200),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_X931_DIGEST", lib.ERR_LIB_PROV, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IN_ERROR_STATE", lib.ERR_LIB_PROV, 192),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_SETUP_FAILED", lib.ERR_LIB_PROV, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_SIZE_TOO_SMALL", lib.ERR_LIB_PROV, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LENGTH_TOO_LARGE", lib.ERR_LIB_PROV, 202),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISMATCHING_DOMAIN_PARAMETERS", lib.ERR_LIB_PROV, 203),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CEK_ALG", lib.ERR_LIB_PROV, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CIPHER", lib.ERR_LIB_PROV, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CONFIG_DATA", lib.ERR_LIB_PROV, 213),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_CONSTANT", lib.ERR_LIB_PROV, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_KEY", lib.ERR_LIB_PROV, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_MAC", lib.ERR_LIB_PROV, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_MESSAGE_DIGEST", lib.ERR_LIB_PROV, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_OID", lib.ERR_LIB_PROV, 209),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PASS", lib.ERR_LIB_PROV, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SALT", lib.ERR_LIB_PROV, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SECRET", lib.ERR_LIB_PROV, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SEED", lib.ERR_LIB_PROV, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SESSION_ID", lib.ERR_LIB_PROV, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_TYPE", lib.ERR_LIB_PROV, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_XCGHASH", lib.ERR_LIB_PROV, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MODULE_INTEGRITY_FAILURE", lib.ERR_LIB_PROV, 214),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_PRIVATE_KEY", lib.ERR_LIB_PROV, 221),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_PUBLIC_KEY", lib.ERR_LIB_PROV, 220),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_INSTANTIATED", lib.ERR_LIB_PROV, 193),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_PARAMETERS", lib.ERR_LIB_PROV, 226),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_SUPPORTED", lib.ERR_LIB_PROV, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_XOF_OR_INVALID_LENGTH", lib.ERR_LIB_PROV, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_KEY_SET", lib.ERR_LIB_PROV, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PARAMETERS_SET", lib.ERR_LIB_PROV, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", lib.ERR_LIB_PROV, 178),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OUTPUT_BUFFER_TOO_SMALL", lib.ERR_LIB_PROV, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARENT_CANNOT_GENERATE_RANDOM_NUMBERS", lib.ERR_LIB_PROV, 228),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARENT_CANNOT_SUPPLY_ENTROPY_SEED", lib.ERR_LIB_PROV, 187),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARENT_LOCKING_NOT_ENABLED", lib.ERR_LIB_PROV, 182),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARENT_STRENGTH_TOO_WEAK", lib.ERR_LIB_PROV, 194),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PATH_MUST_BE_ABSOLUTE", lib.ERR_LIB_PROV, 219),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PERSONALISATION_STRING_TOO_LONG", lib.ERR_LIB_PROV, 195),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PSS_SALTLEN_TOO_SMALL", lib.ERR_LIB_PROV, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_TOO_LARGE_FOR_DRBG", lib.ERR_LIB_PROV, 196),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUIRE_CTR_MODE_CIPHER", lib.ERR_LIB_PROV, 206),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESEED_ERROR", lib.ERR_LIB_PROV, 197),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", lib.ERR_LIB_PROV, 222),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SEED_SOURCES_MUST_NOT_HAVE_A_PARENT", lib.ERR_LIB_PROV, 229),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SELF_TEST_KAT_FAILURE", lib.ERR_LIB_PROV, 215),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SELF_TEST_POST_FAILURE", lib.ERR_LIB_PROV, 216),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TAG_NOT_NEEDED", lib.ERR_LIB_PROV, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TAG_NOT_SET", lib.ERR_LIB_PROV, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_RECORDS", lib.ERR_LIB_PROV, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_CIPHERS", lib.ERR_LIB_PROV, 207),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_PARENT_STRENGTH", lib.ERR_LIB_PROV, 199),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_PASSPHRASE", lib.ERR_LIB_PROV, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_INITIALISE_CIPHERS", lib.ERR_LIB_PROV, 208),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LOAD_SHA256", lib.ERR_LIB_PROV, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LOCK_PARENT", lib.ERR_LIB_PROV, 201),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_RESEED", lib.ERR_LIB_PROV, 204),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_CEK_ALG", lib.ERR_LIB_PROV, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_KEY_SIZE", lib.ERR_LIB_PROV, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_MAC_TYPE", lib.ERR_LIB_PROV, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_NUMBER_OF_ROUNDS", lib.ERR_LIB_PROV, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("URI_AUTHORITY_UNSUPPORTED", lib.ERR_LIB_PROV, 223),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VALUE_ERROR", lib.ERR_LIB_PROV, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_FINAL_BLOCK_LENGTH", lib.ERR_LIB_PROV, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_OUTPUT_BUFFER_SIZE", lib.ERR_LIB_PROV, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("XOF_DIGESTS_NOT_ALLOWED", lib.ERR_LIB_PROV, 183),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("XTS_DATA_UNIT_IS_TOO_LARGE", lib.ERR_LIB_PROV, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("XTS_DUPLICATED_KEYS", lib.ERR_LIB_PROV, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ADDITIONAL_INPUT_TOO_LONG", lib.ERR_LIB_RAND, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ALREADY_INSTANTIATED", lib.ERR_LIB_RAND, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ARGUMENT_OUT_OF_RANGE", lib.ERR_LIB_RAND, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_OPEN_FILE", lib.ERR_LIB_RAND, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DRBG_ALREADY_INITIALIZED", lib.ERR_LIB_RAND, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DRBG_NOT_INITIALISED", lib.ERR_LIB_RAND, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENTROPY_INPUT_TOO_LONG", lib.ERR_LIB_RAND, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENTROPY_OUT_OF_RANGE", lib.ERR_LIB_RAND, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_ENTROPY_POOL_WAS_IGNORED", lib.ERR_LIB_RAND, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_INITIALISING_DRBG", lib.ERR_LIB_RAND, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_INSTANTIATING_DRBG", lib.ERR_LIB_RAND, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_RETRIEVING_ADDITIONAL_INPUT", lib.ERR_LIB_RAND, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_RETRIEVING_ENTROPY", lib.ERR_LIB_RAND, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_RETRIEVING_NONCE", lib.ERR_LIB_RAND, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_CREATE_LOCK", lib.ERR_LIB_RAND, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FUNC_NOT_IMPLEMENTED", lib.ERR_LIB_RAND, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FWRITE_ERROR", lib.ERR_LIB_RAND, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GENERATE_ERROR", lib.ERR_LIB_RAND, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INSUFFICIENT_DRBG_STRENGTH", lib.ERR_LIB_RAND, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INTERNAL_ERROR", lib.ERR_LIB_RAND, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IN_ERROR_STATE", lib.ERR_LIB_RAND, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_A_REGULAR_FILE", lib.ERR_LIB_RAND, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_INSTANTIATED", lib.ERR_LIB_RAND, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_DRBG_IMPLEMENTATION_SELECTED", lib.ERR_LIB_RAND, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARENT_LOCKING_NOT_ENABLED", lib.ERR_LIB_RAND, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARENT_STRENGTH_TOO_WEAK", lib.ERR_LIB_RAND, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PERSONALISATION_STRING_TOO_LONG", lib.ERR_LIB_RAND, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PREDICTION_RESISTANCE_NOT_SUPPORTED", lib.ERR_LIB_RAND, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRNG_NOT_SEEDED", lib.ERR_LIB_RAND, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RANDOM_POOL_OVERFLOW", lib.ERR_LIB_RAND, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RANDOM_POOL_UNDERFLOW", lib.ERR_LIB_RAND, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_TOO_LARGE_FOR_DRBG", lib.ERR_LIB_RAND, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESEED_ERROR", lib.ERR_LIB_RAND, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SELFTEST_FAILURE", lib.ERR_LIB_RAND, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_LITTLE_NONCE_REQUESTED", lib.ERR_LIB_RAND, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MUCH_NONCE_REQUESTED", lib.ERR_LIB_RAND, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_CREATE_DRBG", lib.ERR_LIB_RAND, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FETCH_DRBG", lib.ERR_LIB_RAND, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER", lib.ERR_LIB_RAND, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_PARENT_STRENGTH", lib.ERR_LIB_RAND, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LOCK_PARENT", lib.ERR_LIB_RAND, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_DRBG_FLAGS", lib.ERR_LIB_RAND, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_DRBG_TYPE", lib.ERR_LIB_RAND, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ALGORITHM_MISMATCH", lib.ERR_LIB_RSA, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_E_VALUE", lib.ERR_LIB_RSA, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_FIXED_HEADER_DECRYPT", lib.ERR_LIB_RSA, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PAD_BYTE_COUNT", lib.ERR_LIB_RSA, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SIGNATURE", lib.ERR_LIB_RSA, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BLOCK_TYPE_IS_NOT_01", lib.ERR_LIB_RSA, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BLOCK_TYPE_IS_NOT_02", lib.ERR_LIB_RSA, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_GREATER_THAN_MOD_LEN", lib.ERR_LIB_RSA, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_TOO_LARGE", lib.ERR_LIB_RSA, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_TOO_LARGE_FOR_KEY_SIZE", lib.ERR_LIB_RSA, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_TOO_LARGE_FOR_MODULUS", lib.ERR_LIB_RSA, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_TOO_SMALL", lib.ERR_LIB_RSA, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_TOO_SMALL_FOR_KEY_SIZE", lib.ERR_LIB_RSA, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_DOES_NOT_MATCH", lib.ERR_LIB_RSA, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_NOT_ALLOWED", lib.ERR_LIB_RSA, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_TOO_BIG_FOR_RSA_KEY", lib.ERR_LIB_RSA, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DMP1_NOT_CONGRUENT_TO_D", lib.ERR_LIB_RSA, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DMQ1_NOT_CONGRUENT_TO_D", lib.ERR_LIB_RSA, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("D_E_NOT_CONGRUENT_TO_1", lib.ERR_LIB_RSA, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FIRST_OCTET_INVALID", lib.ERR_LIB_RSA, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", lib.ERR_LIB_RSA, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST", lib.ERR_LIB_RSA, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST_LENGTH", lib.ERR_LIB_RSA, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_HEADER", lib.ERR_LIB_RSA, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEYPAIR", lib.ERR_LIB_RSA, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY_LENGTH", lib.ERR_LIB_RSA, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LABEL", lib.ERR_LIB_RSA, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_LENGTH", lib.ERR_LIB_RSA, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MESSAGE_LENGTH", lib.ERR_LIB_RSA, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MGF1_MD", lib.ERR_LIB_RSA, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MODULUS", lib.ERR_LIB_RSA, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MULTI_PRIME_KEY", lib.ERR_LIB_RSA, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OAEP_PARAMETERS", lib.ERR_LIB_RSA, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PADDING", lib.ERR_LIB_RSA, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PADDING_MODE", lib.ERR_LIB_RSA, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PSS_PARAMETERS", lib.ERR_LIB_RSA, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PSS_SALTLEN", lib.ERR_LIB_RSA, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_REQUEST", lib.ERR_LIB_RSA, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SALT_LENGTH", lib.ERR_LIB_RSA, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_STRENGTH", lib.ERR_LIB_RSA, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TRAILER", lib.ERR_LIB_RSA, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_X931_DIGEST", lib.ERR_LIB_RSA, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IQMP_NOT_INVERSE_OF_Q", lib.ERR_LIB_RSA, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_PRIME_NUM_INVALID", lib.ERR_LIB_RSA, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_SIZE_TOO_SMALL", lib.ERR_LIB_RSA, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LAST_OCTET_INVALID", lib.ERR_LIB_RSA, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MGF1_DIGEST_NOT_ALLOWED", lib.ERR_LIB_RSA, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_RSA, 179),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MODULUS_TOO_LARGE", lib.ERR_LIB_RSA, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MP_COEFFICIENT_NOT_INVERSE_OF_R", lib.ERR_LIB_RSA, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MP_EXPONENT_NOT_CONGRUENT_TO_D", lib.ERR_LIB_RSA, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MP_R_NOT_PRIME", lib.ERR_LIB_RSA, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PUBLIC_EXPONENT", lib.ERR_LIB_RSA, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_BEFORE_BLOCK_MISSING", lib.ERR_LIB_RSA, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES", lib.ERR_LIB_RSA, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("N_DOES_NOT_EQUAL_P_Q", lib.ERR_LIB_RSA, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OAEP_DECODING_ERROR", lib.ERR_LIB_RSA, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", lib.ERR_LIB_RSA, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PADDING_CHECK_FAILED", lib.ERR_LIB_RSA, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PAIRWISE_TEST_FAILURE", lib.ERR_LIB_RSA, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS_DECODING_ERROR", lib.ERR_LIB_RSA, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PSS_SALTLEN_TOO_SMALL", lib.ERR_LIB_RSA, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PUB_EXPONENT_OUT_OF_RANGE", lib.ERR_LIB_RSA, 178),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("P_NOT_PRIME", lib.ERR_LIB_RSA, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("Q_NOT_PRIME", lib.ERR_LIB_RSA, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT", lib.ERR_LIB_RSA, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RSA_OPERATIONS_NOT_SUPPORTED", lib.ERR_LIB_RSA, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SLEN_CHECK_FAILED", lib.ERR_LIB_RSA, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SLEN_RECOVERY_FAILED", lib.ERR_LIB_RSA, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ROLLBACK_ATTACK", lib.ERR_LIB_RSA, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", lib.ERR_LIB_RSA, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_ALGORITHM_TYPE", lib.ERR_LIB_RSA, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST", lib.ERR_LIB_RSA, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_MASK_DIGEST", lib.ERR_LIB_RSA, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PADDING_TYPE", lib.ERR_LIB_RSA, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ENCRYPTION_TYPE", lib.ERR_LIB_RSA, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_LABEL_SOURCE", lib.ERR_LIB_RSA, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_MASK_ALGORITHM", lib.ERR_LIB_RSA, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_MASK_PARAMETER", lib.ERR_LIB_RSA, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_SIGNATURE_TYPE", lib.ERR_LIB_RSA, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VALUE_MISSING", lib.ERR_LIB_RSA, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_SIGNATURE_LENGTH", lib.ERR_LIB_RSA, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ASN1_ERROR", lib.ERR_LIB_SM2, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SIGNATURE", lib.ERR_LIB_SM2, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BUFFER_TOO_SMALL", lib.ERR_LIB_SM2, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIST_ID_TOO_LARGE", lib.ERR_LIB_SM2, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ID_NOT_SET", lib.ERR_LIB_SM2, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ID_TOO_LARGE", lib.ERR_LIB_SM2, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CURVE", lib.ERR_LIB_SM2, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST", lib.ERR_LIB_SM2, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIGEST_TYPE", lib.ERR_LIB_SM2, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ENCODING", lib.ERR_LIB_SM2, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_FIELD", lib.ERR_LIB_SM2, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PRIVATE_KEY", lib.ERR_LIB_SM2, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PARAMETERS_SET", lib.ERR_LIB_SM2, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("USER_ID_TOO_LARGE", lib.ERR_LIB_SM2, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("APPLICATION_DATA_AFTER_CLOSE_NOTIFY", lib.ERR_LIB_SSL, 291),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("APP_DATA_IN_HANDSHAKE", lib.ERR_LIB_SSL, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", lib.ERR_LIB_SSL, 272),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE", lib.ERR_LIB_SSL, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_CHANGE_CIPHER_SPEC", lib.ERR_LIB_SSL, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_CIPHER", lib.ERR_LIB_SSL, 186),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DATA", lib.ERR_LIB_SSL, 390),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DATA_RETURNED_BY_CALLBACK", lib.ERR_LIB_SSL, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DECOMPRESSION", lib.ERR_LIB_SSL, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DH_VALUE", lib.ERR_LIB_SSL, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_DIGEST_LENGTH", lib.ERR_LIB_SSL, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_EARLY_DATA", lib.ERR_LIB_SSL, 233),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_ECC_CERT", lib.ERR_LIB_SSL, 304),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_ECPOINT", lib.ERR_LIB_SSL, 306),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_EXTENSION", lib.ERR_LIB_SSL, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_HANDSHAKE_LENGTH", lib.ERR_LIB_SSL, 332),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_HANDSHAKE_STATE", lib.ERR_LIB_SSL, 236),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_HELLO_REQUEST", lib.ERR_LIB_SSL, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_HRR_VERSION", lib.ERR_LIB_SSL, 263),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_KEY_SHARE", lib.ERR_LIB_SSL, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_KEY_UPDATE", lib.ERR_LIB_SSL, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_LEGACY_VERSION", lib.ERR_LIB_SSL, 292),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_LENGTH", lib.ERR_LIB_SSL, 271),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PACKET", lib.ERR_LIB_SSL, 240),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PACKET_LENGTH", lib.ERR_LIB_SSL, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PROTOCOL_VERSION_NUMBER", lib.ERR_LIB_SSL, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PSK", lib.ERR_LIB_SSL, 219),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PSK_IDENTITY", lib.ERR_LIB_SSL, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_RECORD_TYPE", lib.ERR_LIB_SSL, 443),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_RSA_ENCRYPT", lib.ERR_LIB_SSL, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SIGNATURE", lib.ERR_LIB_SSL, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SRP_A_LENGTH", lib.ERR_LIB_SSL, 347),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SRP_PARAMETERS", lib.ERR_LIB_SSL, 371),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SRTP_MKI_VALUE", lib.ERR_LIB_SSL, 352),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 353),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SSL_FILETYPE", lib.ERR_LIB_SSL, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_VALUE", lib.ERR_LIB_SSL, 384),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_WRITE_RETRY", lib.ERR_LIB_SSL, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BINDER_DOES_NOT_VERIFY", lib.ERR_LIB_SSL, 253),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BIO_NOT_SET", lib.ERR_LIB_SSL, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BLOCK_CIPHER_PAD_IS_WRONG", lib.ERR_LIB_SSL, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_LIB", lib.ERR_LIB_SSL, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CALLBACK_FAILED", lib.ERR_LIB_SSL, 234),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_CHANGE_CIPHER", lib.ERR_LIB_SSL, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_GET_GROUP_NAME", lib.ERR_LIB_SSL, 299),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CA_DN_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CA_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 397),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CA_MD_TOO_WEAK", lib.ERR_LIB_SSL, 398),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CCS_RECEIVED_EARLY", lib.ERR_LIB_SSL, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_VERIFY_FAILED", lib.ERR_LIB_SSL, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERT_CB_ERROR", lib.ERR_LIB_SSL, 377),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERT_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHERSUITE_DIGEST_HAS_CHANGED", lib.ERR_LIB_SSL, 218),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CIPHER_CODE_WRONG_LENGTH", lib.ERR_LIB_SSL, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CLIENTHELLO_TLSEXT", lib.ERR_LIB_SSL, 226),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMPRESSED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMPRESSION_DISABLED", lib.ERR_LIB_SSL, 343),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMPRESSION_FAILURE", lib.ERR_LIB_SSL, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", lib.ERR_LIB_SSL, 307),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMPRESSION_LIBRARY_ERROR", lib.ERR_LIB_SSL, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONNECTION_TYPE_NOT_SET", lib.ERR_LIB_SSL, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CONTEXT_NOT_DANE_ENABLED", lib.ERR_LIB_SSL, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COOKIE_GEN_CALLBACK_FAILURE", lib.ERR_LIB_SSL, 400),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COOKIE_MISMATCH", lib.ERR_LIB_SSL, 308),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COPY_PARAMETERS_FAILED", lib.ERR_LIB_SSL, 296),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CUSTOM_EXT_HANDLER_ALREADY_INSTALLED", lib.ERR_LIB_SSL, 206),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_ALREADY_ENABLED", lib.ERR_LIB_SSL, 172),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_CANNOT_OVERRIDE_MTYPE_FULL", lib.ERR_LIB_SSL, 173),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_NOT_ENABLED", lib.ERR_LIB_SSL, 175),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_CERTIFICATE", lib.ERR_LIB_SSL, 180),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_CERTIFICATE_USAGE", lib.ERR_LIB_SSL, 184),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_DATA_LENGTH", lib.ERR_LIB_SSL, 189),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_DIGEST_LENGTH", lib.ERR_LIB_SSL, 192),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_MATCHING_TYPE", lib.ERR_LIB_SSL, 200),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_PUBLIC_KEY", lib.ERR_LIB_SSL, 201),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_BAD_SELECTOR", lib.ERR_LIB_SSL, 202),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DANE_TLSA_NULL_DATA", lib.ERR_LIB_SSL, 203),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_BETWEEN_CCS_AND_FINISHED", lib.ERR_LIB_SSL, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DATA_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECRYPTION_FAILED", lib.ERR_LIB_SSL, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DECRYPTION_FAILED_OR_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 281),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DH_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 394),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DH_PUBLIC_VALUE_LENGTH_IS_WRONG", lib.ERR_LIB_SSL, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIGEST_CHECK_FAILED", lib.ERR_LIB_SSL, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DTLS_MESSAGE_TOO_BIG", lib.ERR_LIB_SSL, 334),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DUPLICATE_COMPRESSION_ID", lib.ERR_LIB_SSL, 309),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ECC_CERT_NOT_FOR_SIGNING", lib.ERR_LIB_SSL, 318),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ECDH_REQUIRED_FOR_SUITEB_MODE", lib.ERR_LIB_SSL, 374),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EE_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 399),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EMPTY_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 354),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ENCRYPTED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_IN_RECEIVED_CIPHER_LIST", lib.ERR_LIB_SSL, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_SETTING_TLSA_BASE_DOMAIN", lib.ERR_LIB_SSL, 204),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXCEEDS_MAX_FRAGMENT_SIZE", lib.ERR_LIB_SSL, 194),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXCESSIVE_MESSAGE_SIZE", lib.ERR_LIB_SSL, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTENSION_NOT_RECEIVED", lib.ERR_LIB_SSL, 279),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTRA_DATA_IN_MESSAGE", lib.ERR_LIB_SSL, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXT_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FAILED_TO_INIT_ASYNC", lib.ERR_LIB_SSL, 405),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("FRAGMENTED_CLIENT_HELLO", lib.ERR_LIB_SSL, 401),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("GOT_A_FIN_BEFORE_A_CCS", lib.ERR_LIB_SSL, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HTTPS_PROXY_REQUEST", lib.ERR_LIB_SSL, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("HTTP_REQUEST", lib.ERR_LIB_SSL, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_POINT_COMPRESSION", lib.ERR_LIB_SSL, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_SUITEB_DIGEST", lib.ERR_LIB_SSL, 380),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 373),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCONSISTENT_COMPRESSION", lib.ERR_LIB_SSL, 340),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCONSISTENT_EARLY_DATA_ALPN", lib.ERR_LIB_SSL, 222),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCONSISTENT_EARLY_DATA_SNI", lib.ERR_LIB_SSL, 231),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCONSISTENT_EXTMS", lib.ERR_LIB_SSL, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INSUFFICIENT_SECURITY", lib.ERR_LIB_SSL, 241),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ALERT", lib.ERR_LIB_SSL, 205),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CCS_MESSAGE", lib.ERR_LIB_SSL, 260),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CERTIFICATE_OR_ALG", lib.ERR_LIB_SSL, 238),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_COMMAND", lib.ERR_LIB_SSL, 280),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 341),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CONFIG", lib.ERR_LIB_SSL, 283),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CONFIGURATION_NAME", lib.ERR_LIB_SSL, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CONTEXT", lib.ERR_LIB_SSL, 282),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CT_VALIDATION_TYPE", lib.ERR_LIB_SSL, 212),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_KEY_UPDATE_TYPE", lib.ERR_LIB_SSL, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MAX_EARLY_DATA", lib.ERR_LIB_SSL, 174),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_CMD_NAME", lib.ERR_LIB_SSL, 385),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SEQUENCE_NUMBER", lib.ERR_LIB_SSL, 402),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SERVERINFO_DATA", lib.ERR_LIB_SSL, 388),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SESSION_ID", lib.ERR_LIB_SSL, 999),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SRP_USERNAME", lib.ERR_LIB_SSL, 357),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_STATUS_RESPONSE", lib.ERR_LIB_SSL, 328),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TICKET_KEYS_LENGTH", lib.ERR_LIB_SSL, 325),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LENGTH_MISMATCH", lib.ERR_LIB_SSL, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 404),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LENGTH_TOO_SHORT", lib.ERR_LIB_SSL, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LIBRARY_BUG", lib.ERR_LIB_SSL, 274),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_DSA_SIGNING_CERT", lib.ERR_LIB_SSL, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_ECDSA_SIGNING_CERT", lib.ERR_LIB_SSL, 381),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_FATAL", lib.ERR_LIB_SSL, 256),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PARAMETERS", lib.ERR_LIB_SSL, 290),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_PSK_KEX_MODES_EXTENSION", lib.ERR_LIB_SSL, 310),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_RSA_CERTIFICATE", lib.ERR_LIB_SSL, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_RSA_ENCRYPTING_CERT", lib.ERR_LIB_SSL, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_RSA_SIGNING_CERT", lib.ERR_LIB_SSL, 170),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SIGALGS_EXTENSION", lib.ERR_LIB_SSL, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SIGNING_CERT", lib.ERR_LIB_SSL, 221),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SRP_PARAM", lib.ERR_LIB_SSL, 358),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_SUPPORTED_GROUPS_EXTENSION", lib.ERR_LIB_SSL, 209),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_TMP_DH_KEY", lib.ERR_LIB_SSL, 171),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_TMP_ECDH_KEY", lib.ERR_LIB_SSL, 311),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA", lib.ERR_LIB_SSL, 293),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_ON_RECORD_BOUNDARY", lib.ERR_LIB_SSL, 182),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_REPLACING_CERTIFICATE", lib.ERR_LIB_SSL, 289),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NOT_SERVER", lib.ERR_LIB_SSL, 284),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_APPLICATION_PROTOCOL", lib.ERR_LIB_SSL, 235),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERTIFICATES_RETURNED", lib.ERR_LIB_SSL, 176),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERTIFICATE_ASSIGNED", lib.ERR_LIB_SSL, 177),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERTIFICATE_SET", lib.ERR_LIB_SSL, 179),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CHANGE_FOLLOWING_HRR", lib.ERR_LIB_SSL, 214),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CIPHERS_AVAILABLE", lib.ERR_LIB_SSL, 181),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CIPHERS_SPECIFIED", lib.ERR_LIB_SSL, 183),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CIPHER_MATCH", lib.ERR_LIB_SSL, 185),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CLIENT_CERT_METHOD", lib.ERR_LIB_SSL, 331),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_COMPRESSION_SPECIFIED", lib.ERR_LIB_SSL, 187),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_COOKIE_CALLBACK_SET", lib.ERR_LIB_SSL, 287),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_GOST_CERTIFICATE_SENT_BY_PEER", lib.ERR_LIB_SSL, 330),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_METHOD_SPECIFIED", lib.ERR_LIB_SSL, 188),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PEM_EXTENSIONS", lib.ERR_LIB_SSL, 389),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PRIVATE_KEY_ASSIGNED", lib.ERR_LIB_SSL, 190),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PROTOCOLS_AVAILABLE", lib.ERR_LIB_SSL, 191),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_RENEGOTIATION", lib.ERR_LIB_SSL, 339),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_REQUIRED_DIGEST", lib.ERR_LIB_SSL, 324),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SHARED_CIPHER", lib.ERR_LIB_SSL, 193),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SHARED_GROUPS", lib.ERR_LIB_SSL, 410),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SHARED_SIGNATURE_ALGORITHMS", lib.ERR_LIB_SSL, 376),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SRTP_PROFILES", lib.ERR_LIB_SSL, 359),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUITABLE_DIGEST_ALGORITHM", lib.ERR_LIB_SSL, 297),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUITABLE_GROUPS", lib.ERR_LIB_SSL, 295),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUITABLE_KEY_SHARE", lib.ERR_LIB_SSL, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUITABLE_SIGNATURE_ALGORITHM", lib.ERR_LIB_SSL, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_VALID_SCTS", lib.ERR_LIB_SSL, 216),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_VERIFY_COOKIE_CALLBACK", lib.ERR_LIB_SSL, 403),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_SSL_CTX", lib.ERR_LIB_SSL, 195),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NULL_SSL_METHOD_PASSED", lib.ERR_LIB_SSL, 196),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OCSP_CALLBACK_FAILURE", lib.ERR_LIB_SSL, 305),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OLD_SESSION_CIPHER_NOT_RETURNED", lib.ERR_LIB_SSL, 197),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", lib.ERR_LIB_SSL, 344),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OVERFLOW_ERROR", lib.ERR_LIB_SSL, 237),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PACKET_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 198),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PARSE_TLSEXT", lib.ERR_LIB_SSL, 227),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PATH_TOO_LONG", lib.ERR_LIB_SSL, 270),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEER_DID_NOT_RETURN_A_CERTIFICATE", lib.ERR_LIB_SSL, 199),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEM_NAME_BAD_PREFIX", lib.ERR_LIB_SSL, 391),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PEM_NAME_TOO_SHORT", lib.ERR_LIB_SSL, 392),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PIPELINE_FAILURE", lib.ERR_LIB_SSL, 406),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POST_HANDSHAKE_AUTH_ENCODING_ERR", lib.ERR_LIB_SSL, 278),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_MISMATCH", lib.ERR_LIB_SSL, 288),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROTOCOL_IS_SHUTDOWN", lib.ERR_LIB_SSL, 207),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PSK_IDENTITY_NOT_FOUND", lib.ERR_LIB_SSL, 223),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PSK_NO_CLIENT_CB", lib.ERR_LIB_SSL, 224),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PSK_NO_SERVER_CB", lib.ERR_LIB_SSL, 225),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("READ_BIO_NOT_SET", lib.ERR_LIB_SSL, 211),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("READ_TIMEOUT_EXPIRED", lib.ERR_LIB_SSL, 312),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECORD_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 213),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RECORD_TOO_SMALL", lib.ERR_LIB_SSL, 298),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RENEGOTIATE_EXT_TOO_LONG", lib.ERR_LIB_SSL, 335),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RENEGOTIATION_ENCODING_ERR", lib.ERR_LIB_SSL, 336),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RENEGOTIATION_MISMATCH", lib.ERR_LIB_SSL, 337),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_PENDING", lib.ERR_LIB_SSL, 285),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUEST_SENT", lib.ERR_LIB_SSL, 286),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUIRED_CIPHER_MISSING", lib.ERR_LIB_SSL, 215),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("REQUIRED_COMPRESSION_ALGORITHM_MISSING", lib.ERR_LIB_SSL, 342),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCSV_RECEIVED_WHEN_RENEGOTIATING", lib.ERR_LIB_SSL, 345),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SCT_VERIFICATION_FAILED", lib.ERR_LIB_SSL, 208),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SERVERHELLO_TLSEXT", lib.ERR_LIB_SSL, 275),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SESSION_ID_CONTEXT_UNINITIALIZED", lib.ERR_LIB_SSL, 277),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHUTDOWN_WHILE_IN_INIT", lib.ERR_LIB_SSL, 407),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNATURE_ALGORITHMS_ERROR", lib.ERR_LIB_SSL, 360),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", lib.ERR_LIB_SSL, 220),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SRP_A_CALC", lib.ERR_LIB_SSL, 361),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SRTP_COULD_NOT_ALLOCATE_PROFILES", lib.ERR_LIB_SSL, 362),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", lib.ERR_LIB_SSL, 363),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SRTP_UNKNOWN_PROTECTION_PROFILE", lib.ERR_LIB_SSL, 364),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH", lib.ERR_LIB_SSL, 232),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL3_EXT_INVALID_SERVERNAME", lib.ERR_LIB_SSL, 319),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL3_EXT_INVALID_SERVERNAME_TYPE", lib.ERR_LIB_SSL, 320),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL3_SESSION_ID_TOO_LONG", lib.ERR_LIB_SSL, 300),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_BAD_CERTIFICATE", lib.ERR_LIB_SSL, 1042),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 1020),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_CERTIFICATE_EXPIRED", lib.ERR_LIB_SSL, 1045),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_CERTIFICATE_REVOKED", lib.ERR_LIB_SSL, 1044),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_CERTIFICATE_UNKNOWN", lib.ERR_LIB_SSL, 1046),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_DECOMPRESSION_FAILURE", lib.ERR_LIB_SSL, 1030),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 1040),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_ILLEGAL_PARAMETER", lib.ERR_LIB_SSL, 1047),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_NO_CERTIFICATE", lib.ERR_LIB_SSL, 1041),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 1010),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", lib.ERR_LIB_SSL, 1043),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_COMMAND_SECTION_EMPTY", lib.ERR_LIB_SSL, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_COMMAND_SECTION_NOT_FOUND", lib.ERR_LIB_SSL, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", lib.ERR_LIB_SSL, 228),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 229),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 230),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_NEGATIVE_LENGTH", lib.ERR_LIB_SSL, 372),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SECTION_EMPTY", lib.ERR_LIB_SSL, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SECTION_NOT_FOUND", lib.ERR_LIB_SSL, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SESSION_ID_CALLBACK_FAILED", lib.ERR_LIB_SSL, 301),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SESSION_ID_CONFLICT", lib.ERR_LIB_SSL, 302),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SESSION_ID_CONTEXT_TOO_LONG", lib.ERR_LIB_SSL, 273),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SESSION_ID_HAS_BAD_LENGTH", lib.ERR_LIB_SSL, 303),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SESSION_ID_TOO_LONG", lib.ERR_LIB_SSL, 408),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SSL_SESSION_VERSION_MISMATCH", lib.ERR_LIB_SSL, 210),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("STILL_IN_INIT", lib.ERR_LIB_SSL, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV13_ALERT_CERTIFICATE_REQUIRED", lib.ERR_LIB_SSL, 1116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV13_ALERT_MISSING_EXTENSION", lib.ERR_LIB_SSL, 1109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_ACCESS_DENIED", lib.ERR_LIB_SSL, 1049),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_DECODE_ERROR", lib.ERR_LIB_SSL, 1050),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_DECRYPTION_FAILED", lib.ERR_LIB_SSL, 1021),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_DECRYPT_ERROR", lib.ERR_LIB_SSL, 1051),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_EXPORT_RESTRICTION", lib.ERR_LIB_SSL, 1060),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 1086),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_INSUFFICIENT_SECURITY", lib.ERR_LIB_SSL, 1071),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_INTERNAL_ERROR", lib.ERR_LIB_SSL, 1080),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_NO_RENEGOTIATION", lib.ERR_LIB_SSL, 1100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_PROTOCOL_VERSION", lib.ERR_LIB_SSL, 1070),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_RECORD_OVERFLOW", lib.ERR_LIB_SSL, 1022),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_UNKNOWN_CA", lib.ERR_LIB_SSL, 1048),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_ALERT_USER_CANCELLED", lib.ERR_LIB_SSL, 1090),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_BAD_CERTIFICATE_HASH_VALUE", lib.ERR_LIB_SSL, 1114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", lib.ERR_LIB_SSL, 1113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_CERTIFICATE_UNOBTAINABLE", lib.ERR_LIB_SSL, 1111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_UNRECOGNIZED_NAME", lib.ERR_LIB_SSL, 1112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLSV1_UNSUPPORTED_EXTENSION", lib.ERR_LIB_SSL, 1110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLS_ILLEGAL_EXPORTER_LABEL", lib.ERR_LIB_SSL, 367),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TLS_INVALID_ECPOINTFORMAT_LIST", lib.ERR_LIB_SSL, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_KEY_UPDATES", lib.ERR_LIB_SSL, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MANY_WARN_ALERTS", lib.ERR_LIB_SSL, 409),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOO_MUCH_EARLY_DATA", lib.ERR_LIB_SSL, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_ECDH_PARAMETERS", lib.ERR_LIB_SSL, 314),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", lib.ERR_LIB_SSL, 239),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", lib.ERR_LIB_SSL, 242),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", lib.ERR_LIB_SSL, 243),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_CCS_MESSAGE", lib.ERR_LIB_SSL, 262),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_END_OF_EARLY_DATA", lib.ERR_LIB_SSL, 178),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_EOF_WHILE_READING", lib.ERR_LIB_SSL, 294),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 244),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNEXPECTED_RECORD", lib.ERR_LIB_SSL, 245),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNINITIALIZED", lib.ERR_LIB_SSL, 276),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_ALERT_TYPE", lib.ERR_LIB_SSL, 246),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 247),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CIPHER_RETURNED", lib.ERR_LIB_SSL, 248),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CIPHER_TYPE", lib.ERR_LIB_SSL, 249),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CMD_NAME", lib.ERR_LIB_SSL, 386),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_COMMAND", lib.ERR_LIB_SSL, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_DIGEST", lib.ERR_LIB_SSL, 368),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_KEY_EXCHANGE_TYPE", lib.ERR_LIB_SSL, 250),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PKEY_TYPE", lib.ERR_LIB_SSL, 251),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PROTOCOL", lib.ERR_LIB_SSL, 252),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_SSL_VERSION", lib.ERR_LIB_SSL, 254),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_STATE", lib.ERR_LIB_SSL, 255),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSAFE_LEGACY_RENEGOTIATION_DISABLED", lib.ERR_LIB_SSL, 338),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSOLICITED_EXTENSION", lib.ERR_LIB_SSL, 217),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 257),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ELLIPTIC_CURVE", lib.ERR_LIB_SSL, 315),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_PROTOCOL", lib.ERR_LIB_SSL, 258),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_SSL_VERSION", lib.ERR_LIB_SSL, 259),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_STATUS_TYPE", lib.ERR_LIB_SSL, 329),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("USE_SRTP_NOT_NEGOTIATED", lib.ERR_LIB_SSL, 369),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VERSION_TOO_HIGH", lib.ERR_LIB_SSL, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VERSION_TOO_LOW", lib.ERR_LIB_SSL, 396),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 383),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CIPHER_RETURNED", lib.ERR_LIB_SSL, 261),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CURVE", lib.ERR_LIB_SSL, 378),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_SIGNATURE_LENGTH", lib.ERR_LIB_SSL, 264),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_SIGNATURE_SIZE", lib.ERR_LIB_SSL, 265),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_SIGNATURE_TYPE", lib.ERR_LIB_SSL, 370),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_SSL_VERSION", lib.ERR_LIB_SSL, 266),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_VERSION_NUMBER", lib.ERR_LIB_SSL, 267),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("X509_LIB", lib.ERR_LIB_SSL, 268),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("X509_VERIFICATION_SETUP_PROBLEMS", lib.ERR_LIB_SSL, 269),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_PKCS7_TYPE", lib.ERR_LIB_TS, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_TYPE", lib.ERR_LIB_TS, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_LOAD_CERT", lib.ERR_LIB_TS, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANNOT_LOAD_KEY", lib.ERR_LIB_TS, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_TS, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COULD_NOT_SET_ENGINE", lib.ERR_LIB_TS, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COULD_NOT_SET_TIME", lib.ERR_LIB_TS, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DETACHED_CONTENT", lib.ERR_LIB_TS, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_ADD_SIGNING_CERT_ERROR", lib.ERR_LIB_TS, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_ADD_SIGNING_CERT_V2_ERROR", lib.ERR_LIB_TS, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ESS_SIGNING_CERTIFICATE_ERROR", lib.ERR_LIB_TS, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_POINTER", lib.ERR_LIB_TS, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SIGNER_CERTIFICATE_PURPOSE", lib.ERR_LIB_TS, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MESSAGE_IMPRINT_MISMATCH", lib.ERR_LIB_TS, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NONCE_MISMATCH", lib.ERR_LIB_TS, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NONCE_NOT_RETURNED", lib.ERR_LIB_TS, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONTENT", lib.ERR_LIB_TS, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_TIME_STAMP_TOKEN", lib.ERR_LIB_TS, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7_ADD_SIGNATURE_ERROR", lib.ERR_LIB_TS, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7_ADD_SIGNED_ATTR_ERROR", lib.ERR_LIB_TS, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PKCS7_TO_TS_TST_INFO_FAILED", lib.ERR_LIB_TS, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POLICY_MISMATCH", lib.ERR_LIB_TS, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_TS, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESPONSE_SETUP_ERROR", lib.ERR_LIB_TS, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SIGNATURE_FAILURE", lib.ERR_LIB_TS, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("THERE_MUST_BE_ONE_SIGNER", lib.ERR_LIB_TS, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TIME_SYSCALL_ERROR", lib.ERR_LIB_TS, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOKEN_NOT_PRESENT", lib.ERR_LIB_TS, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TOKEN_PRESENT", lib.ERR_LIB_TS, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TSA_NAME_MISMATCH", lib.ERR_LIB_TS, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TSA_UNTRUSTED", lib.ERR_LIB_TS, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TST_INFO_SETUP_ERROR", lib.ERR_LIB_TS, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("TS_DATASIGN", lib.ERR_LIB_TS, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNACCEPTABLE_POLICY", lib.ERR_LIB_TS, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_MD_ALGORITHM", lib.ERR_LIB_TS, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_VERSION", lib.ERR_LIB_TS, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VAR_BAD_VALUE", lib.ERR_LIB_TS, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("VAR_LOOKUP_FAILURE", lib.ERR_LIB_TS, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_CONTENT_TYPE", lib.ERR_LIB_TS, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("COMMON_OK_AND_CANCEL_CHARACTERS", lib.ERR_LIB_UI, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INDEX_TOO_LARGE", lib.ERR_LIB_UI, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INDEX_TOO_SMALL", lib.ERR_LIB_UI, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_RESULT_BUFFER", lib.ERR_LIB_UI, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PROCESSING_ERROR", lib.ERR_LIB_UI, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESULT_TOO_LARGE", lib.ERR_LIB_UI, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("RESULT_TOO_SMALL", lib.ERR_LIB_UI, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SYSASSIGN_ERROR", lib.ERR_LIB_UI, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SYSDASSGN_ERROR", lib.ERR_LIB_UI, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SYSQIOW_ERROR", lib.ERR_LIB_UI, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_CONTROL_COMMAND", lib.ERR_LIB_UI, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_TTYGET_ERRNO_VALUE", lib.ERR_LIB_UI, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("USER_DATA_DUPLICATION_UNSUPPORTED", lib.ERR_LIB_UI, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_IP_ADDRESS", lib.ERR_LIB_X509V3, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_OBJECT", lib.ERR_LIB_X509V3, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_DEC2BN_ERROR", lib.ERR_LIB_X509V3, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BN_TO_ASN1_INTEGER_ERROR", lib.ERR_LIB_X509V3, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DIRNAME_ERROR", lib.ERR_LIB_X509V3, 149),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DISTPOINT_ALREADY_SET", lib.ERR_LIB_X509V3, 160),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("DUPLICATE_ZONE_ID", lib.ERR_LIB_X509V3, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EMPTY_KEY_USAGE", lib.ERR_LIB_X509V3, 169),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CONVERTING_ZONE", lib.ERR_LIB_X509V3, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_CREATING_EXTENSION", lib.ERR_LIB_X509V3, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_IN_EXTENSION", lib.ERR_LIB_X509V3, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXPECTED_A_SECTION_NAME", lib.ERR_LIB_X509V3, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTENSION_EXISTS", lib.ERR_LIB_X509V3, 145),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTENSION_NAME_ERROR", lib.ERR_LIB_X509V3, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTENSION_NOT_FOUND", lib.ERR_LIB_X509V3, 102),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTENSION_SETTING_NOT_SUPPORTED", lib.ERR_LIB_X509V3, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("EXTENSION_VALUE_ERROR", lib.ERR_LIB_X509V3, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ILLEGAL_EMPTY_EXTENSION", lib.ERR_LIB_X509V3, 151),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INCORRECT_POLICY_SYNTAX_TAG", lib.ERR_LIB_X509V3, 152),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ASNUMBER", lib.ERR_LIB_X509V3, 162),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ASRANGE", lib.ERR_LIB_X509V3, 163),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_BOOLEAN_STRING", lib.ERR_LIB_X509V3, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_CERTIFICATE", lib.ERR_LIB_X509V3, 158),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_EMPTY_NAME", lib.ERR_LIB_X509V3, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_EXTENSION_STRING", lib.ERR_LIB_X509V3, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_INHERITANCE", lib.ERR_LIB_X509V3, 165),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_IPADDRESS", lib.ERR_LIB_X509V3, 166),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_MULTIPLE_RDNS", lib.ERR_LIB_X509V3, 161),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NAME", lib.ERR_LIB_X509V3, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_ARGUMENT", lib.ERR_LIB_X509V3, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NULL_VALUE", lib.ERR_LIB_X509V3, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NUMBER", lib.ERR_LIB_X509V3, 140),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_NUMBERS", lib.ERR_LIB_X509V3, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OBJECT_IDENTIFIER", lib.ERR_LIB_X509V3, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_OPTION", lib.ERR_LIB_X509V3, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_POLICY_IDENTIFIER", lib.ERR_LIB_X509V3, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PROXY_POLICY_SETTING", lib.ERR_LIB_X509V3, 153),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_PURPOSE", lib.ERR_LIB_X509V3, 146),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SAFI", lib.ERR_LIB_X509V3, 164),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SECTION", lib.ERR_LIB_X509V3, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_SYNTAX", lib.ERR_LIB_X509V3, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ISSUER_DECODE_ERROR", lib.ERR_LIB_X509V3, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("MISSING_VALUE", lib.ERR_LIB_X509V3, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NEED_ORGANIZATION_AND_NUMBERS", lib.ERR_LIB_X509V3, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NEGATIVE_PATHLEN", lib.ERR_LIB_X509V3, 168),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CONFIG_DATABASE", lib.ERR_LIB_X509V3, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_ISSUER_CERTIFICATE", lib.ERR_LIB_X509V3, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_ISSUER_DETAILS", lib.ERR_LIB_X509V3, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_POLICY_IDENTIFIER", lib.ERR_LIB_X509V3, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED", lib.ERR_LIB_X509V3, 154),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_PUBLIC_KEY", lib.ERR_LIB_X509V3, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_SUBJECT_DETAILS", lib.ERR_LIB_X509V3, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OPERATION_NOT_DEFINED", lib.ERR_LIB_X509V3, 148),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("OTHERNAME_ERROR", lib.ERR_LIB_X509V3, 147),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POLICY_LANGUAGE_ALREADY_DEFINED", lib.ERR_LIB_X509V3, 155),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POLICY_PATH_LENGTH", lib.ERR_LIB_X509V3, 156),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POLICY_PATH_LENGTH_ALREADY_DEFINED", lib.ERR_LIB_X509V3, 157),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY", lib.ERR_LIB_X509V3, 159),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SECTION_NOT_FOUND", lib.ERR_LIB_X509V3, 150),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_ISSUER_DETAILS", lib.ERR_LIB_X509V3, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_ISSUER_KEYID", lib.ERR_LIB_X509V3, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_BIT_STRING_ARGUMENT", lib.ERR_LIB_X509V3, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_EXTENSION", lib.ERR_LIB_X509V3, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_EXTENSION_NAME", lib.ERR_LIB_X509V3, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_OPTION", lib.ERR_LIB_X509V3, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_OPTION", lib.ERR_LIB_X509V3, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_TYPE", lib.ERR_LIB_X509V3, 167),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("USER_TOO_LONG", lib.ERR_LIB_X509V3, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("AKID_MISMATCH", lib.ERR_LIB_X509, 110),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_SELECTOR", lib.ERR_LIB_X509, 133),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BAD_X509_FILETYPE", lib.ERR_LIB_X509, 100),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("BASE64_DECODE_ERROR", lib.ERR_LIB_X509, 118),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CANT_CHECK_DH_KEY", lib.ERR_LIB_X509, 114),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERTIFICATE_VERIFICATION_FAILED", lib.ERR_LIB_X509, 139),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CERT_ALREADY_IN_HASH_TABLE", lib.ERR_LIB_X509, 101),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CRL_ALREADY_DELTA", lib.ERR_LIB_X509, 127),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("CRL_VERIFY_FAILURE", lib.ERR_LIB_X509, 131),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_GETTING_MD_BY_NID", lib.ERR_LIB_X509, 141),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ERROR_USING_SIGINF_SET", lib.ERR_LIB_X509, 142),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("IDP_MISMATCH", lib.ERR_LIB_X509, 128),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_ATTRIBUTES", lib.ERR_LIB_X509, 138),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DIRECTORY", lib.ERR_LIB_X509, 113),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_DISTPOINT", lib.ERR_LIB_X509, 143),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_FIELD_NAME", lib.ERR_LIB_X509, 119),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("INVALID_TRUST", lib.ERR_LIB_X509, 123),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("ISSUER_MISMATCH", lib.ERR_LIB_X509, 129),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_TYPE_MISMATCH", lib.ERR_LIB_X509, 115),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("KEY_VALUES_MISMATCH", lib.ERR_LIB_X509, 116),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOADING_CERT_DIR", lib.ERR_LIB_X509, 103),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("LOADING_DEFAULTS", lib.ERR_LIB_X509, 104),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("METHOD_NOT_SUPPORTED", lib.ERR_LIB_X509, 124),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NAME_TOO_LONG", lib.ERR_LIB_X509, 134),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NEWER_CRL_NOT_NEWER", lib.ERR_LIB_X509, 132),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERTIFICATE_FOUND", lib.ERR_LIB_X509, 135),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERTIFICATE_OR_CRL_FOUND", lib.ERR_LIB_X509, 136),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CERT_SET_FOR_US_TO_VERIFY", lib.ERR_LIB_X509, 105),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CRL_FOUND", lib.ERR_LIB_X509, 137),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("NO_CRL_NUMBER", lib.ERR_LIB_X509, 130),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PUBLIC_KEY_DECODE_ERROR", lib.ERR_LIB_X509, 125),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("PUBLIC_KEY_ENCODE_ERROR", lib.ERR_LIB_X509, 126),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("SHOULD_RETRY", lib.ERR_LIB_X509, 106),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", lib.ERR_LIB_X509, 107),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNABLE_TO_GET_CERTS_PUBLIC_KEY", lib.ERR_LIB_X509, 108),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_KEY_TYPE", lib.ERR_LIB_X509, 117),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_NID", lib.ERR_LIB_X509, 109),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_PURPOSE_ID", lib.ERR_LIB_X509, 121),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_SIGID_ALGS", lib.ERR_LIB_X509, 144),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNKNOWN_TRUST_ID", lib.ERR_LIB_X509, 120),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_X509, 111),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_LOOKUP_TYPE", lib.ERR_LIB_X509, 112),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ("WRONG_TYPE", lib.ERR_LIB_X509, 122),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/__init__.py lib_pypy/_cffi_ssl/cryptography/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,16 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.__about__ import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __author__, __copyright__, __email__, __license__, __summary__, __title__,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __uri__, __version__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-__all__ = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "__title__", "__summary__", "__uri__", "__version__", "__author__",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "__email__", "__license__", "__copyright__",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/exceptions.py lib_pypy/_cffi_ssl/cryptography/exceptions.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/exceptions.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,58 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Reasons(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BACKEND_MISSING_INTERFACE = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_HASH = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_CIPHER = 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_PADDING = 3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_MGF = 4
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_PUBLIC_KEY_ALGORITHM = 5
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_ELLIPTIC_CURVE = 6
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_SERIALIZATION = 7
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_X509 = 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_EXCHANGE_ALGORITHM = 9
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_DIFFIE_HELLMAN = 10
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNSUPPORTED_MAC = 11
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class UnsupportedAlgorithm(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, message, reason=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- super(UnsupportedAlgorithm, self).__init__(message)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._reason = reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AlreadyFinalized(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AlreadyUpdated(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class NotYetFinalized(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidTag(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidSignature(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InternalError(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, msg, err_code):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- super(InternalError, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.err_code = err_code
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidKey(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/fernet.py lib_pypy/_cffi_ssl/cryptography/fernet.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/fernet.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,171 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import base64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import binascii
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends import default_backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes, padding
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.hmac import HMAC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidToken(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_MAX_CLOCK_SKEW = 60
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Fernet(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key, backend=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if backend is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend = default_backend()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = base64.urlsafe_b64decode(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) != 32:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Fernet key must be 32 url-safe base64-encoded bytes."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signing_key = key[:16]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._encryption_key = key[16:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_key(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return base64.urlsafe_b64encode(os.urandom(32))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- current_time = int(time.time())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv = os.urandom(16)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._encrypt_from_parts(data, current_time, iv)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _encrypt_from_parts(self, data, current_time, iv):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padder = padding.PKCS7(algorithms.AES.block_size).padder()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padded_data = padder.update(data) + padder.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryptor = Cipher(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithms.AES(self._encryption_key), modes.CBC(iv), self._backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).encryptor()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ciphertext = encryptor.update(padded_data) + encryptor.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic_parts = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b"\x80" + struct.pack(">Q", current_time) + iv + ciphertext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(basic_parts)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hmac = h.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return base64.urlsafe_b64encode(basic_parts + hmac)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, token, ttl=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- timestamp, data = Fernet._get_unverified_token_data(token)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._decrypt_data(data, timestamp, ttl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extract_timestamp(self, token):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- timestamp, data = Fernet._get_unverified_token_data(token)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Verify the token was not tampered with.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._verify_signature(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return timestamp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @staticmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _get_unverified_token_data(token):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("token", token)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = base64.urlsafe_b64decode(token)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except (TypeError, binascii.Error):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not data or six.indexbytes(data, 0) != 0x80:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- timestamp, = struct.unpack(">Q", data[1:9])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except struct.error:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return timestamp, data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _verify_signature(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(data[:-32])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.verify(data[-32:])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except InvalidSignature:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _decrypt_data(self, data, timestamp, ttl):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- current_time = int(time.time())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ttl is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if timestamp + ttl < current_time:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if current_time + _MAX_CLOCK_SKEW < timestamp:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._verify_signature(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv = data[9:25]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ciphertext = data[25:-32]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decryptor = Cipher(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithms.AES(self._encryption_key), modes.CBC(iv), self._backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).decryptor()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- plaintext_padded = decryptor.update(ciphertext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- plaintext_padded += decryptor.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except ValueError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unpadded = unpadder.update(plaintext_padded)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unpadded += unpadder.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except ValueError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return unpadded
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class MultiFernet(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, fernets):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fernets = list(fernets)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not fernets:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "MultiFernet requires at least one Fernet instance"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._fernets = fernets
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, msg):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._fernets[0].encrypt(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rotate(self, msg):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- timestamp, data = Fernet._get_unverified_token_data(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for f in self._fernets:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = f._decrypt_data(data, timestamp, None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- break
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except InvalidToken:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv = os.urandom(16)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._fernets[0]._encrypt_from_parts(p, timestamp, iv)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, msg, ttl=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for f in self._fernets:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return f.decrypt(msg, ttl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except InvalidToken:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,11 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-Hazardous Materials
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-This is a "Hazardous Materials" module. You should ONLY use it if you're
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-100% absolutely sure that you know what you're doing because this module
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-is full of land mines, dragons, and dinosaurs with laser guns.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/_oid.py lib_pypy/_cffi_ssl/cryptography/hazmat/_oid.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/_oid.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,67 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ObjectIdentifier(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, dotted_string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dotted_string = dotted_string
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nodes = self._dotted_string.split(".")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- intnodes = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # There must be at least 2 nodes, the first node must be 0..2, and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # if less than 2, the second node cannot have a value outside the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # range 0..39. All nodes must be integers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for node in nodes:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- intnodes.append(int(node, 0))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except ValueError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Malformed OID: %s (non-integer nodes)" % (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(nodes) < 2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Malformed OID: %s (insufficient number of nodes)" % (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if intnodes[0] > 2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Malformed OID: %s (first node outside valid range)" % (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if intnodes[0] < 2 and intnodes[1] >= 40:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Malformed OID: %s (second node outside valid range)" % (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.dotted_string == other.dotted_string
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<ObjectIdentifier(oid={}, name={})>".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.dotted_string,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.dotted_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Lazy import to avoid an import cycle
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.x509.oid import _OID_NAMES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OID_NAMES.get(self, "Unknown OID")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dotted_string = utils.read_only_property("_dotted_string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,18 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_default_backend = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def default_backend():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- global _default_backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if _default_backend is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _default_backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _default_backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/interfaces.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/interfaces.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/interfaces.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,395 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CipherBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def cipher_supported(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return True if the given cipher and mode are supported.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_symmetric_encryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Get a CipherContext that can be used for encryption.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_symmetric_decryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Get a CipherContext that can be used for decryption.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HashBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return True if the hash algorithm is supported by this backend.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_hash_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create a HashContext for calculating a message digest.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HMACBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return True if the hash algorithm is supported for HMAC by this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_hmac_ctx(self, key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create a context for calculating a message authentication code.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CMACBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def cmac_algorithm_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns True if the block cipher is supported for CMAC by this backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_cmac_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create a context for calculating a message authentication code.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PBKDF2HMACBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def pbkdf2_hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return True if the hash algorithm is supported for PBKDF2 by this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return length bytes derived from provided PBKDF2 parameters.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RSABackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_rsa_private_key(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate an RSAPrivateKey instance with public_exponent and a modulus
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- of key_size bits.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rsa_padding_supported(self, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns True if the backend supports the given padding options.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_rsa_parameters_supported(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns True if the backend supports the given parameters for key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generation.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_rsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an RSAPrivateKey provider.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_rsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an RSAPublicKey provider.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSABackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dsa_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a DSAParameters instance with a modulus of key_size bits.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dsa_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a DSAPrivateKey instance with parameters as a DSAParameters
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dsa_private_key_and_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a DSAPrivateKey instance using key size only.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dsa_hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return True if the hash algorithm is supported by the backend for DSA.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dsa_parameters_supported(self, p, q, g):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return True if the parameters are supported by the backend for DSA.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DSAPrivateKey provider.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DSAPublicKey provider.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dsa_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DSAParameters provider.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurveBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def elliptic_curve_signature_algorithm_supported(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self, signature_algorithm, curve
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns True if the backend supports the named elliptic curve with the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- specified signature algorithm.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def elliptic_curve_supported(self, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns True if the backend supports the named elliptic curve.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_elliptic_curve_private_key(self, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return an object conforming to the EllipticCurvePrivateKey interface.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_elliptic_curve_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return an EllipticCurvePublicKey provider using the given numbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_elliptic_curve_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return an EllipticCurvePrivateKey provider using the given numbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns whether the exchange algorithm is supported by this backend.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive_elliptic_curve_private_key(self, private_value, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Compute the private key given the private value and curve.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PEMSerializationBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Loads a private key from PEM encoded data, using the provided password
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if the data is encrypted.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Loads a public key from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load encryption parameters from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DERSerializationBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Loads a private key from DER encoded data. Uses the provided password
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if the data is encrypted.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Loads a public key from DER encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load encryption parameters from DER encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class X509Backend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load an X.509 certificate from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load an X.509 certificate from DER encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load an X.509 CSR from DER encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load an X.509 CSR from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_csr(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create and sign an X.509 CSR from a CSR builder object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_certificate(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create and sign an X.509 certificate from a CertificateBuilder object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_crl(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create and sign an X.509 CertificateRevocationList from a
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CertificateRevocationListBuilder object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_revoked_certificate(self, builder):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create a RevokedCertificate object from a RevokedCertificateBuilder
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x509_name_bytes(self, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Compute the DER encoded bytes of an X509 Name object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dh_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a DHParameters instance with a modulus of key_size bits.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Using the given generator. Often 2 or 5.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dh_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a DHPrivateKey instance with parameters as a DHParameters
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dh_private_key_and_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a DHPrivateKey instance using key size only.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Using the given generator. Often 2 or 5.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dh_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load a DHPrivateKey from DHPrivateNumbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dh_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load a DHPublicKey from DHPublicNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dh_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Load DHParameters from DHParameterNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dh_parameters_supported(self, p, g, q=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns whether the backend supports DH with these parameter values.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dh_x942_serialization_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns True if the backend supports the serialization of DH objects
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with subgroup order (q).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ScryptBackend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive_scrypt(self, key_material, salt, length, n, r, p):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return bytes derived from provided Scrypt parameters.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,10 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-__all__ = ["backend"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/aead.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/aead.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/aead.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,161 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import InvalidTag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ENCRYPT = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_DECRYPT = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _aead_cipher_name(cipher):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.primitives.ciphers.aead import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AESCCM, AESGCM, ChaCha20Poly1305
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(cipher, ChaCha20Poly1305):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"chacha20-poly1305"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "aes-{}-ccm".format(len(cipher._key) * 8).encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert isinstance(cipher, AESGCM)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "aes-{}-gcm".format(len(cipher._key) * 8).encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _aead_setup(backend, cipher_name, key, nonce, tag, tag_len, operation):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher = backend._lib.EVP_get_cipherbyname(cipher_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(evp_cipher != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = backend._lib.EVP_CIPHER_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = backend._ffi.gc(ctx, backend._lib.EVP_CIPHER_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherInit_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, evp_cipher,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int(operation == _ENCRYPT)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CIPHER_CTX_set_key_length(ctx, len(key))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, backend._lib.EVP_CTRL_AEAD_SET_IVLEN, len(nonce),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if operation == _DECRYPT:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, backend._lib.EVP_CTRL_AEAD_SET_TAG, len(tag), tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, backend._lib.EVP_CTRL_AEAD_SET_TAG, tag_len, backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce_ptr = backend._ffi.from_buffer(nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_ptr = backend._ffi.from_buffer(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherInit_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_ptr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce_ptr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int(operation == _ENCRYPT)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _set_length(backend, ctx, data_len):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- intptr = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- intptr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_len
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _process_aad(backend, ctx, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, backend._ffi.NULL, outlen, associated_data, len(associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _process_data(backend, ctx, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char[]", len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherUpdate(ctx, buf, outlen, data, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf, outlen[0])[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encrypt(backend, cipher, nonce, data, associated_data, tag_length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.primitives.ciphers.aead import AESCCM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_name = _aead_cipher_name(cipher)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = _aead_setup(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, cipher_name, cipher._key, nonce, None, tag_length, _ENCRYPT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # CCM requires us to pass the length of the data before processing anything
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # However calling this with any other AEAD results in an error
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _set_length(backend, ctx, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _process_aad(backend, ctx, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- processed_data = _process_data(backend, ctx, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherFinal_ex(ctx, backend._ffi.NULL, outlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(outlen[0] == 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tag_buf = backend._ffi.new("unsigned char[]", tag_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, backend._lib.EVP_CTRL_AEAD_GET_TAG, tag_length, tag_buf
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tag = backend._ffi.buffer(tag_buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return processed_data + tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decrypt(backend, cipher, nonce, data, associated_data, tag_length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.primitives.ciphers.aead import AESCCM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) < tag_length:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tag = data[-tag_length:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = data[:-tag_length]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_name = _aead_cipher_name(cipher)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = _aead_setup(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, cipher_name, cipher._key, nonce, tag, tag_length, _DECRYPT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # CCM requires us to pass the length of the data before processing anything
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # However calling this with any other AEAD results in an error
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _set_length(backend, ctx, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _process_aad(backend, ctx, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # CCM has a different error path if the tag doesn't match. Errors are
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # raised in Update and Final is irrelevant.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char[]", len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherUpdate(ctx, buf, outlen, data, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- processed_data = backend._ffi.buffer(buf, outlen[0])[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- processed_data = _process_data(backend, ctx, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_CipherFinal_ex(ctx, backend._ffi.NULL, outlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return processed_data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/backend.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/backend.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/backend.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,2445 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import base64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import collections
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import contextlib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import itertools
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from contextlib import contextmanager
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import asn1crypto.core
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from six.moves import range
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CMACBackend, CipherBackend, DERSerializationBackend, DHBackend, DSABackend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PEMSerializationBackend, RSABackend, ScryptBackend, X509Backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl import aead
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.ciphers import _CipherContext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.cmac import _CMACContext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CRL_ENTRY_REASON_ENUM_TO_CODE, _Integers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.dh import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _DHParameters, _DHPrivateKey, _DHPublicKey, _dh_params_dup
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.dsa import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _DSAParameters, _DSAPrivateKey, _DSAPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.ec import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _EllipticCurvePrivateKey, _EllipticCurvePublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.ed25519 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Ed25519PrivateKey, _Ed25519PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.ed448 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _ED448_KEY_SIZE, _Ed448PrivateKey, _Ed448PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.encode_asn1 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CRL_ENTRY_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CRL_EXTENSION_ENCODE_HANDLERS, _EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _OCSP_BASICRESP_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _encode_asn1_int_gc, _encode_asn1_str_gc, _encode_name_gc, _txt2obj_gc,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.hashes import _HashContext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.hmac import _HMACContext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.ocsp import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _OCSPRequest, _OCSPResponse
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.poly1305 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _POLY1305_KEY_SIZE, _Poly1305Context
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.rsa import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _RSAPrivateKey, _RSAPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.x25519 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _X25519PrivateKey, _X25519PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.x448 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _X448PrivateKey, _X448PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.x509 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Certificate, _CertificateRevocationList,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CertificateSigningRequest, _RevokedCertificate
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.bindings.openssl import binding
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.padding import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- MGF1, OAEP, PKCS1v15, PSS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.algorithms import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AES, ARC4, Blowfish, CAST5, Camellia, ChaCha20, IDEA, SEED, TripleDES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.modes import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CBC, CFB, CFB8, CTR, ECB, GCM, OFB, XTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import scrypt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.serialization import ssh
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509 import ocsp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_MemoryBIO = collections.namedtuple("_MemoryBIO", ["bio", "char_ptr"])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CMACBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(DERSerializationBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(DHBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(DSABackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurveBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HMACBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(PBKDF2HMACBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(RSABackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(PEMSerializationBackend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(X509Backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface_if(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- binding.Binding().lib.Cryptography_HAS_SCRYPT, ScryptBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Backend(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OpenSSL API binding interfaces.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "openssl"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._binding = binding.Binding()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi = self._binding.ffi
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib = self._binding.lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cipher_registry = {}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._register_default_ciphers()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.activate_osrandom_engine()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_types = [self._lib.EVP_PKEY_DH]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_types.append(self._lib.EVP_PKEY_DHX)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def openssl_assert(self, ok):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return binding._openssl_assert(self._lib, ok)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def activate_builtin_random(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._lib.Cryptography_HAS_ENGINE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Obtain a new structural reference.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = self._lib.ENGINE_get_default_RAND()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if e != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ENGINE_unregister_RAND(e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Reset the RNG to use the new engine.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.RAND_cleanup()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # decrement the structural reference from get_default_RAND
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ENGINE_finish(e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @contextlib.contextmanager
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _get_osurandom_engine(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Fetches an engine by id and returns it. This creates a structural
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # reference.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = self._lib.ENGINE_by_id(self._lib.Cryptography_osrandom_engine_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(e != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Initialize the engine for use. This adds a functional reference.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ENGINE_init(e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield e
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Decrement the structural ref incremented by ENGINE_by_id.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ENGINE_free(e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Decrement the functional ref incremented by ENGINE_init.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ENGINE_finish(e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def activate_osrandom_engine(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._lib.Cryptography_HAS_ENGINE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Unregister and free the current engine.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.activate_builtin_random()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._get_osurandom_engine() as e:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the engine as the default RAND provider.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ENGINE_set_default_RAND(e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Reset the RNG to use the new engine.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.RAND_cleanup()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def osrandom_engine_implementation(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._ffi.new("char[]", 64)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._get_osurandom_engine() as e:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ENGINE_ctrl_cmd(e, b"get_implementation",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(buf), buf,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.string(buf).decode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def openssl_version_text(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Friendly string name of the loaded OpenSSL library. This is not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- necessarily the same version as it was compiled against.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Example: OpenSSL 1.0.1e 11 Feb 2013
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.string(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.OpenSSL_version(self._lib.OPENSSL_VERSION)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def openssl_version_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._lib.OpenSSL_version_num()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_hmac_ctx(self, key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _HMACContext(self, key, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _evp_md_from_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if algorithm.name == "blake2b" or algorithm.name == "blake2s":
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- alg = "{}{}".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm.name, algorithm.digest_size * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- alg = algorithm.name.encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._lib.EVP_get_digestbyname(alg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _evp_md_non_null_from_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_md != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_md != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.hash_supported(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_hash_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _HashContext(self, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def cipher_supported(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- adapter = self._cipher_registry[type(cipher), type(mode)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher = adapter(self, cipher, mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.NULL != evp_cipher
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def register_cipher_adapter(self, cipher_cls, mode_cls, adapter):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (cipher_cls, mode_cls) in self._cipher_registry:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Duplicate registration for: {} {}.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_cls, mode_cls)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cipher_registry[cipher_cls, mode_cls] = adapter
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _register_default_ciphers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for mode_cls in [CBC, CTR, ECB, OFB, CFB, CFB8, GCM]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("{cipher.name}-{cipher.key_size}-{mode.name}")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for mode_cls in [CBC, CTR, ECB, OFB, CFB]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Camellia,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("{cipher.name}-{cipher.key_size}-{mode.name}")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for mode_cls in [CBC, CFB, CFB8, OFB]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TripleDES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("des-ede3-{mode.name}")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TripleDES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ECB,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("des-ede3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for mode_cls in [CBC, CFB, OFB, ECB]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Blowfish,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("bf-{mode.name}")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for mode_cls in [CBC, CFB, OFB, ECB]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SEED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("seed-{mode.name}")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for cipher_cls, mode_cls in itertools.product(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- [CAST5, IDEA],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- [CBC, OFB, CFB, ECB],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode_cls,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("{cipher.name}-{mode.name}")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ARC4,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- type(None),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("rc4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ChaCha20,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- type(None),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GetCipherByName("chacha20")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.register_cipher_adapter(AES, XTS, _get_xts_cipher)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_symmetric_encryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CipherContext(self, cipher, mode, _CipherContext._ENCRYPT)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_symmetric_decryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CipherContext(self, cipher, mode, _CipherContext._DECRYPT)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def pbkdf2_hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.hmac_supported(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._ffi.new("unsigned char[]", length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material_ptr = self._ffi.from_buffer(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.PKCS5_PBKDF2_HMAC(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material_ptr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(key_material),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- salt,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(salt),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iterations,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- length,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _consume_errors(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return binding._consume_errors(self._lib)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _bn_to_int(self, bn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert bn != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not six.PY2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Python 3 has constant time from_bytes, so use that.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_num_bytes = self._lib.BN_num_bytes(bn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bin_ptr = self._ffi.new("unsigned char[]", bn_num_bytes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bin_len = self._lib.BN_bn2bin(bn, bin_ptr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # A zero length means the BN has value 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bin_len >= 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = int.from_bytes(self._ffi.buffer(bin_ptr)[:bin_len], "big")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._lib.BN_is_negative(bn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = -val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Under Python 2 the best we can do is hex()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hex_cdata = self._lib.BN_bn2hex(bn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(hex_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hex_str = self._ffi.string(hex_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.OPENSSL_free(hex_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return int(hex_str, 16)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _int_to_bn(self, num, bn=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Converts a python integer to a BIGNUM. The returned BIGNUM will not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- be garbage collected (to support adding them to structs that take
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ownership of the object). Be sure to register it for GC if it will
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- be discarded after use.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert bn is None or bn != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if bn is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not six.PY2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Python 3 has constant time to_bytes, so use that.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- binary = num.to_bytes(int(num.bit_length() / 8.0 + 1), "big")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_ptr = self._lib.BN_bin2bn(binary, len(binary), bn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bn_ptr != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return bn_ptr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Under Python 2 the best we can do is hex(), [2:] removes the 0x
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # prefix.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hex_num = hex(num).rstrip("L")[2:].encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_ptr = self._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_ptr[0] = bn
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.BN_hex2bn(bn_ptr, hex_num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bn_ptr[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return bn_ptr[0]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_rsa_private_key(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa._verify_rsa_parameters(public_exponent, key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.RSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn = self._int_to_bn(public_exponent)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn = self._ffi.gc(bn, self._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.RSA_generate_key_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata, key_size, bn, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_rsa_parameters_supported(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (public_exponent >= 3 and public_exponent & 1 != 0 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size >= 512)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_rsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa._check_private_key_components(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.p,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.q,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.d,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.dmp1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.dmq1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.iqmp,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.public_numbers.e,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- numbers.public_numbers.n
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.RSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- d = self._int_to_bn(numbers.d)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmp1 = self._int_to_bn(numbers.dmp1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmq1 = self._int_to_bn(numbers.dmq1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iqmp = self._int_to_bn(numbers.iqmp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = self._int_to_bn(numbers.public_numbers.e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self._int_to_bn(numbers.public_numbers.n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.RSA_set0_factors(rsa_cdata, p, q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.RSA_set0_key(rsa_cdata, n, e, d)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.RSA_set0_crt_params(rsa_cdata, dmp1, dmq1, iqmp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.RSA_blinding_on(rsa_cdata, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_rsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa._check_public_key_components(numbers.e, numbers.n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.RSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = self._int_to_bn(numbers.e)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self._int_to_bn(numbers.n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.RSA_set0_key(rsa_cdata, n, e, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_evp_pkey_gc(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _rsa_cdata_to_evp_pkey(self, rsa_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_set1_RSA(evp_pkey, rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _bytes_to_bio(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return a _MemoryBIO namedtuple of (BIO, char*).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The char* is the storage for the BIO and it must stay alive until the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BIO is finished with.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._lib.BIO_new_mem_buf(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bio != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _MemoryBIO(self._ffi.gc(bio, self._lib.BIO_free), data_ptr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_mem_bio_gc(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Creates an empty memory BIO.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio_method = self._lib.BIO_s_mem()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bio_method != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._lib.BIO_new(bio_method)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bio != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._ffi.gc(bio, self._lib.BIO_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _read_mem_bio(self, bio):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Reads a memory BIO. This only works on memory BIOs.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._ffi.new("char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf_len = self._lib.BIO_get_mem_data(bio, buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(buf_len > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(buf[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio_data = self._ffi.buffer(buf[0], buf_len)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return bio_data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _evp_pkey_to_private_key(self, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return the appropriate type of PrivateKey given an evp_pkey cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pointer.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_type = self._lib.EVP_PKEY_id(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == self._lib.EVP_PKEY_DSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._lib.EVP_PKEY_get1_DSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAPrivateKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == self._lib.EVP_PKEY_EC:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ec_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type in self._dh_types:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.EVP_PKEY_get1_DH(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHPrivateKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_ED25519", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_ED25519 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_X448", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_X448 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_X25519", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_X25519 is not present in OpenSSL < 1.1.0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_ED448", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_ED448 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm("Unsupported key type.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _evp_pkey_to_public_key(self, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return the appropriate type of PublicKey given an evp_pkey cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pointer.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_type = self._lib.EVP_PKEY_id(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == self._lib.EVP_PKEY_DSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._lib.EVP_PKEY_get1_DSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAPublicKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == self._lib.EVP_PKEY_EC:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ec_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type in self._dh_types:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.EVP_PKEY_get1_DH(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHPublicKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_ED25519", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_ED25519 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_X448", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_X448 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_X25519", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_X25519 is not present in OpenSSL < 1.1.0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == getattr(self._lib, "EVP_PKEY_ED448", None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # EVP_PKEY_X25519 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm("Unsupported key type.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _oaep_hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._lib.Cryptography_HAS_RSA_OAEP_MD:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm, (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA224,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA256,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA384,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA512,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return isinstance(algorithm, hashes.SHA1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rsa_padding_supported(self, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(padding, PKCS1v15):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(padding, PSS) and isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.hash_supported(padding._mgf._algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(padding, OAEP) and isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._oaep_hash_supported(padding._mgf._algorithm) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._oaep_hash_supported(padding._algorithm) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (padding._label is None or len(padding._label) == 0) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.Cryptography_HAS_RSA_OAEP_LABEL == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dsa_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_size not in (1024, 2048, 3072):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Key size must be 1024 or 2048 or 3072 bits.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._ffi.gc(ctx, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DSA_generate_parameters_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, key_size, self._ffi.NULL, 0,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAParameters(self, ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dsa_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._lib.DSAparams_dup(parameters._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._ffi.gc(ctx, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.DSA_generate_key(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._dsa_cdata_to_evp_pkey(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAPrivateKey(self, ctx, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dsa_private_key_and_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameters = self.generate_dsa_parameters(key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.generate_dsa_private_key(parameters)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _dsa_cdata_set_values(self, dsa_cdata, p, q, g, pub_key, priv_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DSA_set0_pqg(dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DSA_set0_key(dsa_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa._check_dsa_private_numbers(numbers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = numbers.public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._int_to_bn(numbers.public_numbers.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- priv_key = self._int_to_bn(numbers.x)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata_set_values(dsa_cdata, p, q, g, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._dsa_cdata_to_evp_pkey(dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAPrivateKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa._check_dsa_parameters(numbers.parameter_numbers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(numbers.parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(numbers.parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(numbers.parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._int_to_bn(numbers.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- priv_key = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata_set_values(dsa_cdata, p, q, g, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._dsa_cdata_to_evp_pkey(dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAPublicKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dsa_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa._check_dsa_parameters(numbers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(numbers.g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DSA_set0_pqg(dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAParameters(self, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _dsa_cdata_to_evp_pkey(self, dsa_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_set1_DSA(evp_pkey, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dsa_hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.hash_supported(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dsa_parameters_supported(self, p, q, g):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def cmac_algorithm_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.cipher_supported(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm, CBC(b"\x00" * algorithm.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_cmac_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CMACContext(self, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_csr(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Algorithm must be a registered hash algorithm.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(algorithm, hashes.MD5) and not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(private_key, rsa.RSAPrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "MD5 is not a supported hash algorithm for EC/DSA CSRs"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Resolve the signature algorithm.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Create an empty request.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req = self._lib.X509_REQ_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(x509_req != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set x509 version.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REQ_set_version(x509_req, x509.Version.v1.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set subject name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REQ_set_subject_name(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req, _encode_name_gc(self, builder._subject_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set subject public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_key = private_key.public_key()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REQ_set_pubkey(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req, public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Add extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk_extension = self._lib.sk_X509_EXTENSION_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(sk_extension != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk_extension = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk_extension,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lambda x: self._lib.sk_X509_EXTENSION_pop_free(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x, self._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib._original_lib, "X509_EXTENSION_free"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Don't GC individual extensions because the memory is owned by
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # sk_extensions and will be freed along with it.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_obj=sk_extension,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func=self._lib.sk_X509_EXTENSION_insert,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gc=False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REQ_add_extensions(x509_req, sk_extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Sign the request using the requester's private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REQ_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req, private_key._evp_pkey, evp_md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_RSA,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Digest too big for RSA key")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CertificateSigningRequest(self, x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_certificate(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(builder, x509.CertificateBuilder):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Builder type mismatch.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Algorithm must be a registered hash algorithm.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(algorithm, hashes.MD5) and not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(private_key, rsa.RSAPrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "MD5 is not a supported hash algorithm for EC/DSA certificates"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Resolve the signature algorithm.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Create an empty certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_cert = self._lib.X509_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_cert = self._ffi.gc(x509_cert, backend._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the x509 version.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_set_version(x509_cert, builder._version.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the subject's name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_set_subject_name(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_cert, _encode_name_gc(self, builder._subject_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the subject's public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_set_pubkey(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_cert, builder._public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the certificate serial number.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serial_number = _encode_asn1_int_gc(self, builder._serial_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_set_serialNumber(x509_cert, serial_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the "not before" time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._set_asn1_time(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.X509_get_notBefore(x509_cert), builder._not_valid_before
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the "not after" time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._set_asn1_time(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.X509_get_notAfter(x509_cert), builder._not_valid_after
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Add extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_obj=x509_cert,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func=self._lib.X509_add_ext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gc=True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the issuer name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_set_issuer_name(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_cert, _encode_name_gc(self, builder._issuer_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Sign the certificate with the issuer's private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_cert, private_key._evp_pkey, evp_md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_RSA,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Digest too big for RSA key")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Certificate(self, x509_cert)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _set_asn1_time(self, asn1_time, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if time.year >= 2050:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_str = time.strftime('%Y%m%d%H%M%SZ').encode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_str = time.strftime('%y%m%d%H%M%SZ').encode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.ASN1_TIME_set_string(asn1_time, asn1_str)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_asn1_time(self, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._lib.ASN1_TIME_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(asn1_time != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._ffi.gc(asn1_time, self._lib.ASN1_TIME_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._set_asn1_time(asn1_time, time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return asn1_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_crl(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(builder, x509.CertificateRevocationListBuilder):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Builder type mismatch.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Algorithm must be a registered hash algorithm.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(algorithm, hashes.MD5) and not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(private_key, rsa.RSAPrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "MD5 is not a supported hash algorithm for EC/DSA CRLs"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Create an empty CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl = self._lib.X509_CRL_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl = self._ffi.gc(x509_crl, backend._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the x509 CRL version. We only support v2 (integer value 1).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_CRL_set_version(x509_crl, 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the issuer name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_CRL_set_issuer_name(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl, _encode_name_gc(self, builder._issuer_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the last update time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- last_update = self._create_asn1_time(builder._last_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_CRL_set_lastUpdate(x509_crl, last_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set the next update time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update = self._create_asn1_time(builder._next_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_CRL_set_nextUpdate(x509_crl, next_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Add extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_CRL_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_obj=x509_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func=self._lib.X509_CRL_add_ext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gc=True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # add revoked certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for revoked_cert in builder._revoked_certificates:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Duplicating because the X509_CRL takes ownership and will free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # this memory when X509_CRL_free is called.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked = self._lib.Cryptography_X509_REVOKED_dup(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked_cert._x509_revoked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(revoked != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_CRL_add0_revoked(x509_crl, revoked)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_CRL_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl, private_key._evp_pkey, evp_md
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_RSA,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Digest too big for RSA key")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CertificateRevocationList(self, x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_x509_extensions(self, extensions, handlers, x509_obj,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func, gc):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i, extension in enumerate(extensions):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_extension = self._create_x509_extension(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers, extension
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(x509_extension != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if gc:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_extension = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_extension, self._lib.X509_EXTENSION_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = add_func(x509_obj, x509_extension, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_raw_x509_extension(self, extension, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = _txt2obj_gc(self, extension.oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._lib.X509_EXTENSION_create_by_OBJ(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL, obj, 1 if extension.critical else 0, value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_x509_extension(self, handlers, extension):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(extension.value, x509.UnrecognizedExtension):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = _encode_asn1_str_gc(self, extension.value.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._create_raw_x509_extension(extension, value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(extension.value, x509.TLSFeature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1 = _Integers([x.value for x in extension.value]).dump()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = _encode_asn1_str_gc(self, asn1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._create_raw_x509_extension(extension, value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(extension.value, x509.PrecertPoison):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1 = asn1crypto.core.Null().dump()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = _encode_asn1_str_gc(self, asn1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._create_raw_x509_extension(extension, value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encode = handlers[extension.oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'Extension not supported: {}'.format(extension.oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_struct = encode(self, extension.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nid = self._lib.OBJ_txt2nid(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension.oid.dotted_string.encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(nid != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._lib.X509V3_EXT_i2d(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nid, 1 if extension.critical else 0, ext_struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_x509_revoked_certificate(self, builder):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(builder, x509.RevokedCertificateBuilder):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Builder type mismatch.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_revoked = self._lib.X509_REVOKED_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(x509_revoked != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_revoked = self._ffi.gc(x509_revoked, self._lib.X509_REVOKED_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serial_number = _encode_asn1_int_gc(self, builder._serial_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REVOKED_set_serialNumber(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_revoked, serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rev_date = self._create_asn1_time(builder._revocation_date)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.X509_REVOKED_set_revocationDate(x509_revoked, rev_date)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # add CRL entry extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_CRL_ENTRY_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_obj=x509_revoked,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func=self._lib.X509_REVOKED_add_ext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gc=True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RevokedCertificate(self, None, x509_revoked)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._load_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.PEM_read_bio_PrivateKey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey_to_private_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.PEM_read_bio_PUBKEY(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_pkey != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._evp_pkey_to_public_key(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # It's not a (RSA/DSA/ECDSA) subjectPublicKeyInfo, but we still
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # need to check to see if it is a pure PKCS1 RSA public key (not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # embedded in a subjectPublicKeyInfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.BIO_reset(mem_bio.bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.PEM_read_bio_RSAPublicKey(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rsa_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # only DH is supported currently
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.PEM_read_bio_DHparams(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dh_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # OpenSSL has a function called d2i_AutoPrivateKey that in theory
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # handles this automatically, however it doesn't handle encrypted
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # private keys. Instead we try to load the key two different ways.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # First we'll try to load it as a traditional key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio_data = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = self._evp_pkey_from_der_traditional_key(bio_data, password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._evp_pkey_to_private_key(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Finally we try to load it with the method that handles encrypted
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # PKCS8 properly.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._load_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.d2i_PKCS8PrivateKey_bio,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey_to_private_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _evp_pkey_from_der_traditional_key(self, bio_data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = self._lib.d2i_PrivateKey_bio(bio_data.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if password is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Password was given but private key is not encrypted."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.d2i_PUBKEY_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_pkey != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._evp_pkey_to_public_key(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # It's not a (RSA/DSA/ECDSA) subjectPublicKeyInfo, but we still
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # need to check to see if it is a pure PKCS1 RSA public key (not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # embedded in a subjectPublicKeyInfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.BIO_reset(mem_bio.bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._lib.d2i_RSAPublicKey_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rsa_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.d2i_DHparams_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dh_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif self._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We check to see if the is dhx.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.BIO_reset(mem_bio.bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.Cryptography_d2i_DHxparams_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dh_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._lib.PEM_read_bio_X509(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509 == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Unable to load certificate. See https://cryptography.io/en/la"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "test/faq/#why-can-t-i-import-my-pem-file for more details."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._ffi.gc(x509, self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Certificate(self, x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._lib.d2i_X509_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509 == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unable to load certificate")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._ffi.gc(x509, self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Certificate(self, x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_x509_crl(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl = self._lib.PEM_read_bio_X509_CRL(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509_crl == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Unable to load CRL. See https://cryptography.io/en/la"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "test/faq/#why-can-t-i-import-my-pem-file for more details."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl = self._ffi.gc(x509_crl, self._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CertificateRevocationList(self, x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_x509_crl(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl = self._lib.d2i_X509_CRL_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509_crl == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unable to load CRL")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_crl = self._ffi.gc(x509_crl, self._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CertificateRevocationList(self, x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_pem_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req = self._lib.PEM_read_bio_X509_REQ(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509_req == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Unable to load request. See https://cryptography.io/en/la"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "test/faq/#why-can-t-i-import-my-pem-file for more details."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CertificateSigningRequest(self, x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req = self._lib.d2i_X509_REQ_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509_req == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unable to load request")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CertificateSigningRequest(self, x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _load_key(self, openssl_read_func, convert_func, data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- userdata = self._ffi.new("CRYPTOGRAPHY_PASSWORD_DATA *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if password is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("password", password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password_ptr = self._ffi.from_buffer(password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- userdata.password = password_ptr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- userdata.length = len(password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = openssl_read_func(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio.bio,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib._original_lib, "Cryptography_pem_password_cb"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- userdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_pkey == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if userdata.error != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(errors)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if userdata.error == -1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Password was not given but private key is encrypted"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert userdata.error == -2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Passwords longer than {} bytes are not supported "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "by this backend.".format(userdata.maxsize - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if password is not None and userdata.called == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Password was given but private key is not encrypted.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (password is not None and userdata.called == 1) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password is None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return convert_func(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _handle_key_loading_error(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not errors:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Could not deserialize key data.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EVP, self._lib.EVP_R_BAD_DECRYPT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ) or errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_PKCS12,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.PKCS12_R_PKCS12_CIPHERFINAL_ERROR
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Bad decrypt. Incorrect password?")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EVP, self._lib.EVP_R_UNKNOWN_PBE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ) or errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_PEM, self._lib.PEM_R_UNSUPPORTED_ENCRYPTION
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "PEM data is encrypted with an unsupported cipher",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif any(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- error._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for error in errors
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unsupported public key algorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert errors[0].lib in (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_PEM,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_ASN1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Could not deserialize key data.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def elliptic_curve_supported(self, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_nid = self._elliptic_curve_to_nid(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except UnsupportedAlgorithm:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_nid = self._lib.NID_undef
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = self._lib.EC_GROUP_new_by_curve_name(curve_nid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if group == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_nid == self._lib.NID_undef or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EC,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.EC_R_UNKNOWN_GROUP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(curve_nid != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.EC_GROUP_free(group)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def elliptic_curve_signature_algorithm_supported(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self, signature_algorithm, curve
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We only support ECDSA right now.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(signature_algorithm, ec.ECDSA):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.elliptic_curve_supported(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_elliptic_curve_private_key(self, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generate a new private key on the named curve.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.elliptic_curve_supported(curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_new_by_curve(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_KEY_generate_key(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not support {}.".format(curve.name),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_elliptic_curve_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public = numbers.public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_new_by_curve(public.curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private_value = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._int_to_bn(numbers.private_value), self._lib.BN_clear_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_KEY_set_private_key(ec_cdata, private_value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_set_public_key_affine_coordinates(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata, public.x, public.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_elliptic_curve_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_new_by_curve(numbers.curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_set_public_key_affine_coordinates(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata, numbers.x, numbers.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_elliptic_curve_public_bytes(self, curve, point_bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_new_by_curve(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = self._lib.EC_KEY_get0_group(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(group != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._lib.EC_POINT_new(group)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(point != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._ffi.gc(point, self._lib.EC_POINT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_POINT_oct2point(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group, point, point_bytes, len(point_bytes), bn_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid public bytes for the given curve")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_KEY_set_public_key(ec_cdata, point)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive_elliptic_curve_private_key(self, private_value, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._ec_key_new_by_curve(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_func, group = self._ec_key_determine_group_get_func(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._lib.EC_POINT_new(group)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(point != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._ffi.gc(point, self._lib.EC_POINT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = self._int_to_bn(private_value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = self._ffi.gc(value, self._lib.BN_clear_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_POINT_mul(group, point, value, self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL, bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_x = self._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_y = self._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = get_func(group, point, bn_x, bn_y, bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_KEY_set_public_key(ec_cdata, point)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private = self._int_to_bn(private_value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private = self._ffi.gc(private, self._lib.BN_clear_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_KEY_set_private_key(ec_cdata, private)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _ec_key_new_by_curve(self, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_nid = self._elliptic_curve_to_nid(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata = self._lib.EC_KEY_new_by_curve_name(curve_nid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ec_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_ocsp_request(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- request = self._lib.d2i_OCSP_REQUEST_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if request == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unable to load OCSP request")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- request = self._ffi.gc(request, self._lib.OCSP_REQUEST_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OCSPRequest(self, request)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_der_ocsp_response(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- response = self._lib.d2i_OCSP_RESPONSE_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if response == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unable to load OCSP response")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- response = self._ffi.gc(response, self._lib.OCSP_RESPONSE_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OCSPResponse(self, response)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_ocsp_request(self, builder):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ocsp_req = self._lib.OCSP_REQUEST_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ocsp_req != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ocsp_req = self._ffi.gc(ocsp_req, self._lib.OCSP_REQUEST_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert, issuer, algorithm = builder._request
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certid = self._lib.OCSP_cert_to_id(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md, cert._x509, issuer._x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(certid != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- onereq = self._lib.OCSP_request_add0_id(ocsp_req, certid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(onereq != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_obj=ocsp_req,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func=self._lib.OCSP_REQUEST_add_ext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gc=True,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OCSPRequest(self, ocsp_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _create_ocsp_basic_response(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic = self._lib.OCSP_BASICRESP_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(basic != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic = self._ffi.gc(basic, self._lib.OCSP_BASICRESP_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder._response._algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certid = self._lib.OCSP_cert_to_id(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md, builder._response._cert._x509,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder._response._issuer._x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(certid != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certid = self._ffi.gc(certid, self._lib.OCSP_CERTID_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if builder._response._revocation_reason is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason = -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason = _CRL_ENTRY_REASON_ENUM_TO_CODE[
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder._response._revocation_reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if builder._response._revocation_time is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rev_time = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rev_time = self._create_asn1_time(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder._response._revocation_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if builder._response._next_update is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update = self._create_asn1_time(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder._response._next_update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- this_update = self._create_asn1_time(builder._response._this_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.OCSP_basic_add1_status(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certid,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder._response._cert_status.value,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rev_time,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- this_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # okay, now sign the basic structure
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- responder_cert, responder_encoding = builder._responder_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- flags = self._lib.OCSP_NOCERTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if responder_encoding is ocsp.OCSPResponderEncoding.HASH:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- flags |= self._lib.OCSP_RESPID_KEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if builder._certs is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for cert in builder._certs:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.OCSP_basic_add1_cert(basic, cert._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_OCSP_BASICRESP_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_obj=basic,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- add_func=self._lib.OCSP_BASICRESP_add_ext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gc=True,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.OCSP_basic_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic, responder_cert._x509, private_key._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md, self._ffi.NULL, flags
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_X509,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.X509_R_KEY_VALUES_MISMATCH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("responder_cert must be signed by private_key")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return basic
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_ocsp_response(self, response_status, builder, private_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if response_status is ocsp.OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic = self._create_ocsp_basic_response(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- builder, private_key, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ocsp_resp = self._lib.OCSP_response_create(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- response_status.value, basic
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ocsp_resp != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ocsp_resp = self._ffi.gc(ocsp_resp, self._lib.OCSP_RESPONSE_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OCSPResponse(self, ocsp_resp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.elliptic_curve_supported(curve) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(algorithm, ec.ECDH)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _ec_cdata_to_evp_pkey(self, ec_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_set1_EC_KEY(evp_pkey, ec_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _elliptic_curve_to_nid(self, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Get the NID for a curve name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_aliases = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp192r1": "prime192v1",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp256r1": "prime256v1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_name = curve_aliases.get(curve.name, curve.name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_nid = self._lib.OBJ_sn2nid(curve_name.encode())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if curve_nid == self._lib.NID_undef:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not a supported elliptic curve".format(curve.name),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return curve_nid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @contextmanager
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _tmp_bn_ctx(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_ctx = self._lib.BN_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(bn_ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_ctx = self._ffi.gc(bn_ctx, self._lib.BN_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.BN_CTX_start(bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield bn_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.BN_CTX_end(bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _ec_key_determine_group_get_func(self, ctx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Given an EC_KEY determine the group and what function is required to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get point coordinates.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nid_two_field = self._lib.OBJ_sn2nid(b"characteristic-two-field")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(nid_two_field != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = self._lib.EC_KEY_get0_group(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(group != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- method = self._lib.EC_GROUP_method_of(group)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(method != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nid = self._lib.EC_METHOD_get_field_type(method)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(nid != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if nid == nid_two_field and self._lib.Cryptography_HAS_EC2M:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_func = self._lib.EC_POINT_get_affine_coordinates_GF2m
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_func = self._lib.EC_POINT_get_affine_coordinates_GFp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert get_func
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return get_func, group
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _ec_key_set_public_key_affine_coordinates(self, ctx, x, y):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the public key point in the EC_KEY context to the affine x and y
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- values.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x < 0 or y < 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Invalid EC key. Both x and y must be non-negative."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x = self._ffi.gc(self._int_to_bn(x), self._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y = self._ffi.gc(self._int_to_bn(y), self._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EC_KEY_set_public_key_affine_coordinates(ctx, x, y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid EC key.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _private_key_bytes(self, encoding, format, encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey, cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(format, serialization.PrivateFormat):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be an item from the PrivateFormat enum"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # X9.62 encoding is only valid for EC public keys
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.X962:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("X9.62 format is only valid for EC public keys")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Raw format and encoding are only valid for X25519, Ed25519, X448, and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Ed448 keys. We capture those cases before this method is called so if
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we see those enum values here it means the caller has passed them to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # a key that doesn't support raw type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PrivateFormat.Raw:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("raw format is invalid with this key or encoding")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.Raw:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("raw encoding is invalid with this key or format")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.KeySerializationEncryption):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Encryption algorithm must be a KeySerializationEncryption "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "instance"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(encryption_algorithm, serialization.NoEncryption):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- passlen = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.BestAvailableEncryption):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is a curated value that we will update over time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher = self._lib.EVP_get_cipherbyname(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b"aes-256-cbc"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password = encryption_algorithm.password
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- passlen = len(password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if passlen > 1023:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Passwords longer than 1023 bytes are not supported by "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "this backend"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unsupported encryption type")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_type = self._lib.EVP_PKEY_id(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PrivateFormat.PKCS8:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_PKCS8PrivateKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert format is serialization.PrivateFormat.TraditionalOpenSSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_RSAPrivateKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == self._lib.EVP_PKEY_DSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_DSAPrivateKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert key_type == self._lib.EVP_PKEY_EC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_ECPrivateKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PrivateFormat.TraditionalOpenSSL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryption_algorithm, serialization.NoEncryption
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Encryption is not supported for DER encoded "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "traditional OpenSSL keys"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._private_key_bytes_traditional_der(key_type, cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert format is serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_PKCS8PrivateKey_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("encoding must be Encoding.PEM or Encoding.DER")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = write_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- password,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- passlen,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _private_key_bytes_traditional_der(self, key_type, cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_RSAPrivateKey_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == self._lib.EVP_PKEY_EC:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_ECPrivateKey_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(key_type == self._lib.EVP_PKEY_DSA)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_DSAPrivateKey_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = write_bio(bio, cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _public_key_bytes(self, encoding, format, key, evp_pkey, cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(encoding, serialization.Encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Compressed/UncompressedPoint are only valid for EC keys and those
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # cases are handled by the ECPublicKey public_bytes method before this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # method is called
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format in (serialization.PublicFormat.UncompressedPoint,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.CompressedPoint):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Point formats are not valid for this key type")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Raw format and encoding are only valid for X25519, Ed25519, X448, and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Ed448 keys. We capture those cases before this method is called so if
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we see those enum values here it means the caller has passed them to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # a key that doesn't support raw type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PublicFormat.Raw:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("raw format is invalid with this key or encoding")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.Raw:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("raw encoding is invalid with this key or format")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.OpenSSH or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.OpenSSH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.OpenSSH or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.OpenSSH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OpenSSH format must be used with OpenSSH encoding"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._openssh_public_key_bytes(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif format is serialization.PublicFormat.SubjectPublicKeyInfo:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_PUBKEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert encoding is serialization.Encoding.DER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_PUBKEY_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif format is serialization.PublicFormat.PKCS1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Only RSA is supported here.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert self._lib.EVP_PKEY_id(evp_pkey) == self._lib.EVP_PKEY_RSA
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_RSAPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert encoding is serialization.Encoding.DER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_RSAPublicKey_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be an item from the PublicFormat enum"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = write_bio(bio, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _openssh_public_key_bytes(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(key, rsa.RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = key.public_numbers()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"ssh-rsa " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(b"ssh-rsa") +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_mpint(public_numbers.e) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_mpint(public_numbers.n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(key, dsa.DSAPublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = key.public_numbers()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"ssh-dss " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(b"ssh-dss") +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_mpint(parameter_numbers.p) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_mpint(parameter_numbers.q) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_mpint(parameter_numbers.g) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_mpint(public_numbers.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(key, ed25519.Ed25519PublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raw_bytes = key.public_bytes(serialization.Encoding.Raw,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.Raw)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"ssh-ed25519 " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(b"ssh-ed25519") +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(raw_bytes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(key, ec.EllipticCurvePublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = key.public_numbers()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_name = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec.SECP256R1: b"nistp256",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec.SECP384R1: b"nistp384",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec.SECP521R1: b"nistp521",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }[type(public_numbers.curve)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Only SECP256R1, SECP384R1, and SECP521R1 curves are "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "supported by the SSH public key format"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = key.public_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.Encoding.X962,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"ecdsa-sha2-" + curve_name + b" " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(b"ecdsa-sha2-" + curve_name) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(curve_name) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ssh._ssh_write_string(point)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OpenSSH encoding is not supported for this key type"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _parameter_bytes(self, encoding, format, cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.OpenSSH:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OpenSSH encoding is not supported"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Only DH is supported here currently.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.DH_get0_pqg(cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_DHxparams
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.PEM_write_bio_DHparams
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.Cryptography_i2d_DHxparams_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- write_bio = self._lib.i2d_DHparams_bio
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = write_bio(bio, cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dh_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_size < 512:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("DH key_size must be at least 512 bits")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if generator not in (2, 5):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("DH generator must be 2 or 5")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_param_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_param_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_param_cdata = self._ffi.gc(dh_param_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_generate_parameters_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_param_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generator,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHParameters(self, dh_param_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _dh_cdata_to_evp_pkey(self, dh_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_set1_DH(evp_pkey, dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dh_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_key_cdata = _dh_params_dup(parameters._dh_cdata, self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_generate_key(dh_key_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._dh_cdata_to_evp_pkey(dh_key_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHPrivateKey(self, dh_key_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_dh_private_key_and_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.generate_dh_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.generate_dh_parameters(generator, key_size))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dh_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = numbers.public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if parameter_numbers.q is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._int_to_bn(numbers.public_numbers.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- priv_key = self._int_to_bn(numbers.x)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_set0_key(dh_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes = self._ffi.new("int[]", 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.Cryptography_DH_check(dh_cdata, codes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # DH_check will return DH_NOT_SUITABLE_GENERATOR if p % 24 does not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # equal 11 when the generator is 2 (a quadratic nonresidue).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We want to ignore that error because p % 24 == 23 is also fine.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Specifically, g is then a quadratic residue. Within the context of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Diffie-Hellman this means it can only generate half the possible
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # values. That sounds bad, but quadratic nonresidues leak a bit of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # the key to the attacker in exchange for having the full key space
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # available. See: https://crypto.stackexchange.com/questions/12961
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if codes[0] != 0 and not (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers.g == 2 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes[0] ^ self._lib.DH_NOT_SUITABLE_GENERATOR == 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DH private numbers did not pass safety checks."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._dh_cdata_to_evp_pkey(dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHPrivateKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dh_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if parameter_numbers.q is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._int_to_bn(numbers.y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_set0_key(dh_cdata, pub_key, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._dh_cdata_to_evp_pkey(dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHPublicKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_dh_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(numbers.p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(numbers.g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if numbers.q is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(numbers.q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dh_parameters_supported(self, p, g, q=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._int_to_bn(p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._int_to_bn(g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._int_to_bn(q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes = self._ffi.new("int[]", 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.Cryptography_DH_check(dh_cdata, codes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return codes[0] == 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def dh_x942_serialization_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._lib.Cryptography_HAS_EVP_PKEY_DHX == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x509_name_bytes(self, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_name = _encode_name_gc(self, name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.i2d_X509_NAME(x509_name, pp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(pp[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp, lambda pointer: self._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x25519_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 we can
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # switch this to EVP_PKEY_new_raw_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != 32:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An X25519 public key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_set_type(evp_pkey, self._lib.NID_X25519)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_set1_tls_encodedpoint(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey, data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x25519_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 we can
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # switch this to EVP_PKEY_new_raw_private_key and drop the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # zeroed_bytearray garbage.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # OpenSSL only has facilities for loading PKCS8 formatted private
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # keys using the algorithm identifiers specified in
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # https://tools.ietf.org/html/draft-ietf-curdle-pkix-09.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is the standard PKCS8 prefix for a 32 byte X25519 key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The form is:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 0:d=0 hl=2 l= 46 cons: SEQUENCE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 2:d=1 hl=2 l= 1 prim: INTEGER :00
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 5:d=1 hl=2 l= 5 cons: SEQUENCE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 7:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.110
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 12:d=1 hl=2 l= 34 prim: OCTET STRING (the key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Of course there's a bit more complexity. In reality OCTET STRING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # contains an OCTET STRING of length 32! So the last two bytes here
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # are \x04\x20, which is an OCTET STRING of length 32.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != 32:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An X25519 private key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkcs8_prefix = b'0.\x02\x01\x000\x05\x06\x03+en\x04"\x04 '
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._zeroed_bytearray(48) as ba:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ba[0:16] = pkcs8_prefix
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ba[16:] = data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._bytes_to_bio(ba)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = backend._lib.d2i_PrivateKey_bio(bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.EVP_PKEY_id(evp_pkey) == self._lib.EVP_PKEY_X25519
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _evp_pkey_keygen_gc(self, nid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey_ctx = self._lib.EVP_PKEY_CTX_new_id(nid, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey_ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey_ctx = self._ffi.gc(evp_pkey_ctx, self._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_keygen_init(evp_pkey_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_ppkey = self._ffi.new("EVP_PKEY **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PKEY_keygen(evp_pkey_ctx, evp_ppkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_ppkey[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_ppkey[0], self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x25519_generate_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_X25519)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x25519_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._lib.CRYPTOGRAPHY_OPENSSL_110_OR_GREATER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x448_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != 56:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An X448 public key is 56 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.NID_X448, self._ffi.NULL, data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x448_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != 56:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An X448 private key is 56 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.NID_X448, self._ffi.NULL, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x448_generate_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_X448)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def x448_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed25519_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed25519_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != ed25519._ED25519_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An Ed25519 public key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.NID_ED25519, self._ffi.NULL, data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed25519_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != ed25519._ED25519_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An Ed25519 private key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.NID_ED25519, self._ffi.NULL, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed25519_generate_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_ED25519)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed448_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed448_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != _ED448_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An Ed448 public key is 57 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.NID_ED448, self._ffi.NULL, data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed448_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != _ED448_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("An Ed448 private key is 57 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.NID_ED448, self._ffi.NULL, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def ed448_generate_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_ED448)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Ed448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive_scrypt(self, key_material, salt, length, n, r, p):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._ffi.new("unsigned char[]", length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material_ptr = self._ffi.from_buffer(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.EVP_PBE_scrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material_ptr, len(key_material), salt, len(salt), n, r, p,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- scrypt._MEM_LIMIT, buf, length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This error is only added to the stack in 1.1.1+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_R_MALLOC_FAILURE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.EVP_R_MEMORY_LIMIT_EXCEEDED
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # memory required formula explained here:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # https://blog.filippo.io/the-scrypt-parameters/
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- min_memory = 128 * n * r // (1024**2)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise MemoryError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Not enough memory to derive key. These parameters require"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " {} MB of memory.".format(min_memory)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def aead_cipher_supported(self, cipher):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_name = aead._aead_cipher_name(cipher)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib.EVP_get_cipherbyname(cipher_name) != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @contextlib.contextmanager
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _zeroed_bytearray(self, length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- This method creates a bytearray, which we copy data into (hopefully
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- also from a mutable buffer that can be dynamically erased!), and then
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- zero when we're done.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ba = bytearray(length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield ba
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._zero_data(ba, length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _zero_data(self, data, length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We clear things this way because at the moment we're not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # sure of a better way that can guarantee it overwrites the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # memory of a bytearray and doesn't just replace the underlying char *.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data[i] = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @contextlib.contextmanager
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _zeroed_null_terminated_buf(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- This method takes bytes, which can be a bytestring or a mutable
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer like a bytearray, and yields a null-terminated version of that
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data. This is required because PKCS12_parse doesn't take a length with
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- its password char * and ffi.from_buffer doesn't provide null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- termination. So, to support zeroing the data via bytearray we
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- need to build this ridiculous construct that copies the memory, but
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- zeroes it after use.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_len = len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._ffi.new("char[]", data_len + 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ffi.memmove(buf, data, data_len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield buf
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Cast to a uint8_t * so we can assign by integer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._zero_data(self._ffi.cast("uint8_t *", buf), data_len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def load_key_and_certificates_from_pkcs12(self, data, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if password is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("password", password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p12 = self._lib.d2i_PKCS12_bio(bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if p12 == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Could not deserialize PKCS12 data")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p12 = self._ffi.gc(p12, self._lib.PKCS12_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey_ptr = self._ffi.new("EVP_PKEY **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_ptr = self._ffi.new("X509 **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk_x509_ptr = self._ffi.new("Cryptography_STACK_OF_X509 **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._zeroed_null_terminated_buf(password) as password_buf:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._lib.PKCS12_parse(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p12, password_buf, evp_pkey_ptr, x509_ptr, sk_x509_ptr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid password or PKCS12 data")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- additional_certificates = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_pkey_ptr[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._ffi.gc(evp_pkey_ptr[0], self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = self._evp_pkey_to_private_key(evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509_ptr[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._ffi.gc(x509_ptr[0], self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert = _Certificate(self, x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if sk_x509_ptr[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk_x509 = self._ffi.gc(sk_x509_ptr[0], self._lib.sk_X509_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = self._lib.sk_X509_num(sk_x509_ptr[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._lib.sk_X509_value(sk_x509, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._ffi.gc(x509, self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.openssl_assert(x509 != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- additional_certificates.append(_Certificate(self, x509))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (key, cert, additional_certificates)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def poly1305_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._lib.Cryptography_HAS_POLY1305 == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def create_poly1305_ctx(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) != _POLY1305_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A poly1305 key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _Poly1305Context(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class GetCipherByName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, fmt):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._fmt = fmt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __call__(self, backend, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_name = self._fmt.format(cipher=cipher, mode=mode).lower()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._lib.EVP_get_cipherbyname(cipher_name.encode("ascii"))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _get_xts_cipher(backend, cipher, mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher_name = "aes-{}-xts".format(cipher.key_size // 2)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._lib.EVP_get_cipherbyname(cipher_name.encode("ascii"))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-backend = Backend()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ciphers.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ciphers.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ciphers.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,229 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import InvalidTag, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import ciphers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers import modes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ciphers.CipherContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ciphers.AEADCipherContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ciphers.AEADEncryptionContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ciphers.AEADDecryptionContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _CipherContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _ENCRYPT = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _DECRYPT = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, cipher, mode, operation):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cipher = cipher
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._mode = mode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._operation = operation
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(self._cipher, ciphers.BlockCipherAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._block_size_bytes = self._cipher.block_size // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._block_size_bytes = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._lib.EVP_CIPHER_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._backend._lib.EVP_CIPHER_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- registry = self._backend._cipher_registry
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- adapter = registry[type(cipher), type(mode)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "cipher {} in {} mode is not supported "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "by this backend.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cipher.name, mode.name if mode else mode),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher = adapter(self._backend, cipher, mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_cipher == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- msg = "cipher {0.name} ".format(cipher)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if mode is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- msg += "in {0.name} mode ".format(mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- msg += (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "is not supported by this backend (Your version of OpenSSL "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "may be too old. Current version: {}.)"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).format(self._backend.openssl_version_text())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(msg, _Reasons.UNSUPPORTED_CIPHER)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(mode, modes.ModeWithInitializationVector):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv_nonce = self._backend._ffi.from_buffer(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode.initialization_vector
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(mode, modes.ModeWithTweak):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv_nonce = self._backend._ffi.from_buffer(mode.tweak)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(mode, modes.ModeWithNonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv_nonce = self._backend._ffi.from_buffer(mode.nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(cipher, modes.ModeWithNonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv_nonce = self._backend._ffi.from_buffer(cipher.nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv_nonce = self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # begin init with cipher and operation type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CipherInit_ex(ctx, evp_cipher,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- operation)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # set the key length to handle variable key ciphers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CIPHER_CTX_set_key_length(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, len(cipher.key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(mode, modes.GCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._backend._lib.EVP_CTRL_AEAD_SET_IVLEN,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(iv_nonce), self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if mode.tag is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(mode.tag), mode.tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = mode.tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._operation == self._DECRYPT and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not self._backend._lib.CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "delayed passing of GCM tag requires OpenSSL >= 1.0.2."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " To use this feature please update OpenSSL"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # pass key/iv
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CipherInit_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.from_buffer(cipher.key),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iv_nonce,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- operation
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We purposely disable padding here as it's handled higher up in the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # API.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.EVP_CIPHER_CTX_set_padding(ctx, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = bytearray(len(data) + self._block_size_bytes - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self.update_into(data, buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return bytes(buf[:n])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(buf) < (len(data) + self._block_size_bytes - 1):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "buffer must be at least {} bytes for this "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "payload".format(len(data) + self._block_size_bytes - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.cast(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "unsigned char *", self._backend._ffi.from_buffer(buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, buf, outlen,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.from_buffer(data), len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return outlen[0]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # OpenSSL 1.0.1 on Ubuntu 12.04 (and possibly other distributions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # appears to have a bug where you must make at least one call to update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # even if you are only using authenticate_additional_data or the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # GCM tag will be wrong. An (empty) call to update resolves this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # and is harmless for all other versions of OpenSSL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(self._mode, modes.GCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.update(b"")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._operation == self._DECRYPT and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(self._mode, modes.ModeWithAuthenticationTag) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.tag is None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Authentication tag must be provided when decrypting."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]", self._block_size_bytes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CipherFinal_ex(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not errors and isinstance(self._mode, modes.GCM):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The length of the provided data is not a multiple of "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "the block length."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (isinstance(self._mode, modes.GCM) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._operation == self._ENCRYPT):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tag_buf = self._backend._ffi.new(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "unsigned char[]", self._block_size_bytes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, self._backend._lib.EVP_CTRL_AEAD_GET_TAG,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._block_size_bytes, tag_buf
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = self._backend._ffi.buffer(tag_buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CIPHER_CTX_cleanup(self._ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize_with_tag(self, tag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not self._backend._lib.CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "finalize_with_tag requires OpenSSL >= 1.0.2. To use this "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "method please update OpenSSL"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(tag) < self._mode._min_tag_length:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Authentication tag must be {} bytes or longer.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._mode._min_tag_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(tag), tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def authenticate_additional_data(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, self._backend._ffi.NULL, outlen,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.from_buffer(data), len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tag = utils.read_only_property("_tag")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/cmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/cmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/cmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,81 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.modes import CBC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _CMACContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, algorithm, ctx=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.cmac_algorithm_supported(algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm("This backend does not support CMAC.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_CIPHER)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = algorithm.key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._output_length = algorithm.block_size // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- registry = self._backend._cipher_registry
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- adapter = registry[type(algorithm), CBC]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher = adapter(self._backend, algorithm, CBC)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._lib.CMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._ffi.gc(ctx, self._backend._lib.CMAC_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_ptr = self._backend._ffi.from_buffer(self._key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.CMAC_Init(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, key_ptr, len(self._key),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_cipher, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.CMAC_Update(self._ctx, data, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]", self._output_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- length = self._backend._ffi.new("size_t *", self._output_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.CMAC_Final(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, buf, length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx = self._backend._lib.CMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx, self._backend._lib.CMAC_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.CMAC_CTX_copy(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx, self._ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CMACContext(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._algorithm, ctx=copied_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(digest, signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidSignature("Signature did not match digest.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/decode_asn1.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/decode_asn1.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/decode_asn1.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,899 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import datetime
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import ipaddress
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import asn1crypto.core
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.extensions import _TLS_FEATURE_TYPE_TO_ENUM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.name import _ASN1_TYPE_TO_ENUM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID, CertificatePoliciesOID, ExtensionOID,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPExtensionOID,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Integers(asn1crypto.core.SequenceOf):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _child_spec = asn1crypto.core.Integer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _obj2txt(backend, obj):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Set to 80 on the recommendation of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # But OIDs longer than this occur in real life (e.g. Active
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Directory makes some very long OIDs). So we need to detect
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # and properly handle the case where the default buffer is not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # big enough.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf_len = 80
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("char[]", buf_len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 'res' is the number of bytes that *would* be written if the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # buffer is large enough. If 'res' > buf_len - 1, we need to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # alloc a big-enough buffer and go again.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.OBJ_obj2txt(buf, buf_len, obj, 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res > buf_len - 1: # account for terminating null byte
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf_len = res + 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("char[]", buf_len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.OBJ_obj2txt(buf, buf_len, obj, 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf, res)[:].decode()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_x509_name_entry(backend, x509_name_entry):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = backend._lib.X509_NAME_ENTRY_get_object(x509_name_entry)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = backend._lib.X509_NAME_ENTRY_get_data(x509_name_entry)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(data != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = _asn1_string_to_utf8(backend, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(backend, obj)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- type = _ASN1_TYPE_TO_ENUM[data.type]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.NameAttribute(x509.ObjectIdentifier(oid), value, type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_x509_name(backend, x509_name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- count = backend._lib.X509_NAME_entry_count(x509_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- prev_set_id = -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for x in range(count):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- entry = backend._lib.X509_NAME_get_entry(x509_name, x)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attribute = _decode_x509_name_entry(backend, entry)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- set_id = backend._lib.Cryptography_X509_NAME_ENTRY_set(entry)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if set_id != prev_set_id:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes.append(set([attribute]))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # is in the same RDN a previous entry
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes[-1].add(attribute)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- prev_set_id = set_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.Name(x509.RelativeDistinguishedName(rdn) for rdn in attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_general_names(backend, gns):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_GENERAL_NAME_num(gns)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- names = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn = backend._lib.sk_GENERAL_NAME_value(gns, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- names.append(_decode_general_name(backend, gn))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_general_name(backend, gn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if gn.type == backend._lib.GEN_DNS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Convert to bytes and then decode to utf8. We don't use
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # asn1_string_to_utf8 here because it doesn't properly convert
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # utf8 from ia5strings.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = _asn1_string_to_bytes(backend, gn.d.dNSName).decode("utf8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We don't use the constructor for DNSName so we can bypass validation
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This allows us to create DNSName objects that have unicode chars
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # when a certificate (against the RFC) contains them.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.DNSName._init_without_validation(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif gn.type == backend._lib.GEN_URI:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Convert to bytes and then decode to utf8. We don't use
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # asn1_string_to_utf8 here because it doesn't properly convert
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # utf8 from ia5strings.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = _asn1_string_to_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, gn.d.uniformResourceIdentifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).decode("utf8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We don't use the constructor for URI so we can bypass validation
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This allows us to create URI objects that have unicode chars
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # when a certificate (against the RFC) contains them.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.UniformResourceIdentifier._init_without_validation(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif gn.type == backend._lib.GEN_RID:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(backend, gn.d.registeredID)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.RegisteredID(x509.ObjectIdentifier(oid))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif gn.type == backend._lib.GEN_IPADD:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = _asn1_string_to_bytes(backend, gn.d.iPAddress)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_len = len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if data_len == 8 or data_len == 32:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is an IPv4 or IPv6 Network and not a single IP. This
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # type of data appears in Name Constraints. Unfortunately,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ipaddress doesn't support packed bytes + netmask. Additionally,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # IPv6Network can only handle CIDR rather than the full 16 byte
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # netmask. To handle this we convert the netmask to integer, then
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # find the first 0 bit, which will be the prefix. If another 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # bit is present after that the netmask is invalid.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- base = ipaddress.ip_address(data[:data_len // 2])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- netmask = ipaddress.ip_address(data[data_len // 2:])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bits = bin(int(netmask))[2:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- prefix = bits.find('0')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # If no 0 bits are found it is a /32 or /128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if prefix == -1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- prefix = len(bits)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if "1" in bits[prefix:]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid netmask")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ip = ipaddress.ip_network(base.exploded + u"/{}".format(prefix))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ip = ipaddress.ip_address(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.IPAddress(ip)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif gn.type == backend._lib.GEN_DIRNAME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.DirectoryName(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _decode_x509_name(backend, gn.d.directoryName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif gn.type == backend._lib.GEN_EMAIL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Convert to bytes and then decode to utf8. We don't use
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # asn1_string_to_utf8 here because it doesn't properly convert
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # utf8 from ia5strings.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = _asn1_string_to_bytes(backend, gn.d.rfc822Name).decode("utf8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We don't use the constructor for RFC822Name so we can bypass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # validation. This allows us to create RFC822Name objects that have
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # unicode chars when a certificate (against the RFC) contains them.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.RFC822Name._init_without_validation(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif gn.type == backend._lib.GEN_OTHERNAME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- type_id = _obj2txt(backend, gn.d.otherName.type_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = _asn1_to_der(backend, gn.d.otherName.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.OtherName(x509.ObjectIdentifier(type_id), value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # x400Address or ediPartyName
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise x509.UnsupportedGeneralNameType(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not a supported type".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509._GENERAL_NAMES.get(gn.type, gn.type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_ocsp_no_check(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.OCSPNoCheck()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_crl_number(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._ffi.cast("ASN1_INTEGER *", ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.CRLNumber(_asn1_integer_to_int(backend, asn1_int))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_delta_crl_indicator(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._ffi.cast("ASN1_INTEGER *", ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.DeltaCRLIndicator(_asn1_integer_to_int(backend, asn1_int))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _X509ExtensionParser(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, ext_count, get_ext, handlers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.ext_count = ext_count
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.get_ext = get_ext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.handlers = handlers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parse(self, backend, x509_obj):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- seen_oids = set()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(self.ext_count(backend, x509_obj)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext = self.get_ext(backend, x509_obj, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(ext != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crit = backend._lib.X509_EXTENSION_get_critical(ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- critical = crit == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = x509.ObjectIdentifier(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _obj2txt(backend, backend._lib.X509_EXTENSION_get_object(ext))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if oid in seen_oids:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise x509.DuplicateExtension(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Duplicate {} extension found".format(oid), oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # These OIDs are only supported in OpenSSL 1.1.0+ but we want
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # to support them in all versions of OpenSSL so we decode them
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ourselves.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if oid == ExtensionOID.TLS_FEATURE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = backend._lib.X509_EXTENSION_get_data(ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed = _Integers.load(_asn1_string_to_bytes(backend, data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = x509.TLSFeature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- [_TLS_FEATURE_TYPE_TO_ENUM[x.native] for x in parsed]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions.append(x509.Extension(oid, critical, value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- seen_oids.add(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- continue
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif oid == ExtensionOID.PRECERT_POISON:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = backend._lib.X509_EXTENSION_get_data(ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed = asn1crypto.core.Null.load(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _asn1_string_to_bytes(backend, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert parsed == asn1crypto.core.Null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions.append(x509.Extension(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid, critical, x509.PrecertPoison()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- seen_oids.add(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- continue
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handler = self.handlers[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Dump the DER payload into an UnrecognizedExtension object
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = backend._lib.X509_EXTENSION_get_data(ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(data != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- der = backend._ffi.buffer(data.data, data.length)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unrecognized = x509.UnrecognizedExtension(oid, der)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions.append(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.Extension(oid, critical, unrecognized)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_data = backend._lib.X509V3_EXT_d2i(ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ext_data == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The {} extension is invalid and can't be "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "parsed".format(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = handler(backend, ext_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions.append(x509.Extension(oid, critical, value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- seen_oids.add(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.Extensions(extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_certificate_policies(backend, cp):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_POLICYINFO_num(cp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certificate_policies = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- qualifiers = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pi = backend._lib.sk_POLICYINFO_value(cp, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if pi.qualifiers != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- qualifiers = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for j in range(qnum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi = backend._lib.sk_POLICYQUALINFO_value(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pi.qualifiers, j
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqualid = x509.ObjectIdentifier(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _obj2txt(backend, pqi.pqualid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cpsuri = backend._ffi.buffer(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi.d.cpsuri.data, pqi.d.cpsuri.length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )[:].decode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- qualifiers.append(cpsuri)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- user_notice = _decode_user_notice(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, pqi.d.usernotice
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- qualifiers.append(user_notice)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certificate_policies.append(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.PolicyInformation(oid, qualifiers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.CertificatePolicies(certificate_policies)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_user_notice(backend, un):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- explicit_text = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_reference = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if un.exptext != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- explicit_text = _asn1_string_to_utf8(backend, un.exptext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if un.noticeref != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- organization = _asn1_string_to_utf8(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, un.noticeref.organization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_ASN1_INTEGER_num(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- un.noticeref.noticenos
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_numbers = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._lib.sk_ASN1_INTEGER_value(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- un.noticeref.noticenos, i
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_num = _asn1_integer_to_int(backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_numbers.append(notice_num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_reference = x509.NoticeReference(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- organization, notice_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.UserNotice(notice_reference, explicit_text)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_basic_constraints(backend, bc_st):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic_constraints = backend._ffi.cast("BASIC_CONSTRAINTS *", bc_st)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic_constraints = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic_constraints, backend._lib.BASIC_CONSTRAINTS_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The byte representation of an ASN.1 boolean true is \xff. OpenSSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # chooses to just map this to its ordinal value, so true is 255 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # false is 0.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ca = basic_constraints.ca == 255
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- path_length = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, basic_constraints.pathlen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.BasicConstraints(ca, path_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_subject_key_identifier(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_string = backend._ffi.cast("ASN1_OCTET_STRING *", asn1_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_string = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_string, backend._lib.ASN1_OCTET_STRING_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.SubjectKeyIdentifier(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.buffer(asn1_string.data, asn1_string.length)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_authority_key_identifier(backend, akid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid = backend._ffi.cast("AUTHORITY_KEYID *", akid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid = backend._ffi.gc(akid, backend._lib.AUTHORITY_KEYID_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_identifier = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_issuer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if akid.keyid != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_identifier = backend._ffi.buffer(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid.keyid.data, akid.keyid.length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if akid.issuer != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_issuer = _decode_general_names(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, akid.issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, akid.serial
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.AuthorityKeyIdentifier(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_identifier, authority_cert_issuer, authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_authority_information_access(backend, aia):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aia = backend._ffi.cast("Cryptography_STACK_OF_ACCESS_DESCRIPTION *", aia)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aia = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aia,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lambda x: backend._lib.sk_ACCESS_DESCRIPTION_pop_free(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x, backend._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib._original_lib, "ACCESS_DESCRIPTION_free"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_ACCESS_DESCRIPTION_num(aia)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- access_descriptions = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ad = backend._lib.sk_ACCESS_DESCRIPTION_value(aia, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(ad.method != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = x509.ObjectIdentifier(_obj2txt(backend, ad.method))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(ad.location != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn = _decode_general_name(backend, ad.location)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- access_descriptions.append(x509.AccessDescription(oid, gn))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.AuthorityInformationAccess(access_descriptions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_key_usage(backend, bit_string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bit_string = backend._ffi.cast("ASN1_BIT_STRING *", bit_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bit_string = backend._ffi.gc(bit_string, backend._lib.ASN1_BIT_STRING_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_bit = backend._lib.ASN1_BIT_STRING_get_bit
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digital_signature = get_bit(bit_string, 0) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- content_commitment = get_bit(bit_string, 1) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_encipherment = get_bit(bit_string, 2) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_encipherment = get_bit(bit_string, 3) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_agreement = get_bit(bit_string, 4) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_cert_sign = get_bit(bit_string, 5) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_sign = get_bit(bit_string, 6) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encipher_only = get_bit(bit_string, 7) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decipher_only = get_bit(bit_string, 8) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.KeyUsage(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digital_signature,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- content_commitment,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_encipherment,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_encipherment,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_agreement,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_cert_sign,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_sign,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encipher_only,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_general_names_extension(backend, gns):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gns = backend._ffi.cast("GENERAL_NAMES *", gns)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gns = backend._ffi.gc(gns, backend._lib.GENERAL_NAMES_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names = _decode_general_names(backend, gns)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_subject_alt_name(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.SubjectAlternativeName(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _decode_general_names_extension(backend, ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_issuer_alt_name(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.IssuerAlternativeName(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _decode_general_names_extension(backend, ext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_name_constraints(backend, nc):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nc = backend._ffi.cast("NAME_CONSTRAINTS *", nc)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nc = backend._ffi.gc(nc, backend._lib.NAME_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- permitted = _decode_general_subtrees(backend, nc.permittedSubtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- excluded = _decode_general_subtrees(backend, nc.excludedSubtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.NameConstraints(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- permitted_subtrees=permitted, excluded_subtrees=excluded
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_general_subtrees(backend, stack_subtrees):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if stack_subtrees == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_GENERAL_SUBTREE_num(stack_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subtrees = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = backend._lib.sk_GENERAL_SUBTREE_value(stack_subtrees, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = _decode_general_name(backend, obj.base)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subtrees.append(name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_issuing_dist_point(backend, idp):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp = backend._ffi.cast("ISSUING_DIST_POINT *", idp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp = backend._ffi.gc(idp, backend._lib.ISSUING_DIST_POINT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if idp.distpoint != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name, relative_name = _decode_distpoint(backend, idp.distpoint)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- relative_name = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_user = idp.onlyuser == 255
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_ca = idp.onlyCA == 255
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- indirect_crl = idp.indirectCRL == 255
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_attr = idp.onlyattr == 255
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if idp.onlysomereasons != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_some_reasons = _decode_reasons(backend, idp.onlysomereasons)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_some_reasons = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.IssuingDistributionPoint(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name, relative_name, only_user, only_ca, only_some_reasons,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- indirect_crl, only_attr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_policy_constraints(backend, pc):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pc = backend._ffi.cast("POLICY_CONSTRAINTS *", pc)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pc = backend._ffi.gc(pc, backend._lib.POLICY_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- require_explicit_policy = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, pc.requireExplicitPolicy
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- inhibit_policy_mapping = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, pc.inhibitPolicyMapping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.PolicyConstraints(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- require_explicit_policy, inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_extended_key_usage(backend, sk):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk = backend._ffi.cast("Cryptography_STACK_OF_ASN1_OBJECT *", sk)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk = backend._ffi.gc(sk, backend._lib.sk_ASN1_OBJECT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_ASN1_OBJECT_num(sk)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ekus = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = backend._lib.sk_ASN1_OBJECT_value(sk, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = x509.ObjectIdentifier(_obj2txt(backend, obj))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ekus.append(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.ExtendedKeyUsage(ekus)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_DISTPOINT_TYPE_FULLNAME = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_DISTPOINT_TYPE_RELATIVENAME = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_dist_points(backend, cdps):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdps = backend._ffi.cast("Cryptography_STACK_OF_DIST_POINT *", cdps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdps = backend._ffi.gc(cdps, backend._lib.CRL_DIST_POINTS_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._lib.sk_DIST_POINT_num(cdps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dist_points = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- relative_name = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_issuer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reasons = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdp = backend._lib.sk_DIST_POINT_value(cdps, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cdp.reasons != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reasons = _decode_reasons(backend, cdp.reasons)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cdp.CRLissuer != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_issuer = _decode_general_names(backend, cdp.CRLissuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Certificates may have a crl_issuer/reasons and no distribution
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # point so make sure it's not null.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cdp.distpoint != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name, relative_name = _decode_distpoint(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, cdp.distpoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dist_points.append(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.DistributionPoint(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name, relative_name, reasons, crl_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dist_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# ReasonFlags ::= BIT STRING {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# unused (0),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# keyCompromise (1),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# cACompromise (2),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# affiliationChanged (3),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# superseded (4),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# cessationOfOperation (5),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# certificateHold (6),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# privilegeWithdrawn (7),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# aACompromise (8) }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_REASON_BIT_MAPPING = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 1: x509.ReasonFlags.key_compromise,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 2: x509.ReasonFlags.ca_compromise,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 3: x509.ReasonFlags.affiliation_changed,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 4: x509.ReasonFlags.superseded,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 5: x509.ReasonFlags.cessation_of_operation,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 6: x509.ReasonFlags.certificate_hold,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 7: x509.ReasonFlags.privilege_withdrawn,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 8: x509.ReasonFlags.aa_compromise,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_reasons(backend, reasons):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We will check each bit from RFC 5280
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enum_reasons = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for bit_position, reason in six.iteritems(_REASON_BIT_MAPPING):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if backend._lib.ASN1_BIT_STRING_get_bit(reasons, bit_position):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enum_reasons.append(reason)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return frozenset(enum_reasons)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_distpoint(backend, distpoint):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if distpoint.type == _DISTPOINT_TYPE_FULLNAME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name = _decode_general_names(backend, distpoint.name.fullname)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return full_name, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # OpenSSL code doesn't test for a specific type for
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # relativename, everything that isn't fullname is considered
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # relativename. Per RFC 5280:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # DistributionPointName ::= CHOICE {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # fullName [0] GeneralNames,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rns = distpoint.name.relativename
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rnum = backend._lib.sk_X509_NAME_ENTRY_num(rns)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes = set()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(rnum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rn = backend._lib.sk_X509_NAME_ENTRY_value(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rns, i
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(rn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes.add(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _decode_x509_name_entry(backend, rn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- relative_name = x509.RelativeDistinguishedName(attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None, relative_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_crl_distribution_points(backend, cdps):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dist_points = _decode_dist_points(backend, cdps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.CRLDistributionPoints(dist_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_freshest_crl(backend, cdps):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dist_points = _decode_dist_points(backend, cdps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.FreshestCRL(dist_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_inhibit_any_policy(backend, asn1_int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._ffi.cast("ASN1_INTEGER *", asn1_int)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- skip_certs = _asn1_integer_to_int(backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.InhibitAnyPolicy(skip_certs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_precert_signed_certificate_timestamps(backend, asn1_scts):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.x509 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _SignedCertificateTimestamp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_scts = backend._ffi.cast("Cryptography_STACK_OF_SCT *", asn1_scts)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_scts = backend._ffi.gc(asn1_scts, backend._lib.SCT_LIST_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- scts = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(backend._lib.sk_SCT_num(asn1_scts)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sct = backend._lib.sk_SCT_value(asn1_scts, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- scts.append(_SignedCertificateTimestamp(backend, asn1_scts, sct))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.PrecertificateSignedCertificateTimestamps(scts)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# CRLReason ::= ENUMERATED {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# unspecified (0),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# keyCompromise (1),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# cACompromise (2),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# affiliationChanged (3),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# superseded (4),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# cessationOfOperation (5),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# certificateHold (6),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# -- value 7 is not used
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# removeFromCRL (8),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# privilegeWithdrawn (9),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# aACompromise (10) }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRL_ENTRY_REASON_CODE_TO_ENUM = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0: x509.ReasonFlags.unspecified,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 1: x509.ReasonFlags.key_compromise,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 2: x509.ReasonFlags.ca_compromise,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 3: x509.ReasonFlags.affiliation_changed,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 4: x509.ReasonFlags.superseded,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 5: x509.ReasonFlags.cessation_of_operation,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 6: x509.ReasonFlags.certificate_hold,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 8: x509.ReasonFlags.remove_from_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 9: x509.ReasonFlags.privilege_withdrawn,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 10: x509.ReasonFlags.aa_compromise,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRL_ENTRY_REASON_ENUM_TO_CODE = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.unspecified: 0,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.key_compromise: 1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.ca_compromise: 2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.affiliation_changed: 3,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.superseded: 4,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.cessation_of_operation: 5,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.certificate_hold: 6,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.remove_from_crl: 8,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.privilege_withdrawn: 9,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.aa_compromise: 10
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_crl_reason(backend, enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enum = backend._ffi.cast("ASN1_ENUMERATED *", enum)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enum = backend._ffi.gc(enum, backend._lib.ASN1_ENUMERATED_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- code = backend._lib.ASN1_ENUMERATED_get(enum)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.CRLReason(_CRL_ENTRY_REASON_CODE_TO_ENUM[code])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unsupported reason code: {}".format(code))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_invalidity_date(backend, inv_date):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generalized_time = backend._ffi.cast(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ASN1_GENERALIZEDTIME *", inv_date
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generalized_time = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generalized_time, backend._lib.ASN1_GENERALIZEDTIME_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.InvalidityDate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _parse_asn1_generalized_time(backend, generalized_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_cert_issuer(backend, gns):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gns = backend._ffi.cast("GENERAL_NAMES *", gns)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gns = backend._ffi.gc(gns, backend._lib.GENERAL_NAMES_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names = _decode_general_names(backend, gns)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.CertificateIssuer(general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _asn1_to_der(backend, asn1_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.i2d_ASN1_TYPE(asn1_type, buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(buf[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf, lambda buffer: backend._lib.OPENSSL_free(buffer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _asn1_integer_to_int(backend, asn1_int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn = backend._lib.ASN1_INTEGER_to_BN(asn1_int, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(bn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn = backend._ffi.gc(bn, backend._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._bn_to_int(bn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _asn1_integer_to_int_or_none(backend, asn1_int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if asn1_int == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_integer_to_int(backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _asn1_string_to_bytes(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(asn1_string.data, asn1_string.length)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _asn1_string_to_ascii(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(backend, asn1_string).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _asn1_string_to_utf8(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ASN1_STRING_to_UTF8(buf, asn1_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == -1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Unsupported ASN1 string type. Type: {}".format(asn1_string.type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(buf[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf, lambda buffer: backend._lib.OPENSSL_free(buffer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf[0], res)[:].decode('utf8')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _parse_asn1_time(backend, asn1_time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(asn1_time != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generalized_time = backend._lib.ASN1_TIME_to_generalizedtime(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time, backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if generalized_time == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Couldn't parse ASN.1 time as generalizedtime {!r}".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _asn1_string_to_bytes(backend, asn1_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generalized_time = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- generalized_time, backend._lib.ASN1_GENERALIZEDTIME_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_generalized_time(backend, generalized_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _parse_asn1_generalized_time(backend, generalized_time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time = _asn1_string_to_ascii(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, backend._ffi.cast("ASN1_STRING *", generalized_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return datetime.datetime.strptime(time, "%Y%m%d%H%M%SZ")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _decode_nonce(backend, nonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce = backend._ffi.cast("ASN1_OCTET_STRING *", nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce = backend._ffi.gc(nonce, backend._lib.ASN1_OCTET_STRING_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.OCSPNonce(_asn1_string_to_bytes(backend, nonce))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_EXTENSION_HANDLERS_NO_SCT = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.BASIC_CONSTRAINTS: _decode_basic_constraints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_KEY_IDENTIFIER: _decode_subject_key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.KEY_USAGE: _decode_key_usage,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_ALTERNATIVE_NAME: _decode_subject_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.EXTENDED_KEY_USAGE: _decode_extended_key_usage,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _decode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _decode_authority_information_access
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CERTIFICATE_POLICIES: _decode_certificate_policies,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CRL_DISTRIBUTION_POINTS: _decode_crl_distribution_points,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.FRESHEST_CRL: _decode_freshest_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.OCSP_NO_CHECK: _decode_ocsp_no_check,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.INHIBIT_ANY_POLICY: _decode_inhibit_any_policy,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _decode_issuer_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.NAME_CONSTRAINTS: _decode_name_constraints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.POLICY_CONSTRAINTS: _decode_policy_constraints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_EXTENSION_HANDLERS = _EXTENSION_HANDLERS_NO_SCT.copy()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_EXTENSION_HANDLERS[
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-] = _decode_precert_signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_REVOKED_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.CRL_REASON: _decode_crl_reason,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.INVALIDITY_DATE: _decode_invalidity_date,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.CERTIFICATE_ISSUER: _decode_cert_issuer,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRL_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CRL_NUMBER: _decode_crl_number,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.DELTA_CRL_INDICATOR: _decode_delta_crl_indicator,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _decode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _decode_issuer_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _decode_authority_information_access
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUING_DISTRIBUTION_POINT: _decode_issuing_dist_point,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OCSP_REQ_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPExtensionOID.NONCE: _decode_nonce,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OCSP_BASICRESP_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPExtensionOID.NONCE: _decode_nonce,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CERTIFICATE_EXTENSION_PARSER_NO_SCT = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.X509_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.X509_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_EXTENSION_HANDLERS_NO_SCT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CERTIFICATE_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.X509_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.X509_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_EXTENSION_HANDLERS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CSR_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.sk_X509_EXTENSION_num(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.sk_X509_EXTENSION_value(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_EXTENSION_HANDLERS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_REVOKED_CERTIFICATE_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.X509_REVOKED_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.X509_REVOKED_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_REVOKED_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRL_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.X509_CRL_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.X509_CRL_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_CRL_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OCSP_REQ_EXT_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.OCSP_REQUEST_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.OCSP_REQUEST_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_OCSP_REQ_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OCSP_BASICRESP_EXT_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ext_count=lambda backend, x: backend._lib.OCSP_BASICRESP_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_ext=lambda backend, x, i: backend._lib.OCSP_BASICRESP_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- handlers=_OCSP_BASICRESP_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dh.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dh.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dh.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,280 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import dh
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _dh_params_dup(dh_cdata, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib = backend._lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ffi = backend._ffi
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- param_cdata = lib.DHparams_dup(dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(param_cdata != ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- param_cdata = ffi.gc(param_cdata, lib.DH_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # In OpenSSL versions < 1.0.2 or libressl DHparams_dup don't copy q
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.DH_get0_pqg(dh_cdata, ffi.NULL, q, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_dup = lib.BN_dup(q[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = lib.DH_set0_pqg(param_cdata, ffi.NULL, q_dup, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return param_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _dh_cdata_to_parameters(dh_cdata, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- param_cdata = _dh_params_dup(dh_cdata, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHParameters(backend, param_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(dh.DHParametersWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DHParameters(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, dh_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_cdata = dh_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_pqg(self._dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_val = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_val = self._backend._bn_to_int(q[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dh.DHParameterNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g=self._backend._bn_to_int(g[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=q_val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.generate_dh_private_key(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameter_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is not serialization.ParameterFormat.PKCS3:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Only PKCS3 serialization is supported"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not self._backend._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_pqg(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DH X9.42 serialization is not supported",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_SERIALIZATION)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._parameter_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _handle_dh_compute_key_error(errors, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib = backend._lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.ERR_LIB_DH, lib.DH_R_INVALID_PUBKEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Public key value is invalid for this exchange.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _get_dh_num_bits(backend, dh_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.DH_get0_pqg(dh_cdata, p,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(p[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._lib.BN_num_bits(p[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(dh.DHPrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DHPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, dh_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_cdata = dh_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_size_bytes = self._backend._lib.DH_size(dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _get_dh_num_bits(self._backend, self._dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_pqg(self._dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_val = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_val = self._backend._bn_to_int(q[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- priv_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_key(self._dh_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(priv_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dh.DHPrivateNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers=dh.DHPublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers=dh.DHParameterNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g=self._backend._bn_to_int(g[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=q_val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x=self._backend._bn_to_int(priv_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]", self._key_size_bytes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_key(peer_public_key._dh_cdata, pub_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.DH_compute_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key[0],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == -1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _handle_dh_compute_key_error(errors, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = self._backend._ffi.buffer(buf)[:res]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pad = self._key_size_bytes - len(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if pad > 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = (b"\x00" * pad) + key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dh_cdata = _dh_params_dup(self._dh_cdata, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_key(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key, self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key_dup = self._backend._lib.BN_dup(pub_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key_dup != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.DH_set0_key(dh_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key_dup,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._dh_cdata_to_evp_pkey(dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DHPublicKey(self._backend, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _dh_cdata_to_parameters(self._dh_cdata, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is not serialization.PrivateFormat.PKCS8:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DH private keys support only PKCS8 serialization"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not self._backend._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_pqg(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DH X9.42 serialization is not supported",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_SERIALIZATION)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(dh.DHPublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DHPublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, dh_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dh_cdata = dh_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_size_bits = _get_dh_num_bits(self._backend, self._dh_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._key_size_bits
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_pqg(self._dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_val = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q_val = self._backend._bn_to_int(q[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_key(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key, self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dh.DHPublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers=dh.DHParameterNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g=self._backend._bn_to_int(g[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=q_val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _dh_cdata_to_parameters(self._dh_cdata, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is not serialization.PublicFormat.SubjectPublicKeyInfo:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DH public keys support only "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SubjectPublicKeyInfo serialization"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not self._backend._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DH_get0_pqg(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DH X9.42 serialization is not supported",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_SERIALIZATION)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,268 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.utils import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _calculate_digest_and_algorithm, _check_not_prehashed,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AsymmetricSignatureContext, AsymmetricVerificationContext, dsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _dsa_sig_sign(backend, private_key, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig_buf_len = backend._lib.DSA_size(private_key._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig_buf = backend._ffi.new("unsigned char[]", sig_buf_len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = backend._ffi.new("unsigned int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The first parameter passed to DSA_sign is unused by OpenSSL but
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # must be an integer.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.DSA_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0, data, len(data), sig_buf, buflen, private_key._dsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(buflen[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(sig_buf)[:buflen[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _dsa_sig_verify(backend, public_key, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The first parameter passed to DSA_verify is unused by OpenSSL but
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # must be an integer.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.DSA_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0, data, len(data), signature, len(signature), public_key._dsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricVerificationContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DSAVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, public_key, signature, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signature = signature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_to_verify = self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _dsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._public_key, self._signature, data_to_verify
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricSignatureContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DSASignatureContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._private_key = private_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_to_sign = self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _dsa_sig_sign(self._backend, self._private_key, data_to_sign)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(dsa.DSAParametersWithNumbers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DSAParameters(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, dsa_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata = dsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dsa.DSAParameterNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g=self._backend._bn_to_int(g[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.generate_dsa_private_key(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(dsa.DSAPrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, dsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata = dsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_pqg(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata, p, self._backend._ffi.NULL, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_size = self._backend._lib.BN_num_bits(p[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_not_prehashed(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSASignatureContext(self._backend, self, signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- priv_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_key(self._dsa_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(priv_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dsa.DSAPrivateNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers=dsa.DSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers=dsa.DSAParameterNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g=self._backend._bn_to_int(g[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x=self._backend._bn_to_int(priv_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._backend._lib.DSAparams_dup(self._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(dsa_cdata != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata, self._backend._lib.DSA_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata, pub_key, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key_dup = self._backend._lib.BN_dup(pub_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.DSA_set0_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata, pub_key_dup, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._dsa_cdata_to_evp_pkey(dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAPublicKey(self._backend, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._backend._lib.DSAparams_dup(self._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(dsa_cdata != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata, self._backend._lib.DSA_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAParameters(self._backend, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _dsa_sig_sign(self._backend, self, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(dsa.DSAPublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, dsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata = dsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_pqg(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata, p, self._backend._ffi.NULL, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_size = self._backend._lib.BN_num_bits(p[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_not_prehashed(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAVerificationContext(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self, signature, signature_algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.DSA_get0_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dsa_cdata, pub_key, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dsa.DSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers=dsa.DSAParameterNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g=self._backend._bn_to_int(g[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._backend._lib.DSAparams_dup(self._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dsa_cdata, self._backend._lib.DSA_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DSAParameters(self._backend, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PublicFormat.PKCS1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DSA public keys do not support PKCS1 serialization"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _dsa_sig_verify(self._backend, self, signature, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ec.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ec.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ec.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,340 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.utils import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _calculate_digest_and_algorithm, _check_not_prehashed,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AsymmetricSignatureContext, AsymmetricVerificationContext, ec
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_signature_algorithm(signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(signature_algorithm, ec.ECDSA):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Unsupported elliptic curve signature algorithm.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ec_key_curve_sn(backend, ec_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = backend._lib.EC_KEY_get0_group(ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(group != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nid = backend._lib.EC_GROUP_get_curve_name(group)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The following check is to find EC keys with unnamed curves and raise
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # an error for now.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if nid == backend._lib.NID_undef:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ECDSA certificates with unnamed curves are unsupported "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "at this time"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_name = backend._lib.OBJ_nid2sn(nid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(curve_name != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sn = backend._ffi.string(curve_name).decode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return sn
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _mark_asn1_named_ec_curve(backend, ec_cdata):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Set the named curve flag on the EC_KEY. This causes OpenSSL to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialize EC keys along with their curve OID which makes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- deserialization easier.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.EC_KEY_set_asn1_flag(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec_cdata, backend._lib.OPENSSL_EC_NAMED_CURVE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _sn_to_elliptic_curve(backend, sn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ec._CURVE_TYPES[sn]()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not a supported elliptic curve".format(sn),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ecdsa_sig_sign(backend, private_key, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- max_size = backend._lib.ECDSA_size(private_key._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(max_size > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sigbuf = backend._ffi.new("unsigned char[]", max_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- siglen_ptr = backend._ffi.new("unsigned int[]", 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ECDSA_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0, data, len(data), sigbuf, siglen_ptr, private_key._ec_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(sigbuf)[:siglen_ptr[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ecdsa_sig_verify(backend, public_key, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ECDSA_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0, data, len(data), signature, len(signature), public_key._ec_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricSignatureContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _ECDSASignatureContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._private_key = private_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest = hashes.Hash(algorithm, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self._digest.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ecdsa_sig_sign(self._backend, self._private_key, digest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricVerificationContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _ECDSAVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, public_key, signature, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signature = signature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest = hashes.Hash(algorithm, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self._digest.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _ecdsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._public_key, self._signature, digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ec.EllipticCurvePrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _EllipticCurvePrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, ec_key_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _mark_asn1_named_ec_curve(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ec_key = ec_key_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sn = _ec_key_curve_sn(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._curve = _sn_to_elliptic_curve(backend, sn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve = utils.read_only_property("_curve")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.curve.key_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_not_prehashed(signature_algorithm.algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ECDSASignatureContext(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self, signature_algorithm.algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, algorithm, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.elliptic_curve_exchange_algorithm_supported(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm, self.curve
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "This backend does not support the ECDH algorithm.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if peer_public_key.curve.name != self.curve.name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "peer_public_key and self are not on the same curve"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- z_len = (self._backend._lib.EC_GROUP_get_degree(group) + 7) // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(z_len > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- z_buf = self._backend._ffi.new("uint8_t[]", z_len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- peer_key = self._backend._lib.EC_KEY_get0_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- peer_public_key._ec_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r = self._backend._lib.ECDH_compute_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- z_buf, z_len, peer_key, self._ec_key, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(r > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(z_buf)[:z_len]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(group != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_nid = self._backend._lib.EC_GROUP_get_curve_name(group)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_ec_key = self._backend._lib.EC_KEY_new_by_curve_name(curve_nid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(public_ec_key != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_ec_key = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_ec_key, self._backend._lib.EC_KEY_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(point != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EC_KEY_set_public_key(public_ec_key, point)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._ec_cdata_to_evp_pkey(public_ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _EllipticCurvePublicKey(self._backend, public_ec_key, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn = self._backend._lib.EC_KEY_get0_private_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private_value = self._backend._bn_to_int(bn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ec.EllipticCurvePrivateNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private_value=private_value,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers=self.public_key().public_numbers()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ec_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, data, signature_algorithm._algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ecdsa_sig_sign(self._backend, self, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ec.EllipticCurvePublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _EllipticCurvePublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, ec_key_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _mark_asn1_named_ec_curve(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ec_key = ec_key_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sn = _ec_key_curve_sn(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._curve = _sn_to_elliptic_curve(backend, sn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve = utils.read_only_property("_curve")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.curve.key_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_not_prehashed(signature_algorithm.algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ECDSAVerificationContext(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self, signature, signature_algorithm.algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- get_func, group = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ec_key_determine_group_get_func(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(point != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._backend._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_x = self._backend._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bn_y = self._backend._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = get_func(group, point, bn_x, bn_y, bn_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x = self._backend._bn_to_int(bn_x)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y = self._backend._bn_to_int(bn_y)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ec.EllipticCurvePublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x=x,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y=y,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve=self._curve
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _encode_point(self, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PublicFormat.CompressedPoint:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- conversion = self._backend._lib.POINT_CONVERSION_COMPRESSED
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert format is serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- conversion = self._backend._lib.POINT_CONVERSION_UNCOMPRESSED
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(group != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(point != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with self._backend._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._lib.EC_POINT_point2oct(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group, point, conversion, self._backend._ffi.NULL, 0, bn_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("char[]", buflen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EC_POINT_point2oct(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- group, point, conversion, buf, buflen, bn_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen == res)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if format is serialization.PublicFormat.PKCS1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EC public keys do not support PKCS1 serialization"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.X962 or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.CompressedPoint or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.X962 or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format not in (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.CompressedPoint,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X962 encoding must be used with CompressedPoint or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UncompressedPoint format"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._encode_point(format)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, data, signature_algorithm._algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _ecdsa_sig_verify(self._backend, self, signature, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,151 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import exceptions, utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.ed25519 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Ed25519PrivateKey, Ed25519PublicKey, _ED25519_KEY_SIZE, _ED25519_SIG_SIZE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Ed25519PublicKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Ed25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestVerifyInit(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestVerify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, signature, len(signature), data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise exceptions.InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Ed25519PrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Ed25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_bytes = self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.ed25519_load_public_bytes(public_bytes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSignInit(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]", _ED25519_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", len(buf))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, buf, buflen, data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED25519_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, buflen[0])[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed448.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,154 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import exceptions, utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.ed448 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Ed448PrivateKey, Ed448PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ED448_KEY_SIZE = 57
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ED448_SIG_SIZE = 114
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Ed448PublicKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Ed448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, _ED448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestVerifyInit(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestVerify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, signature, len(signature), data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise exceptions.InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Ed448PrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Ed448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_bytes = self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.ed448_load_public_bytes(public_bytes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSignInit(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]", _ED448_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", len(buf))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md_ctx, buf, buflen, data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED448_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, buflen[0])[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, _ED448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/encode_asn1.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/encode_asn1.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/encode_asn1.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,657 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import calendar
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import ipaddress
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CRL_ENTRY_REASON_ENUM_TO_CODE, _DISTPOINT_TYPE_FULLNAME,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _DISTPOINT_TYPE_RELATIVENAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.name import _ASN1Type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID, ExtensionOID, OCSPExtensionOID,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_asn1_int(backend, x):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Converts a python integer to an ASN1_INTEGER. The returned ASN1_INTEGER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- will not be garbage collected (to support adding them to structs that take
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ownership of the object). Be sure to register it for GC if it will be
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- discarded after use.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Convert Python integer to OpenSSL "bignum" in case value exceeds
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # machine's native integer limits (note: `int_to_bn` doesn't automatically
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # GC).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- i = backend._int_to_bn(x)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- i = backend._ffi.gc(i, backend._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Wrap in an ASN.1 integer. Don't GC -- as documented.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- i = backend._lib.BN_to_ASN1_INTEGER(i, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(i != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return i
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_asn1_int_gc(backend, x):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- i = _encode_asn1_int(backend, x)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- i = backend._ffi.gc(i, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return i
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_asn1_str(backend, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create an ASN1_OCTET_STRING from a Python byte string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- s = backend._lib.ASN1_OCTET_STRING_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ASN1_OCTET_STRING_set(s, data, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return s
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_asn1_utf8_str(backend, string):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Create an ASN1_UTF8STRING from a Python unicode string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- This object will be an ASN1_STRING with UTF8 type in OpenSSL and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- can be decoded with ASN1_STRING_to_UTF8.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- s = backend._lib.ASN1_UTF8STRING_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ASN1_STRING_set(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- s, string.encode("utf8"), len(string.encode("utf8"))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return s
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_asn1_str_gc(backend, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- s = _encode_asn1_str(backend, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- s = backend._ffi.gc(s, backend._lib.ASN1_OCTET_STRING_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return s
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_inhibit_any_policy(backend, inhibit_any_policy):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _encode_asn1_int_gc(backend, inhibit_any_policy.skip_certs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_name(backend, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The X509_NAME created will not be gc'd. Use _encode_name_gc if needed.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subject = backend._lib.X509_NAME_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for rdn in name.rdns:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- set_flag = 0 # indicate whether to add to last RDN or create new RDN
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for attribute in rdn:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_entry = _encode_name_entry(backend, attribute)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # X509_NAME_add_entry dups the object so we need to gc this copy
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_entry = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_entry, backend._lib.X509_NAME_ENTRY_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.X509_NAME_add_entry(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subject, name_entry, -1, set_flag)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- set_flag = -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return subject
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_name_gc(backend, attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subject = _encode_name(backend, attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subject = backend._ffi.gc(subject, backend._lib.X509_NAME_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return subject
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_sk_name_entry(backend, attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The sk_X509_NAME_ENTRY created will not be gc'd.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stack = backend._lib.sk_X509_NAME_ENTRY_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for attribute in attributes:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_entry = _encode_name_entry(backend, attribute)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_X509_NAME_ENTRY_push(stack, name_entry)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return stack
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_name_entry(backend, attribute):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if attribute._type is _ASN1Type.BMPString:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = attribute.value.encode('utf_16_be')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = attribute.value.encode('utf8')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = _txt2obj_gc(backend, attribute.oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_entry = backend._lib.X509_NAME_ENTRY_create_by_OBJ(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, obj, attribute._type.value, value, len(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return name_entry
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_crl_number_delta_crl_indicator(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _encode_asn1_int_gc(backend, ext.crl_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_issuing_dist_point(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp = backend._lib.ISSUING_DIST_POINT_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(idp != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp = backend._ffi.gc(idp, backend._lib.ISSUING_DIST_POINT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.onlyuser = 255 if ext.only_contains_user_certs else 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.onlyCA = 255 if ext.only_contains_ca_certs else 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.indirectCRL = 255 if ext.indirect_crl else 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.onlyattr = 255 if ext.only_contains_attribute_certs else 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ext.only_some_reasons:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.onlysomereasons = _encode_reasonflags(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, ext.only_some_reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ext.full_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.distpoint = _encode_full_name(backend, ext.full_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ext.relative_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idp.distpoint = _encode_relative_name(backend, ext.relative_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return idp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_crl_reason(backend, crl_reason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1enum = backend._lib.ASN1_ENUMERATED_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(asn1enum != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1enum = backend._ffi.gc(asn1enum, backend._lib.ASN1_ENUMERATED_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ASN1_ENUMERATED_set(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1enum, _CRL_ENTRY_REASON_ENUM_TO_CODE[crl_reason.reason]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return asn1enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_invalidity_date(backend, invalidity_date):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time = backend._lib.ASN1_GENERALIZEDTIME_set(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, calendar.timegm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- invalidity_date.invalidity_date.timetuple()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(time != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time = backend._ffi.gc(time, backend._lib.ASN1_GENERALIZEDTIME_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_certificate_policies(backend, certificate_policies):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cp = backend._lib.sk_POLICYINFO_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(cp != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cp = backend._ffi.gc(cp, backend._lib.sk_POLICYINFO_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for policy_info in certificate_policies:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pi = backend._lib.POLICYINFO_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pi != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_POLICYINFO_push(cp, pi)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _txt2obj(backend, policy_info.policy_identifier.dotted_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pi.policyid = oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if policy_info.policy_qualifiers:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqis = backend._lib.sk_POLICYQUALINFO_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pqis != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for qualifier in policy_info.policy_qualifiers:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi = backend._lib.POLICYQUALINFO_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pqi != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_POLICYQUALINFO_push(pqis, pqi)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(qualifier, six.text_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi.pqualid = _txt2obj(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, x509.OID_CPS_QUALIFIER.dotted_string
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi.d.cpsuri = _encode_asn1_str(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- qualifier.encode("ascii"),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert isinstance(qualifier, x509.UserNotice)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi.pqualid = _txt2obj(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, x509.OID_CPS_USER_NOTICE.dotted_string
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- un = backend._lib.USERNOTICE_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(un != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pqi.d.usernotice = un
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if qualifier.explicit_text:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- un.exptext = _encode_asn1_utf8_str(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, qualifier.explicit_text
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- un.noticeref = _encode_notice_reference(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, qualifier.notice_reference
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pi.qualifiers = pqis
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_notice_reference(backend, notice):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if notice is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nr = backend._lib.NOTICEREF_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(nr != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # organization is a required field
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nr.organization = _encode_asn1_utf8_str(backend, notice.organization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_stack = backend._lib.sk_ASN1_INTEGER_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nr.noticenos = notice_stack
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for number in notice.notice_numbers:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = _encode_asn1_int(backend, number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_ASN1_INTEGER_push(notice_stack, num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return nr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _txt2obj(backend, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Converts a Python string with an ASN.1 object ID in dotted form to a
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ASN1_OBJECT.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = name.encode('ascii')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = backend._lib.OBJ_txt2obj(name, 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return obj
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _txt2obj_gc(backend, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = _txt2obj(backend, name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = backend._ffi.gc(obj, backend._lib.ASN1_OBJECT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return obj
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_ocsp_nocheck(backend, ext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Doesn't need to be GC'd
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._lib.ASN1_NULL_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_key_usage(backend, key_usage):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- set_bit = backend._lib.ASN1_BIT_STRING_set_bit
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ku = backend._lib.ASN1_BIT_STRING_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ku = backend._ffi.gc(ku, backend._lib.ASN1_BIT_STRING_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 0, key_usage.digital_signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 1, key_usage.content_commitment)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 2, key_usage.key_encipherment)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 3, key_usage.data_encipherment)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 4, key_usage.key_agreement)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 5, key_usage.key_cert_sign)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 6, key_usage.crl_sign)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_usage.key_agreement:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 7, key_usage.encipher_only)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 8, key_usage.decipher_only)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 7, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = set_bit(ku, 8, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ku
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_authority_key_identifier(backend, authority_keyid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid = backend._lib.AUTHORITY_KEYID_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(akid != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid = backend._ffi.gc(akid, backend._lib.AUTHORITY_KEYID_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if authority_keyid.key_identifier is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid.keyid = _encode_asn1_str(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_keyid.key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if authority_keyid.authority_cert_issuer is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid.issuer = _encode_general_names(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, authority_keyid.authority_cert_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if authority_keyid.authority_cert_serial_number is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- akid.serial = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, authority_keyid.authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return akid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_basic_constraints(backend, basic_constraints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- constraints = backend._lib.BASIC_CONSTRAINTS_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- constraints = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- constraints, backend._lib.BASIC_CONSTRAINTS_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- constraints.ca = 255 if basic_constraints.ca else 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if basic_constraints.ca and basic_constraints.path_length is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- constraints.pathlen = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, basic_constraints.path_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return constraints
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_authority_information_access(backend, authority_info_access):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aia = backend._lib.sk_ACCESS_DESCRIPTION_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(aia != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aia = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aia,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lambda x: backend._lib.sk_ACCESS_DESCRIPTION_pop_free(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x, backend._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib._original_lib, "ACCESS_DESCRIPTION_free"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for access_description in authority_info_access:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ad = backend._lib.ACCESS_DESCRIPTION_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- method = _txt2obj(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, access_description.access_method.dotted_string
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _encode_general_name_preallocated(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, access_description.access_location, ad.location
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ad.method = method
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_ACCESS_DESCRIPTION_push(aia, ad)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aia
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_general_names(backend, names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names = backend._lib.GENERAL_NAMES_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(general_names != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for name in names:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn = _encode_general_name(backend, name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_GENERAL_NAME_push(general_names, gn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_alt_name(backend, san):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names = _encode_general_names(backend, san)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names, backend._lib.GENERAL_NAMES_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_subject_key_identifier(backend, ski):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _encode_asn1_str_gc(backend, ski.digest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_general_name(backend, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn = backend._lib.GENERAL_NAME_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _encode_general_name_preallocated(backend, name, gn)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return gn
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_general_name_preallocated(backend, name, gn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(name, x509.DNSName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_DNS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ia5 = backend._lib.ASN1_IA5STRING_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(ia5 != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ia5strings are supposed to be ITU T.50 but to allow round-tripping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # of broken certs that encode utf8 we'll encode utf8 here too.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = name.value.encode("utf8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ASN1_STRING_set(ia5, value, len(value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.dNSName = ia5
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name, x509.RegisteredID):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_RID
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = backend._lib.OBJ_txt2obj(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name.value.dotted_string.encode('ascii'), 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.registeredID = obj
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name, x509.DirectoryName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dir_name = _encode_name(backend, name.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_DIRNAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.directoryName = dir_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name, x509.IPAddress):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(name.value, ipaddress.IPv4Network):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- packed = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name.value.network_address.packed +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.int_to_bytes(((1 << 32) - name.value.num_addresses), 4)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name.value, ipaddress.IPv6Network):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- packed = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name.value.network_address.packed +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.int_to_bytes((1 << 128) - name.value.num_addresses, 16)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- packed = name.value.packed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ipaddr = _encode_asn1_str(backend, packed)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_IPADD
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.iPAddress = ipaddr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name, x509.OtherName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other_name = backend._lib.OTHERNAME_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(other_name != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- type_id = backend._lib.OBJ_txt2obj(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name.type_id.dotted_string.encode('ascii'), 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(type_id != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = backend._ffi.new("unsigned char[]", name.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr_ptr = backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr_ptr[0] = data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = backend._lib.d2i_ASN1_TYPE(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, data_ptr_ptr, len(name.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if value == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid ASN.1 data")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other_name.type_id = type_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other_name.value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_OTHERNAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.otherName = other_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name, x509.RFC822Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ia5strings are supposed to be ITU T.50 but to allow round-tripping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # of broken certs that encode utf8 we'll encode utf8 here too.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = name.value.encode("utf8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_str = _encode_asn1_str(backend, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_EMAIL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.rfc822Name = asn1_str
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(name, x509.UniformResourceIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ia5strings are supposed to be ITU T.50 but to allow round-tripping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # of broken certs that encode utf8 we'll encode utf8 here too.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = name.value.encode("utf8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_str = _encode_asn1_str(backend, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.type = backend._lib.GEN_URI
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gn.d.uniformResourceIdentifier = asn1_str
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is an unknown GeneralName type".format(name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_extended_key_usage(backend, extended_key_usage):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- eku = backend._lib.sk_ASN1_OBJECT_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- eku = backend._ffi.gc(eku, backend._lib.sk_ASN1_OBJECT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for oid in extended_key_usage:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = _txt2obj(backend, oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_ASN1_OBJECT_push(eku, obj)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return eku
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRLREASONFLAGS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.key_compromise: 1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.ca_compromise: 2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.affiliation_changed: 3,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.superseded: 4,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.cessation_of_operation: 5,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.certificate_hold: 6,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.privilege_withdrawn: 7,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.ReasonFlags.aa_compromise: 8,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_reasonflags(backend, reasons):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bitmask = backend._lib.ASN1_BIT_STRING_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(bitmask != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for reason in reasons:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.ASN1_BIT_STRING_set_bit(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bitmask, _CRLREASONFLAGS[reason], 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return bitmask
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_full_name(backend, full_name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dpn = backend._lib.DIST_POINT_NAME_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(dpn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dpn.type = _DISTPOINT_TYPE_FULLNAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dpn.name.fullname = _encode_general_names(backend, full_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dpn
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_relative_name(backend, relative_name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dpn = backend._lib.DIST_POINT_NAME_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(dpn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dpn.type = _DISTPOINT_TYPE_RELATIVENAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dpn.name.relativename = _encode_sk_name_entry(backend, relative_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dpn
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_cdps_freshest_crl(backend, cdps):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdp = backend._lib.sk_DIST_POINT_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cdp = backend._ffi.gc(cdp, backend._lib.sk_DIST_POINT_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for point in cdps:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dp = backend._lib.DIST_POINT_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(dp != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if point.reasons:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dp.reasons = _encode_reasonflags(backend, point.reasons)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if point.full_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dp.distpoint = _encode_full_name(backend, point.full_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if point.relative_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dp.distpoint = _encode_relative_name(backend, point.relative_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if point.crl_issuer:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dp.CRLissuer = _encode_general_names(backend, point.crl_issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_DIST_POINT_push(cdp, dp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cdp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_name_constraints(backend, name_constraints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nc = backend._lib.NAME_CONSTRAINTS_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(nc != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nc = backend._ffi.gc(nc, backend._lib.NAME_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- permitted = _encode_general_subtree(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, name_constraints.permitted_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nc.permittedSubtrees = permitted
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- excluded = _encode_general_subtree(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, name_constraints.excluded_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nc.excludedSubtrees = excluded
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return nc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_policy_constraints(backend, policy_constraints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pc = backend._lib.POLICY_CONSTRAINTS_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pc != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pc = backend._ffi.gc(pc, backend._lib.POLICY_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if policy_constraints.require_explicit_policy is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pc.requireExplicitPolicy = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, policy_constraints.require_explicit_policy
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if policy_constraints.inhibit_policy_mapping is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pc.inhibitPolicyMapping = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, policy_constraints.inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return pc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_general_subtree(backend, subtrees):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if subtrees is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_subtrees = backend._lib.sk_GENERAL_SUBTREE_new_null()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for name in subtrees:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gs = backend._lib.GENERAL_SUBTREE_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- gs.base = _encode_general_name(backend, name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.sk_GENERAL_SUBTREE_push(general_subtrees, gs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert res >= 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return general_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _encode_nonce(backend, nonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _encode_asn1_str_gc(backend, nonce.nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.BASIC_CONSTRAINTS: _encode_basic_constraints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_KEY_IDENTIFIER: _encode_subject_key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.KEY_USAGE: _encode_key_usage,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_ALTERNATIVE_NAME: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.EXTENDED_KEY_USAGE: _encode_extended_key_usage,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _encode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CERTIFICATE_POLICIES: _encode_certificate_policies,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _encode_authority_information_access
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CRL_DISTRIBUTION_POINTS: _encode_cdps_freshest_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.FRESHEST_CRL: _encode_cdps_freshest_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.INHIBIT_ANY_POLICY: _encode_inhibit_any_policy,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.OCSP_NO_CHECK: _encode_ocsp_nocheck,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.NAME_CONSTRAINTS: _encode_name_constraints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.POLICY_CONSTRAINTS: _encode_policy_constraints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRL_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _encode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _encode_authority_information_access
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CRL_NUMBER: _encode_crl_number_delta_crl_indicator,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.DELTA_CRL_INDICATOR: _encode_crl_number_delta_crl_indicator,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUING_DISTRIBUTION_POINT: _encode_issuing_dist_point,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CRL_ENTRY_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.CERTIFICATE_ISSUER: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.CRL_REASON: _encode_crl_reason,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.INVALIDITY_DATE: _encode_invalidity_date,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPExtensionOID.NONCE: _encode_nonce,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OCSP_BASICRESP_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPExtensionOID.NONCE: _encode_nonce,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hashes.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hashes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hashes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,78 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(hashes.HashContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _HashContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, algorithm, ctx=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._backend._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_md == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not a supported hash on this backend.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm.name),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestInit_ex(ctx, evp_md,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_MD_CTX_copy_ex(copied_ctx, self._ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _HashContext(self._backend, self.algorithm, ctx=copied_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._backend._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestUpdate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(self.algorithm, hashes.ExtendableOutputFunction):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # extendable output functions use a different finalize
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._finalize_xof()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.EVP_MAX_MD_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = self._backend._ffi.new("unsigned int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestFinal_ex(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen[0] == self.algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _finalize_xof(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.algorithm.digest_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestFinalXOF(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, buf, self.algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:self.algorithm.digest_size]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,74 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(hashes.HashContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _HMACContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, key, algorithm, ctx=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._lib.Cryptography_HMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._backend._lib.Cryptography_HMAC_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = self._backend._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if evp_md == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not a supported hash on this backend".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm.name),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_ptr = self._backend._ffi.from_buffer(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.HMAC_Init_ex(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, key_ptr, len(key), evp_md, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx = self._backend._lib.Cryptography_HMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(copied_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- copied_ctx, self._backend._lib.Cryptography_HMAC_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.HMAC_CTX_copy(copied_ctx, self._ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _HMACContext(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._key, self.algorithm, ctx=copied_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._backend._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.HMAC_Update(self._ctx, data_ptr, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.EVP_MAX_MD_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = self._backend._ffi.new("unsigned int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.HMAC_Final(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(outlen[0] == self.algorithm.digest_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(digest, signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidSignature("Signature did not match digest.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ocsp.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,381 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import functools
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CRL_ENTRY_REASON_CODE_TO_ENUM, _OCSP_BASICRESP_EXT_PARSER,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _OCSP_REQ_EXT_PARSER, _asn1_integer_to_int,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _asn1_string_to_bytes, _decode_x509_name, _obj2txt,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _parse_asn1_generalized_time,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.x509 import _Certificate
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.ocsp import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPCertStatus, OCSPRequest, OCSPResponse, OCSPResponseStatus,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CERT_STATUS_TO_ENUM, _OIDS_TO_HASH, _RESPONSE_STATUS_TO_ENUM,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _requires_successful_response(func):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @functools.wraps(func)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def wrapper(self, *args):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.response_status != OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OCSP response status is not successful so the property "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "has no value"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return func(self, *args)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return wrapper
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _issuer_key_hash(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_hash = backend._ffi.new("ASN1_OCTET_STRING **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_hash, backend._ffi.NULL, cert_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(key_hash[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(backend, key_hash[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _issuer_name_hash(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_hash = backend._ffi.new("ASN1_OCTET_STRING **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name_hash, backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, backend._ffi.NULL, cert_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(name_hash[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(backend, name_hash[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _serial_number(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = backend._ffi.new("ASN1_INTEGER **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, num, cert_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(num[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_integer_to_int(backend, num[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _hash_algorithm(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1obj = backend._ffi.new("ASN1_OBJECT **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, asn1obj,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL, backend._ffi.NULL, cert_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(asn1obj[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(backend, asn1obj[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Signature algorithm OID: {} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(OCSPResponse)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _OCSPResponse(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, ocsp_response):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ocsp_response = ocsp_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- status = self._backend._lib.OCSP_response_status(self._ocsp_response)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(status in _RESPONSE_STATUS_TO_ENUM)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._status = _RESPONSE_STATUS_TO_ENUM[status]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._status is OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic = self._backend._lib.OCSP_response_get1_basic(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ocsp_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(basic != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._basic = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- basic, self._backend._lib.OCSP_BASICRESP_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.OCSP_resp_count(self._basic) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single = self._backend._lib.OCSP_resp_get0(self._basic, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single != self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cert_id = self._backend._lib.OCSP_SINGLERESP_get0_id(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cert_id != self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- response_status = utils.read_only_property("_status")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- alg = self._backend._lib.OCSP_resp_get0_tbs_sigalg(self._basic)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(alg != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(self._backend, alg.algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig = self._backend._lib.OCSP_resp_get0_signature(self._basic)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(sig != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(self._backend, sig)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_response_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- respdata = self._backend._lib.OCSP_resp_get0_respdata(self._basic)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(respdata != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_OCSP_RESPDATA(respdata, pp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pp[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def certificates(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sk_x509 = self._backend._lib.OCSP_resp_get0_certs(self._basic)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = self._backend._lib.sk_X509_num(sk_x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certs = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(num):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509 = self._backend._lib.sk_X509_value(sk_x509, i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(x509 != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert = _Certificate(self._backend, x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We need to keep the OCSP response that the certificate came from
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # alive until the Certificate object itself goes out of scope, so
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we give it a private reference.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert._ocsp_resp = self
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certs.append(cert)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def responder_key_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _, asn1_string = self._responder_key_name()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if asn1_string == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(self._backend, asn1_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def responder_name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_name, _ = self._responder_key_name()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if x509_name == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _decode_x509_name(self._backend, x509_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _responder_key_name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_string = self._backend._ffi.new("ASN1_OCTET_STRING **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_name = self._backend._ffi.new("X509_NAME **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.OCSP_resp_get0_id(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._basic, asn1_string, x509_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509_name[0], asn1_string[0]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def produced_at(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- produced_at = self._backend._lib.OCSP_resp_get0_produced_at(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._basic
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_generalized_time(self._backend, produced_at)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def certificate_status(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- status = self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(status in _CERT_STATUS_TO_ENUM)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CERT_STATUS_TO_ENUM[status]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_time(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.certificate_status is not OCSPCertStatus.REVOKED:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._backend._ffi.new("ASN1_GENERALIZEDTIME **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(asn1_time[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_generalized_time(self._backend, asn1_time[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_reason(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.certificate_status is not OCSPCertStatus.REVOKED:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason_ptr = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason_ptr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # If no reason is encoded OpenSSL returns -1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if reason_ptr[0] == -1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason_ptr[0] in _CRL_ENTRY_REASON_CODE_TO_ENUM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CRL_ENTRY_REASON_CODE_TO_ENUM[reason_ptr[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def this_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._backend._ffi.new("ASN1_GENERALIZEDTIME **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(asn1_time[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_generalized_time(self._backend, asn1_time[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def next_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._backend._ffi.new("ASN1_GENERALIZEDTIME **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._single,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if asn1_time[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_generalized_time(self._backend, asn1_time[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _issuer_key_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _issuer_name_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _hash_algorithm(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _serial_number(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OCSP_BASICRESP_EXT_PARSER.parse(self._backend, self._basic)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is not serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The only allowed encoding value is Encoding.DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_OCSP_RESPONSE_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio, self._ocsp_response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(OCSPRequest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _OCSPRequest(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, ocsp_request):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if backend._lib.OCSP_request_onereq_count(ocsp_request) > 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'OCSP request contains more than one request'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ocsp_request = ocsp_request
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._request = self._backend._lib.OCSP_request_onereq_get0(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ocsp_request, 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(self._request != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cert_id = self._backend._lib.OCSP_onereq_get0_id(self._request)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(self._cert_id != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _issuer_key_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _issuer_name_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _serial_number(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _hash_algorithm(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OCSP_REQ_EXT_PARSER.parse(self._backend, self._ocsp_request)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is not serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The only allowed encoding value is Encoding.DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_OCSP_REQUEST_bio(bio, self._ocsp_request)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/poly1305.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/poly1305.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/poly1305.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,60 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_POLY1305_TAG_SIZE = 16
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_POLY1305_KEY_SIZE = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Poly1305Context(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_ptr = self._backend._ffi.from_buffer(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This function copies the key into OpenSSL-owned memory so we don't
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # need to retain it ourselves
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.NID_poly1305,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, key_ptr, len(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(evp_pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey, self._backend._lib.EVP_PKEY_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSignInit(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_ptr = self._backend._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSignUpdate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char[]", _POLY1305_TAG_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = self._backend._ffi.new("size_t *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_DigestSignFinal(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(outlen[0] == _POLY1305_TAG_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, tag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mac = self.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(mac, tag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidSignature("Value did not match computed tag.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/rsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,478 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import math
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.utils import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _calculate_digest_and_algorithm, _check_not_prehashed,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AsymmetricSignatureContext, AsymmetricVerificationContext, rsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.padding import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AsymmetricPadding, MGF1, OAEP, PKCS1v15, PSS, calculate_max_pss_salt_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.rsa import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSAPrivateKeyWithSerialization, RSAPublicKeyWithSerialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _get_rsa_pss_salt_length(pss, key, hash_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- salt = pss._salt_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if salt is MGF1.MAX_LENGTH or salt is PSS.MAX_LENGTH:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return calculate_max_pss_salt_length(key, hash_algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return salt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _enc_dec_rsa(backend, key, data, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(padding, AsymmetricPadding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Padding must be an instance of AsymmetricPadding.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(padding, PKCS1v15):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding_enum = backend._lib.RSA_PKCS1_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(padding, OAEP):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding_enum = backend._lib.RSA_PKCS1_OAEP_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Only MGF1 is supported by this backend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_MGF
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.rsa_padding_supported(padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "This combination of padding and hash algorithm is not "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "supported by this backend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not supported by this backend.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding.name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _enc_dec_rsa_pkey_ctx(backend, key, data, padding_enum, padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _enc_dec_rsa_pkey_ctx(backend, key, data, padding_enum, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(key, _RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- init = backend._lib.EVP_PKEY_encrypt_init
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crypt = backend._lib.EVP_PKEY_encrypt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- init = backend._lib.EVP_PKEY_decrypt_init
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crypt = backend._lib.EVP_PKEY_decrypt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx = backend._lib.EVP_PKEY_CTX_new(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key._evp_pkey, backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pkey_ctx != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx = backend._ffi.gc(pkey_ctx, backend._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = init(pkey_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_rsa_padding(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx, padding_enum)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf_size = backend._lib.EVP_PKEY_size(key._evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(buf_size > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(padding, OAEP) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.Cryptography_HAS_RSA_OAEP_MD
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mgf1_md = backend._evp_md_non_null_from_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding._mgf._algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1_md)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oaep_md = backend._evp_md_non_null_from_algorithm(padding._algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_rsa_oaep_md(pkey_ctx, oaep_md)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(padding, OAEP) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding._label is not None and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(padding._label) > 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # set0_rsa_oaep_label takes ownership of the char * so we need to
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # copy it into some new memory
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- labelptr = backend._lib.OPENSSL_malloc(len(padding._label))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(labelptr != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.memmove(labelptr, padding._label, len(padding._label))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set0_rsa_oaep_label(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx, labelptr, len(padding._label)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = backend._ffi.new("size_t *", buf_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char[]", buf_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = crypt(pkey_ctx, buf, outlen, data, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res <= 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _handle_rsa_enc_dec_error(backend, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _handle_rsa_enc_dec_error(backend, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(errors)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(errors[0].lib == backend._lib.ERR_LIB_RSA)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(key, _RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0].reason == backend._lib.RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Data too long for key size. Encrypt less data or use a "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "larger key size."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decoding_errors = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.RSA_R_BLOCK_TYPE_IS_NOT_01,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.RSA_R_BLOCK_TYPE_IS_NOT_02,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.RSA_R_OAEP_DECODING_ERROR,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Though this error looks similar to the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE, this occurs on decrypts,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # rather than on encrypts
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.RSA_R_DATA_TOO_LARGE_FOR_MODULUS,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if backend._lib.Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decoding_errors.append(backend._lib.RSA_R_PKCS_DECODING_ERROR)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(errors[0].reason in decoding_errors)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Decryption failed.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _rsa_sig_determine_padding(backend, key, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(padding, AsymmetricPadding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected provider of AsymmetricPadding.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_size = backend._lib.EVP_PKEY_size(key._evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pkey_size > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(padding, PKCS1v15):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding_enum = backend._lib.RSA_PKCS1_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(padding, PSS):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Only MGF1 is supported by this backend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_MGF
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Size of key in bytes - 2 is the maximum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # PSS signature length (salt length is checked later)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if pkey_size - algorithm.digest_size - 2 < 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Digest too large for key size. Use a larger "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "key or different digest.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding_enum = backend._lib.RSA_PKCS1_PSS_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not supported by this backend.".format(padding.name),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PADDING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return padding_enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _rsa_sig_setup(backend, padding, algorithm, key, data, init_func):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding_enum = _rsa_sig_determine_padding(backend, key, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_md = backend._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx = backend._lib.EVP_PKEY_CTX_new(key._evp_pkey, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(pkey_ctx != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx = backend._ffi.gc(pkey_ctx, backend._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = init_func(pkey_ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_signature_md(pkey_ctx, evp_md)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not supported by this backend for RSA signing.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm.name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, padding_enum)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(padding, PSS):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_rsa_pss_saltlen(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx, _get_rsa_pss_salt_length(padding, key, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mgf1_md = backend._evp_md_non_null_from_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding._mgf._algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1_md)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return pkey_ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _rsa_sig_sign(backend, padding, algorithm, private_key, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx = _rsa_sig_setup(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, padding, algorithm, private_key, data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.EVP_PKEY_sign_init
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = backend._ffi.new("size_t *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char[]", buflen[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx, buf, buflen, data, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(errors[0].lib == backend._lib.ERR_LIB_RSA)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0].reason ==
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason = ("Salt length too long for key size. Try using "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "MAX_LENGTH instead.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors[0].reason ==
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason = "Digest too large for key size. Use a larger key."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(reason)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _rsa_sig_verify(backend, padding, algorithm, public_key, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx = _rsa_sig_setup(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, padding, algorithm, public_key, data,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._lib.EVP_PKEY_verify_init
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey_ctx, signature, len(signature), data, len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The previous call can return negative numbers in the event of an
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # error. This is not a signature failure but we need to fail if it
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # occurs.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res >= 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidSignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricSignatureContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _RSASignatureContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, private_key, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._private_key = private_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We now call _rsa_sig_determine_padding in _rsa_sig_setup. However
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we need to make a pointless call to it here so we maintain the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # API of erroring on init with this context if the values are invalid.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _rsa_sig_determine_padding(backend, private_key, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._padding = padding
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _rsa_sig_sign(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._padding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._private_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricVerificationContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _RSAVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, public_key, signature, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signature = signature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._padding = padding
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We now call _rsa_sig_determine_padding in _rsa_sig_setup. However
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we need to make a pointless call to it here so we maintain the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # API of erroring on init with this context if the values are invalid.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _rsa_sig_determine_padding(backend, public_key, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- padding = padding
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _rsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._padding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signature,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(RSAPrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _RSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, rsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata = rsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.RSA_get0_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata, n, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_size = self._backend._lib.BN_num_bits(n[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signer(self, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_not_prehashed(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSASignatureContext(self._backend, self, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, ciphertext, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size_bytes = int(math.ceil(self.key_size / 8.0))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_size_bytes != len(ciphertext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Ciphertext length must be equal to key size.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _enc_dec_rsa(self._backend, self, ciphertext, padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._lib.RSAPublicKey_dup(self._rsa_cdata)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend._ffi.gc(ctx, self._backend._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.RSA_blinding_on(ctx, self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._rsa_cdata_to_evp_pkey(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAPublicKey(self._backend, ctx, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- d = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmp1 = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmq1 = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iqmp = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.RSA_get0_key(self._rsa_cdata, n, e, d)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(e[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(d[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.RSA_get0_factors(self._rsa_cdata, p, q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.RSA_get0_crt_params(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata, dmp1, dmq1, iqmp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(dmp1[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(dmq1[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(iqmp[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return rsa.RSAPrivateNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- d=self._backend._bn_to_int(d[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmp1=self._backend._bn_to_int(dmp1[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmq1=self._backend._bn_to_int(dmq1[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iqmp=self._backend._bn_to_int(iqmp[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers=rsa.RSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e=self._backend._bn_to_int(e[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n=self._backend._bn_to_int(n[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _rsa_sig_sign(self._backend, padding, algorithm, self, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(RSAPublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _RSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, rsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata = rsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.RSA_get0_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata, n, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_size = self._backend._lib.BN_num_bits(n[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verifier(self, signature, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_not_prehashed(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RSAVerificationContext(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self, signature, padding, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, plaintext, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _enc_dec_rsa(self._backend, self, plaintext, padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.RSA_get0_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata, n, e, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(e[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return rsa.RSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e=self._backend._bn_to_int(e[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n=self._backend._bn_to_int(n[0]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rsa_cdata
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _rsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, padding, algorithm, self, signature, data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/utils.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,69 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.utils import Prehashed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _evp_pkey_derive(backend, evp_pkey, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = backend._lib.EVP_PKEY_CTX_new(evp_pkey, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(ctx != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = backend._ffi.gc(ctx, backend._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_derive_init(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_derive_set_peer(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, peer_public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- keylen = backend._ffi.new("size_t *")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_derive(ctx, backend._ffi.NULL, keylen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend.openssl_assert(keylen[0] > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = backend._ffi.new("unsigned char[]", keylen[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = backend._lib.EVP_PKEY_derive(ctx, buf, keylen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Null shared key derived from public/private pair."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend._ffi.buffer(buf, keylen[0])[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _calculate_digest_and_algorithm(backend, data, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, Prehashed):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hash_ctx = hashes.Hash(algorithm, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = algorithm._algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) != algorithm.digest_size:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The provided data must be the same length as the hash "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "algorithm's digest size."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (data, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_not_prehashed(signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(signature_algorithm, Prehashed):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Prehashed is only supported in the sign and verify methods. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "It cannot be used with signer or verifier."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _warn_sign_verify_deprecated():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "signer and verifier have been deprecated. Please use sign "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "and verify instead.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,149 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.utils import _evp_pkey_derive
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.x25519 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- X25519PrivateKey, X25519PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_X25519_KEY_SIZE = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(X25519PublicKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _X25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding=None, format=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is None or format is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is not None or format is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Both encoding and format are required")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "public_bytes now requires encoding and format arguments. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Support for calling without arguments will be removed in "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "cryptography 2.7",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.DeprecatedIn25,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding = serialization.Encoding.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format = serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ucharpp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get1_tls_encodedpoint(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, ucharpp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 32)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(ucharpp[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ucharpp[0], self._backend._lib.OPENSSL_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(data, res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(X25519PrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _X25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_PUBKEY_bio(bio, self._evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._lib.d2i_PUBKEY_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(evp_pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- evp_pkey, self._backend._lib.EVP_PKEY_free
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _X25519PublicKey(self._backend, evp_pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(peer_public_key, X25519PublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("peer_public_key must be X25519PublicKey.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _evp_pkey_derive(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._evp_pkey, peer_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 we can
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # switch this to EVP_PKEY_new_raw_private_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The trick we use here is serializing to a PKCS8 key and just
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # using the last 32 bytes, which is the key itself.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_PKCS8PrivateKey_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio, self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0, self._backend._ffi.NULL, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkcs8 = self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(len(pkcs8) == 48)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return pkcs8[-_X25519_KEY_SIZE:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x448.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,123 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.utils import _evp_pkey_derive
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.x448 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- X448PrivateKey, X448PublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_X448_KEY_SIZE = 56
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(X448PublicKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _X448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(X448PrivateKey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _X448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.x448_load_public_bytes(buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(peer_public_key, X448PublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("peer_public_key must be X448PublicKey.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _evp_pkey_derive(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._evp_pkey, peer_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.EVP_PKEY_get_raw_private_key(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x509.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x509.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x509.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,546 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import datetime
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import operator
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CERTIFICATE_EXTENSION_PARSER, _CERTIFICATE_EXTENSION_PARSER_NO_SCT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _CRL_EXTENSION_PARSER, _CSR_EXTENSION_PARSER,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _REVOKED_CERTIFICATE_EXTENSION_PARSER, _asn1_integer_to_int,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _asn1_string_to_bytes, _decode_x509_name, _obj2txt, _parse_asn1_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.encode_asn1 import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _encode_asn1_int_gc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(x509.Certificate)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _Certificate(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, x509):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509 = x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<Certificate(subject={}, ...)>".format(self.subject)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, x509.Certificate):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.X509_cmp(self._x509, other._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return res == 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.public_bytes(serialization.Encoding.DER))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = hashes.Hash(algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(self.public_bytes(serialization.Encoding.DER))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return h.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def version(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- version = self._backend._lib.X509_get_version(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if version == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.Version.v1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif version == 2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.Version.v3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise x509.InvalidVersion(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not a valid X509 version".format(version), version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = self._backend._lib.X509_get_serialNumber(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(asn1_int != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_integer_to_int(self._backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey = self._backend._lib.X509_get_pubkey(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if pkey == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Remove errors from the stack.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Certificate public key is of an unknown type")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._evp_pkey_to_public_key(pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def not_valid_before(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._backend._lib.X509_get_notBefore(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_time(self._backend, asn1_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def not_valid_after(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_time = self._backend._lib.X509_get_notAfter(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_time(self._backend, asn1_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- issuer = self._backend._lib.X509_get_issuer_name(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(issuer != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _decode_x509_name(self._backend, issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def subject(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subject = self._backend._lib.X509_get_subject_name(self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(subject != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _decode_x509_name(self._backend, subject)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- alg = self._backend._ffi.new("X509_ALGOR **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_get0_signature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._ffi.NULL, alg, self._x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(alg[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(self._backend, alg[0].algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._backend._lib.CRYPTOGRAPHY_OPENSSL_110_OR_GREATER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CERTIFICATE_EXTENSION_PARSER.parse(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CERTIFICATE_EXTENSION_PARSER_NO_SCT.parse(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig = self._backend._ffi.new("ASN1_BIT_STRING **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_get0_signature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig, self._backend._ffi.NULL, self._x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(sig[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(self._backend, sig[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_certificate_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_re_X509_tbs(self._x509, pp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.PEM_write_bio_X509(bio, self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_X509_bio(bio, self._x509)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(x509.RevokedCertificate)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _RevokedCertificate(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, crl, x509_revoked):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The X509_REVOKED_value is a X509_REVOKED * that has
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # no reference counting. This means when X509_CRL_free is
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # called then the CRL and all X509_REVOKED * are freed. Since
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # you can retain a reference to a single revoked certificate
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # and let the CRL fall out of scope we need to retain a
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # private reference to the CRL inside the RevokedCertificate
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # object to prevent the gc from being called inappropriately.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._crl = crl
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_revoked = x509_revoked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = self._backend._lib.X509_REVOKED_get0_serialNumber(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_revoked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(asn1_int != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_integer_to_int(self._backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_date(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_time(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_REVOKED_get0_revocationDate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_revoked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _REVOKED_CERTIFICATE_EXTENSION_PARSER.parse(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._x509_revoked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(x509.CertificateRevocationList)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _CertificateRevocationList(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, x509_crl):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_crl = x509_crl
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, x509.CertificateRevocationList):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.X509_CRL_cmp(self._x509_crl, other._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return res == 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = hashes.Hash(algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_X509_CRL_bio(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio, self._x509_crl
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- der = self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(der)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return h.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _sorted_crl(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # X509_CRL_get0_by_serial sorts in place, which breaks a variety of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # things we don't want to break (like iteration and the signature).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Let's dupe it and sort that instead.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dup = self._backend._lib.X509_CRL_dup(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(dup != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dup = self._backend._ffi.gc(dup, self._backend._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dup
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_revoked_certificate_by_serial_number(self, serial_number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked = self._backend._ffi.new("X509_REVOKED **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- asn1_int = _encode_asn1_int_gc(self._backend, serial_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.X509_CRL_get0_by_serial(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._sorted_crl, revoked, asn1_int
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked[0] != self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RevokedCertificate(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend, self._sorted_crl, revoked[0]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- alg = self._backend._ffi.new("X509_ALGOR **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_CRL_get0_signature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_crl, self._backend._ffi.NULL, alg
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(alg[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(self._backend, alg[0].algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- issuer = self._backend._lib.X509_CRL_get_issuer(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(issuer != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _decode_x509_name(self._backend, issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def next_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nu = self._backend._lib.X509_CRL_get_nextUpdate(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(nu != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_time(self._backend, nu)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def last_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lu = self._backend._lib.X509_CRL_get_lastUpdate(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(lu != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _parse_asn1_time(self._backend, lu)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig = self._backend._ffi.new("ASN1_BIT_STRING **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_CRL_get0_signature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_crl, sig, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(sig[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(self._backend, sig[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_certlist_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_re_X509_CRL_tbs(self._x509_crl, pp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.PEM_write_bio_X509_CRL(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio, self._x509_crl
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_X509_CRL_bio(bio, self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _revoked_cert(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked = self._backend._lib.X509_CRL_get_REVOKED(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r = self._backend._lib.sk_X509_REVOKED_value(revoked, idx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(r != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _RevokedCertificate(self._backend, self, r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(len(self)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield self._revoked_cert(i)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(idx, slice):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- start, stop, step = idx.indices(len(self))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [self._revoked_cert(i) for i in range(start, stop, step)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idx = operator.index(idx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if idx < 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idx += len(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not 0 <= idx < len(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise IndexError
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._revoked_cert(idx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked = self._backend._lib.X509_CRL_get_REVOKED(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if revoked == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._lib.sk_X509_REVOKED_num(revoked)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CRL_EXTENSION_PARSER.parse(self._backend, self._x509_crl)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def is_signature_valid(self, public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(public_key, (dsa.DSAPublicKey, rsa.RSAPublicKey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec.EllipticCurvePublicKey)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting one of DSAPublicKey, RSAPublicKey,'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' or EllipticCurvePublicKey.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.X509_CRL_verify(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_crl, public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(x509.CertificateSigningRequest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _CertificateSigningRequest(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, x509_req):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_req = x509_req
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, _CertificateSigningRequest):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self_bytes = self.public_bytes(serialization.Encoding.DER)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other_bytes = other.public_bytes(serialization.Encoding.DER)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self_bytes == other_bytes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.public_bytes(serialization.Encoding.DER))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey = self._backend._lib.X509_REQ_get_pubkey(self._x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._evp_pkey_to_public_key(pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def subject(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- subject = self._backend._lib.X509_REQ_get_subject_name(self._x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(subject != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _decode_x509_name(self._backend, subject)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- alg = self._backend._ffi.new("X509_ALGOR **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_REQ_get0_signature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_req, self._backend._ffi.NULL, alg
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(alg[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = _obj2txt(self._backend, alg[0].algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_exts = self._backend._lib.X509_REQ_get_extensions(self._x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_exts = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509_exts,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lambda x: self._backend._lib.sk_X509_EXTENSION_pop_free(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x, self._backend._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib._original_lib, "X509_EXTENSION_free"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CSR_EXTENSION_PARSER.parse(self._backend, x509_exts)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.PEM_write_bio_X509_REQ(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- bio, self._x509_req
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_X509_REQ_bio(bio, self._x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_certrequest_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.i2d_re_X509_REQ_tbs(self._x509_req, pp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig = self._backend._ffi.new("ASN1_BIT_STRING **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._lib.X509_REQ_get0_signature(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x509_req, sig, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(sig[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _asn1_string_to_bytes(self._backend, sig[0])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def is_signature_valid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey = self._backend._lib.X509_REQ_get_pubkey(self._x509_req)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.X509_REQ_verify(self._x509_req, pkey)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if res != 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x509.certificate_transparency.SignedCertificateTimestamp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _SignedCertificateTimestamp(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, backend, sct_list, sct):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Keep the SCT_LIST that this SCT came from alive.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._sct_list = sct_list
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._sct = sct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def version(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- version = self._backend._lib.SCT_get_version(self._sct)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert version == self._backend._lib.SCT_VERSION_V1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.certificate_transparency.Version.v1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def log_id(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- out = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- log_id_length = self._backend._lib.SCT_get0_log_id(self._sct, out)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert log_id_length >= 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(out[0], log_id_length)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def timestamp(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- timestamp = self._backend._lib.SCT_get_timestamp(self._sct)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- milliseconds = timestamp % 1000
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return datetime.datetime.utcfromtimestamp(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- timestamp // 1000
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).replace(microsecond=milliseconds * 1000)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def entry_type(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- entry_type = self._backend._lib.SCT_get_log_entry_type(self._sct)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We currently only support loading SCTs from the X.509 extension, so
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we only have precerts.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert entry_type == self._backend._lib.CT_LOG_ENTRY_TYPE_PRECERT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x509.certificate_transparency.LogEntryType.PRE_CERTIFICATE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ptrptr = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = self._backend._lib.SCT_get0_signature(self._sct, ptrptr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend.openssl_assert(ptrptr[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend._ffi.buffer(ptrptr[0], res)[:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self._signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, _SignedCertificateTimestamp):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._signature == other._signature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/_conditional.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/_conditional.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/_conditional.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,434 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ec2m():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EC_POINT_set_affine_coordinates_GF2m",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EC_POINT_get_affine_coordinates_GF2m",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EC_POINT_set_compressed_coordinates_GF2m",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ec_1_0_2():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EC_curve_nid2nist",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_set_ecdh_auto():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_ecdh_auto",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_rsa_r_pkcs_decoding_error():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RSA_R_PKCS_DECODING_ERROR"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_rsa_oaep_md():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_CTX_set_rsa_oaep_md",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_rsa_oaep_label():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_CTX_set0_rsa_oaep_label",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ssl3_method():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSLv3_method",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSLv3_client_method",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSLv3_server_method",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_alpn():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_alpn_protos",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_set_alpn_protos",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_alpn_select_cb",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_get0_alpn_selected",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_compression():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_get_current_compression",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_get_current_expansion",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_COMP_get_name",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_get_server_tmp_key():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_get_server_tmp_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_102_verification_error_codes():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_SUITE_B_INVALID_VERSION',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_SUITE_B_INVALID_ALGORITHM',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_SUITE_B_INVALID_CURVE',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_HOSTNAME_MISMATCH',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_EMAIL_MISMATCH',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509_V_ERR_IP_ADDRESS_MISMATCH'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_102_verification_params():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_V_FLAG_SUITEB_128_LOS_ONLY",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_V_FLAG_SUITEB_192_LOS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_V_FLAG_SUITEB_128_LOS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_VERIFY_PARAM_set1_host",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_VERIFY_PARAM_set1_email",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_VERIFY_PARAM_set1_ip",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_VERIFY_PARAM_set1_ip_asc",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_VERIFY_PARAM_set_hostflags",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_get0_param",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_CHECK_FLAG_NO_WILDCARDS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_110_verification_params():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_x509_v_flag_trusted_first():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_V_FLAG_TRUSTED_FIRST",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_x509_v_flag_partial_chain():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_V_FLAG_PARTIAL_CHAIN",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_set_cert_cb():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_cert_cb",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_set_cert_cb",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ssl_st():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_ST_BEFORE",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_ST_OK",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_ST_INIT",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_ST_RENEGOTIATE",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_tls_st():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "TLS_ST_BEFORE",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "TLS_ST_OK",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_locking_callbacks():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_setup_ssl_threads",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_scrypt():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PBE_scrypt",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_generic_dtls_method():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DTLS_method",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DTLS_server_method",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DTLS_client_method",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_OP_NO_DTLSv1",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_OP_NO_DTLSv1_2",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DTLS_set_link_mtu",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DTLS_get_link_min_mtu",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_evp_pkey_dhx():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_DHX",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_mem_functions():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_CRYPTO_set_mem_functions",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_sct():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_get_version",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_get_log_entry_type",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_get0_log_id",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_get0_signature",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_get_timestamp",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_set_source",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sk_SCT_num",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sk_SCT_value",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_LIST_free",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sk_SCT_push",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sk_SCT_new_null",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_new",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_set1_log_id",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_set_timestamp",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_set_version",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SCT_set_log_entry_type",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_x509_store_ctx_get_issuer():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_STORE_get_get_issuer",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X509_STORE_set_get_issuer",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_x25519():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_X25519",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NID_X25519",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_x448():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_X448",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NID_X448",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ed448():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_ED448",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NID_ED448",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ed25519():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NID_ED25519",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_ED25519",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_poly1305():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NID_poly1305",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_POLY1305",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_oneshot_evp_digest_sign_verify():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_DigestSign",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_DigestVerify",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_evp_digestfinal_xof():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_DigestFinalXOF",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_evp_pkey_get_set_tls_encodedpoint():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_get1_tls_encodedpoint",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_set1_tls_encodedpoint",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_fips():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "FIPS_set_mode",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "FIPS_mode",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_ssl_sigalgs():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set1_sigalgs_list",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_get_sigalgs",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_psk():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_use_psk_identity_hint",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_psk_server_callback",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_psk_client_callback",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_custom_ext():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_add_client_custom_ext",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_add_server_custom_ext",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_extension_supported",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_openssl_cleanup():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OPENSSL_cleanup",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_cipher_details():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CIPHER_is_aead",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CIPHER_get_cipher_nid",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CIPHER_get_digest_nid",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CIPHER_get_kx_nid",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CIPHER_get_auth_nid",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_tlsv13():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_OP_NO_TLSv1_3",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_VERIFY_POST_HANDSHAKE",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_ciphersuites",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_verify_client_post_handshake",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_post_handshake_auth",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_set_post_handshake_auth",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_SESSION_get_max_early_data",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_write_early_data",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_read_early_data",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SSL_CTX_set_max_early_data",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_raw_key():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_new_raw_private_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_new_raw_public_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_get_raw_private_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_PKEY_get_raw_public_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_evp_r_memory_limit_exceeded():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EVP_R_MEMORY_LIMIT_EXCEEDED",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cryptography_has_engine():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_by_id",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_init",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_finish",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_get_default_RAND",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_set_default_RAND",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_unregister_RAND",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_ctrl_cmd",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_free",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ENGINE_get_name",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_add_osrandom_engine",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This is a mapping of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# {condition: function-returning-names-dependent-on-that-condition} so we can
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# loop over them and delete unsupported names at runtime. It will be removed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# when cffi supports #if in cdef. We use functions instead of just a dict of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# lists so we can use coverage to measure which are used.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-CONDITIONAL_NAMES = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_EC2M": cryptography_has_ec2m,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_EC_1_0_2": cryptography_has_ec_1_0_2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SET_ECDH_AUTO": cryptography_has_set_ecdh_auto,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_rsa_r_pkcs_decoding_error
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_RSA_OAEP_MD": cryptography_has_rsa_oaep_md,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_RSA_OAEP_LABEL": cryptography_has_rsa_oaep_label,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SSL3_METHOD": cryptography_has_ssl3_method,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_ALPN": cryptography_has_alpn,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_COMPRESSION": cryptography_has_compression,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_GET_SERVER_TMP_KEY": cryptography_has_get_server_tmp_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_102_VERIFICATION_ERROR_CODES": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_102_verification_error_codes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_102_VERIFICATION_PARAMS": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_102_verification_params
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_110_VERIFICATION_PARAMS": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_110_verification_params
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_x509_v_flag_trusted_first
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_x509_v_flag_partial_chain
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_TLS_ST": cryptography_has_tls_st,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_LOCKING_CALLBACKS": cryptography_has_locking_callbacks,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SCRYPT": cryptography_has_scrypt,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_GENERIC_DTLS_METHOD": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_generic_dtls_method
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_EVP_PKEY_DHX": cryptography_has_evp_pkey_dhx,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_MEM_FUNCTIONS": cryptography_has_mem_functions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SCT": cryptography_has_sct,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_X509_STORE_CTX_GET_ISSUER": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_x509_store_ctx_get_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_X25519": cryptography_has_x25519,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_X448": cryptography_has_x448,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_ED448": cryptography_has_ed448,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_ED25519": cryptography_has_ed25519,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_POLY1305": cryptography_has_poly1305,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_oneshot_evp_digest_sign_verify
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_evp_pkey_get_set_tls_encodedpoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_FIPS": cryptography_has_fips,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_PSK": cryptography_has_psk,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_CUSTOM_EXT": cryptography_has_custom_ext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_OPENSSL_CLEANUP": cryptography_has_openssl_cleanup,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_CIPHER_DETAILS": cryptography_has_cipher_details,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_TLSv1_3": cryptography_has_tlsv13,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_RAW_KEY": cryptography_has_raw_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_EVP_DIGESTFINAL_XOF": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_evp_digestfinal_xof
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_EVP_R_MEMORY_LIMIT_EXCEEDED": (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cryptography_has_evp_r_memory_limit_exceeded
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cryptography_HAS_ENGINE": cryptography_has_engine,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/binding.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/binding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/binding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,197 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import collections
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import threading
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import types
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import cryptography
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import InternalError
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.bindings._openssl import ffi, lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.bindings.openssl._conditional import CONDITIONAL_NAMES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OpenSSLErrorWithText = collections.namedtuple(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_OpenSSLErrorWithText", ["code", "lib", "func", "reason", "reason_text"]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _OpenSSLError(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, code, lib, func, reason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._code = code
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._lib = lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._func = func
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._reason = reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _lib_reason_match(self, lib, reason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return lib == self.lib and reason == self.reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- code = utils.read_only_property("_code")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib = utils.read_only_property("_lib")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- func = utils.read_only_property("_func")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason = utils.read_only_property("_reason")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _consume_errors(lib):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while True:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- code = lib.ERR_get_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if code == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- break
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- err_lib = lib.ERR_GET_LIB(code)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- err_func = lib.ERR_GET_FUNC(code)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- err_reason = lib.ERR_GET_REASON(code)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors.append(_OpenSSLError(code, err_lib, err_func, err_reason))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return errors
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _openssl_assert(lib, ok):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not ok:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors = _consume_errors(lib)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors_with_text = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for err in errors:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buf = ffi.new("char[]", 256)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.ERR_error_string_n(err.code, buf, len(buf))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- err_text_reason = ffi.string(buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors_with_text.append(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _OpenSSLErrorWithText(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- err.code, err.lib, err.func, err.reason, err_text_reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InternalError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Unknown OpenSSL error. This error is commonly encountered when "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "another library is not cleaning up the OpenSSL error stack. If "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "you are using cryptography with another library that uses "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OpenSSL try disabling it before reporting a bug. Otherwise "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "please file an issue at https://github.com/pyca/cryptography/"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "issues with information on how to reproduce "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "this. ({0!r})".format(errors_with_text),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errors_with_text
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def build_conditional_library(lib, conditional_names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- conditional_lib = types.ModuleType("lib")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- conditional_lib._original_lib = lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- excluded_names = set()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for condition, names_cb in conditional_names.items():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not getattr(lib, condition):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- excluded_names.update(names_cb())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for attr in dir(lib):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if attr not in excluded_names:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- setattr(conditional_lib, attr, getattr(lib, attr))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return conditional_lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Binding(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OpenSSL API wrapper.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ffi = ffi
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _lib_loaded = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _init_lock = threading.Lock()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _lock_init_lock = threading.Lock()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ensure_ffi_initialized()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _register_osrandom_engine(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Clear any errors extant in the queue before we start. In many
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # scenarios other things may be interacting with OpenSSL in the same
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # process space and it has proven untenable to assume that they will
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # reliably clear the error queue. Once we clear it here we will
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # error on any subsequent unexpected item in the stack.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls.lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cls.lib.Cryptography_HAS_ENGINE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = cls.lib.Cryptography_add_osrandom_engine()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _openssl_assert(cls.lib, result in (1, 2))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _ensure_ffi_initialized(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with cls._init_lock:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not cls._lib_loaded:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls.lib = build_conditional_library(lib, CONDITIONAL_NAMES)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls._lib_loaded = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # initialize the SSL library
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls.lib.SSL_library_init()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # adds all ciphers/digests for EVP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls.lib.OpenSSL_add_all_algorithms()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # loads error strings for libcrypto and libssl functions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls.lib.SSL_load_error_strings()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls._register_osrandom_engine()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def init_static_locks(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with cls._lock_init_lock:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls._ensure_ffi_initialized()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Use Python's implementation if available, importing _ssl triggers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # the setup for this.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __import__("_ssl")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (not cls.lib.Cryptography_HAS_LOCKING_CALLBACKS or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cls.lib.CRYPTO_get_locking_callback() != cls.ffi.NULL):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # If nothing else has setup a locking callback already, we set up
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # our own
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = lib.Cryptography_setup_ssl_threads()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _openssl_assert(cls.lib, res == 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _verify_openssl_version(lib):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not lib.CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OpenSSL version 1.0.1 is no longer supported by the OpenSSL "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "project, please upgrade. A future version of cryptography will "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "drop support for it.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _verify_package_version(version):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Occasionally we run into situations where the version of the Python
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # package does not match the version of the shared object that is loaded.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This may occur in environments where multiple versions of cryptography
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # are installed and available in the python path. To avoid errors cropping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # up later this code checks that the currently imported package and the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # shared object that were loaded have the same version and raise an
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ImportError if they do not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- so_package_version = ffi.string(lib.CRYPTOGRAPHY_PACKAGE_VERSION)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if version.encode("ascii") != so_package_version:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ImportError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The version of cryptography does not match the loaded "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "shared object. This can happen if you have multiple copies of "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "cryptography installed in your Python path. Please try creating "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "a new virtual environment to resolve this issue. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Loaded python version: {}, shared object version: {}".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- version, so_package_version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_verify_package_version(cryptography.__version__)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# OpenSSL is not thread safe until the locks are initialized. We call this
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# method in module scope so that it executes with the import lock. On
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Pythons < 3.4 this import lock is a global lock, which can prevent a race
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# condition registering the OpenSSL locks. On Python 3.4+ the import lock
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# is per module so this approach will not work.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-Binding.init_static_locks()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_verify_openssl_version(Binding.lib)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,40 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AsymmetricSignatureContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Processes the provided bytes and returns nothing.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the signature as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AsymmetricVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Processes the provided bytes and returns nothing.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Raises an exception if the bytes provided to update do not match the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- signature or the signature does not match the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dh.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dh.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dh.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,212 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def generate_parameters(generator, key_size, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.generate_dh_parameters(generator, key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHPrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, x, public_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(x, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("x must be an integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(public_numbers, DHPublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("public_numbers must be an instance of "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DHPublicNumbers.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x = x
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DHPrivateNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x == other._x and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_numbers == other._public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_dh_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x = utils.read_only_property("_x")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHPublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, y, parameter_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(y, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("y must be an integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(parameter_numbers, DHParameterNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "parameters must be an instance of DHParameterNumbers.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._y = y
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._parameter_numbers = parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DHPublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._y == other._y and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._parameter_numbers == other._parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_dh_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y = utils.read_only_property("_y")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = utils.read_only_property("_parameter_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHParameterNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, p, g, q=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(p, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(g, six.integer_types)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("p and g must be integers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q is not None and not isinstance(q, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("q must be integer or None")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if g < 2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("DH generator must be 2 or greater")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._p = p
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._g = g
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._q = q
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DHParameterNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._p == other._p and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._g == other._g and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._q == other._q
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_dh_parameter_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = utils.read_only_property("_p")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = utils.read_only_property("_g")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = utils.read_only_property("_q")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHParameters(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generates and returns a DHPrivateKey.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameter_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the parameters serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DHParameterNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-DHParametersWithSerialization = DHParameters
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The DHPublicKey associated with this private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The DHParameters object associated with this private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Given peer's DHPublicKey, carry out the key exchange and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return shared key as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHPrivateKeyWithSerialization(DHPrivateKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DHPrivateNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DHPublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The DHParameters object associated with this public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DHPublicNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-DHPublicKeyWithSerialization = DHPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,254 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAParameters(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Generates and returns a DSAPrivateKey.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAParametersWithNumbers(DSAParameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DSAParameterNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The DSAPublicKey associated with this private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The DSAParameters object associated with this private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an AsymmetricSignatureContext used for signing data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAPrivateKeyWithSerialization(DSAPrivateKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DSAPrivateNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The DSAParameters object associated with this public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an AsymmetricVerificationContext used for signing data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a DSAPublicNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verifies the signature of the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-DSAPublicKeyWithSerialization = DSAPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def generate_parameters(key_size, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.generate_dsa_parameters(key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def generate_private_key(key_size, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.generate_dsa_private_key_and_parameters(key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_dsa_parameters(parameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if parameters.p.bit_length() not in [1024, 2048, 3072]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("p must be exactly 1024, 2048, or 3072 bits long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if parameters.q.bit_length() not in [160, 224, 256]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("q must be exactly 160, 224, or 256 bits long")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not (1 < parameters.g < parameters.p):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("g, p don't satisfy 1 < g < p.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_dsa_private_numbers(numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameters = numbers.public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_dsa_parameters(parameters)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if numbers.x <= 0 or numbers.x >= parameters.q:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("x must be > 0 and < q.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if numbers.public_numbers.y != pow(parameters.g, numbers.x, parameters.p):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("y must be equal to (g ** x % p).")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAParameterNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, p, q, g):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(p, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(q, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(g, six.integer_types)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DSAParameterNumbers p, q, and g arguments must be integers."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._p = p
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._q = q
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._g = g
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = utils.read_only_property("_p")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = utils.read_only_property("_q")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g = utils.read_only_property("_g")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def parameters(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_dsa_parameter_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DSAParameterNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.p == other.p and self.q == other.q and self.g == other.g
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<DSAParameterNumbers(p={self.p}, q={self.q}, g={self.g})>".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self=self
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAPublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, y, parameter_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(y, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("DSAPublicNumbers y argument must be an integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(parameter_numbers, DSAParameterNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "parameter_numbers must be a DSAParameterNumbers instance."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._y = y
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._parameter_numbers = parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y = utils.read_only_property("_y")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = utils.read_only_property("_parameter_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_dsa_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.y == other.y and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.parameter_numbers == other.parameter_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<DSAPublicNumbers(y={self.y}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "parameter_numbers={self.parameter_numbers})>".format(self=self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DSAPrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, x, public_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(x, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("DSAPrivateNumbers x argument must be an integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(public_numbers, DSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "public_numbers must be a DSAPublicNumbers instance."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x = x
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x = utils.read_only_property("_x")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_dsa_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DSAPrivateNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.x == other.x and self.public_numbers == other.public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ec.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ec.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ec.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,500 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat._oid import ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurveOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECP192R1 = ObjectIdentifier("1.2.840.10045.3.1.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECP224R1 = ObjectIdentifier("1.3.132.0.33")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECP256K1 = ObjectIdentifier("1.3.132.0.10")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECP256R1 = ObjectIdentifier("1.2.840.10045.3.1.7")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECP384R1 = ObjectIdentifier("1.3.132.0.34")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECP521R1 = ObjectIdentifier("1.3.132.0.35")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BRAINPOOLP256R1 = ObjectIdentifier("1.3.36.3.3.2.8.1.1.7")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BRAINPOOLP384R1 = ObjectIdentifier("1.3.36.3.3.2.8.1.1.11")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BRAINPOOLP512R1 = ObjectIdentifier("1.3.36.3.3.2.8.1.1.13")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT163K1 = ObjectIdentifier("1.3.132.0.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT163R2 = ObjectIdentifier("1.3.132.0.15")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT233K1 = ObjectIdentifier("1.3.132.0.26")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT233R1 = ObjectIdentifier("1.3.132.0.27")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT283K1 = ObjectIdentifier("1.3.132.0.16")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT283R1 = ObjectIdentifier("1.3.132.0.17")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT409K1 = ObjectIdentifier("1.3.132.0.36")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT409R1 = ObjectIdentifier("1.3.132.0.37")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT571K1 = ObjectIdentifier("1.3.132.0.38")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SECT571R1 = ObjectIdentifier("1.3.132.0.39")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurve(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The name of the curve. e.g. secp256r1.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Bit size of a secret scalar for the curve.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurveSignatureAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The digest algorithm used with this signature.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurvePrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an AsymmetricSignatureContext used for signing data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, algorithm, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Performs a key exchange operation using the provided algorithm with the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- provided peer's public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The EllipticCurvePublicKey for this private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def curve(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The EllipticCurve that this key is on.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Bit size of a secret scalar for the curve.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurvePrivateKeyWithSerialization(EllipticCurvePrivateKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an EllipticCurvePrivateNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurvePublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an AsymmetricVerificationContext used for signing data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def curve(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The EllipticCurve that this key is on.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Bit size of a secret scalar for the curve.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an EllipticCurvePublicNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verifies the signature of the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_encoded_point(cls, curve, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("curve must be an EllipticCurve instance")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("data must not be an empty byte string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if six.indexbytes(data, 0) not in [0x02, 0x03, 0x04]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unsupported elliptic curve point type")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_elliptic_curve_public_bytes(curve, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-EllipticCurvePublicKeyWithSerialization = EllipticCurvePublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT571R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect571r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 570
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT409R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect409r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 409
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT283R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect283r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 283
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT233R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect233r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 233
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT163R2(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect163r2"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 163
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT571K1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect571k1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 571
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT409K1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect409k1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 409
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT283K1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect283k1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 283
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT233K1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect233k1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 233
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECT163K1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sect163k1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 163
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECP521R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "secp521r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 521
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECP384R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "secp384r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 384
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECP256R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "secp256r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 256
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECP256K1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "secp256k1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 256
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECP224R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "secp224r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 224
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SECP192R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "secp192r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 192
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BrainpoolP256R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "brainpoolP256r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 256
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BrainpoolP384R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "brainpoolP384r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 384
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BrainpoolP512R1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "brainpoolP512r1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_size = 512
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CURVE_TYPES = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "prime192v1": SECP192R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "prime256v1": SECP256R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp192r1": SECP192R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp224r1": SECP224R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp256r1": SECP256R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp384r1": SECP384R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp521r1": SECP521R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "secp256k1": SECP256K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect163k1": SECT163K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect233k1": SECT233K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect283k1": SECT283K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect409k1": SECT409K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect571k1": SECT571K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect163r2": SECT163R2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect233r1": SECT233R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect283r1": SECT283R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect409r1": SECT409R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "sect571r1": SECT571R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "brainpoolP256r1": BrainpoolP256R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "brainpoolP384r1": BrainpoolP384R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "brainpoolP512r1": BrainpoolP512R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(EllipticCurveSignatureAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ECDSA(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def generate_private_key(curve, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.generate_elliptic_curve_private_key(curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def derive_private_key(private_value, curve, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(private_value, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("private_value must be an integer type.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if private_value <= 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("private_value must be a positive integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("curve must provide the EllipticCurve interface.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.derive_elliptic_curve_private_key(private_value, curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurvePublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, x, y, curve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(x, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(y, six.integer_types)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("x and y must be integers.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("curve must provide the EllipticCurve interface.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._y = y
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._x = x
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._curve = curve
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_elliptic_curve_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encode_point(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "encode_point has been deprecated on EllipticCurvePublicNumbers"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " and will be removed in a future version. Please use "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "EllipticCurvePublicKey.public_bytes to obtain both "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "compressed and uncompressed point encoding.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.DeprecatedIn25,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # key_size is in bits. Convert to bytes and round up
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- byte_length = (self.curve.key_size + 7) // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b'\x04' + utils.int_to_bytes(self.x, byte_length) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.int_to_bytes(self.y, byte_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_encoded_point(cls, curve, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("curve must be an EllipticCurve instance")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Support for unsafe construction of public numbers from "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "encoded data will be removed in a future version. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Please use EllipticCurvePublicKey.from_encoded_point",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.DeprecatedIn25,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if data.startswith(b'\x04'):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # key_size is in bits. Convert to bytes and round up
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- byte_length = (curve.key_size + 7) // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) == 2 * byte_length + 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x = utils.int_from_bytes(data[1:byte_length + 1], 'big')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y = utils.int_from_bytes(data[byte_length + 1:], 'big')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cls(x, y, curve)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Invalid elliptic curve point data length')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Unsupported elliptic curve point type')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve = utils.read_only_property("_curve")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x = utils.read_only_property("_x")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y = utils.read_only_property("_y")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, EllipticCurvePublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.x == other.x and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.y == other.y and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.curve.name == other.curve.name and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.curve.key_size == other.curve.key_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.x, self.y, self.curve.name, self.curve.key_size))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<EllipticCurvePublicNumbers(curve={0.curve.name}, x={0.x}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "y={0.y}>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class EllipticCurvePrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, private_value, public_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(private_value, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("private_value must be an integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(public_numbers, EllipticCurvePublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "public_numbers must be an EllipticCurvePublicNumbers "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "instance."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._private_value = private_value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_elliptic_curve_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private_value = utils.read_only_property("_private_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, EllipticCurvePrivateNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.private_value == other.private_value and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.public_numbers == other.public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.private_value, self.public_numbers))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ECDH(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OID_TO_CURVE = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECP192R1: SECP192R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECP224R1: SECP224R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECP256K1: SECP256K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECP256R1: SECP256R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECP384R1: SECP384R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECP521R1: SECP521R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.BRAINPOOLP256R1: BrainpoolP256R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.BRAINPOOLP384R1: BrainpoolP384R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.BRAINPOOLP512R1: BrainpoolP512R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT163K1: SECT163K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT163R2: SECT163R2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT233K1: SECT233K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT233R1: SECT233R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT283K1: SECT283K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT283R1: SECT283R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT409K1: SECT409K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT409R1: SECT409R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT571K1: SECT571K1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EllipticCurveOID.SECT571R1: SECT571R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def get_curve_for_oid(oid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _OID_TO_CURVE[oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except KeyError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise LookupError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The provided object identifier has no matching elliptic "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "curve class"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,84 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ED25519_KEY_SIZE = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ED25519_SIG_SIZE = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Ed25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.ed25519_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ed25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.ed25519_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verify the signature.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Ed25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.ed25519_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ed25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.ed25519_generate_key()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.ed25519_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ed25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.ed25519_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The Ed25519PublicKey derived from the private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed448.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,79 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Ed448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.ed448_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ed448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.ed448_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verify the signature.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Ed448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.ed448_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ed448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.ed448_generate_key()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.ed448_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ed448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.ed448_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The Ed448PublicKey derived from the private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/padding.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/padding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/padding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,79 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import math
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import rsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AsymmetricPadding(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- A string naming this padding (e.g. "PSS", "PKCS1").
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricPadding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PKCS1v15(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "EMSA-PKCS1-v1_5"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricPadding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PSS(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- MAX_LENGTH = object()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "EMSA-PSS"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, mgf, salt_length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._mgf = mgf
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (not isinstance(salt_length, six.integer_types) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- salt_length is not self.MAX_LENGTH):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("salt_length must be an integer.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if salt_length is not self.MAX_LENGTH and salt_length < 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("salt_length must be zero or greater.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._salt_length = salt_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AsymmetricPadding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OAEP(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "EME-OAEP"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, mgf, algorithm, label):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._mgf = mgf
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._label = label
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class MGF1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- MAX_LENGTH = object()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def calculate_max_pss_salt_length(key, hash_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(key, (rsa.RSAPrivateKey, rsa.RSAPublicKey)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("key must be an RSA public or private key")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # bit length - 1 per RFC 3447
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- emlen = int(math.ceil((key.key_size - 1) / 8.0))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- salt_length = emlen - hash_algorithm.digest_size - 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert salt_length >= 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return salt_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/rsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/rsa.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,368 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Only available in math in 3.5+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from math import gcd
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-except ImportError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from fractions import gcd
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import RSABackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signer(self, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an AsymmetricSignatureContext used for signing data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, ciphertext, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Decrypts the provided ciphertext.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The bit length of the public modulus.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The RSAPublicKey associated with this private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RSAPrivateKeyWithSerialization(RSAPrivateKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an RSAPrivateNumbers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verifier(self, signature, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an AsymmetricVerificationContext used for verifying signatures.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, plaintext, padding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Encrypts the given plaintext.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The bit length of the public modulus.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an RSAPublicNumbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verifies the signature of the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-RSAPublicKeyWithSerialization = RSAPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def generate_private_key(public_exponent, key_size, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, RSABackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement RSABackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _verify_rsa_parameters(public_exponent, key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.generate_rsa_private_key(public_exponent, key_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _verify_rsa_parameters(public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if public_exponent < 3:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("public_exponent must be >= 3.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if public_exponent & 1 == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("public_exponent must be odd.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_size < 512:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("key_size must be at least 512-bits.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_private_key_components(p, q, private_exponent, dmp1, dmq1, iqmp,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_exponent, modulus):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if modulus < 3:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("modulus must be >= 3.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if p >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("p must be < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if q >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("q must be < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dmp1 >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("dmp1 must be < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dmq1 >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("dmq1 must be < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if iqmp >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("iqmp must be < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if private_exponent >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("private_exponent must be < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if public_exponent < 3 or public_exponent >= modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("public_exponent must be >= 3 and < modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if public_exponent & 1 == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("public_exponent must be odd.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dmp1 & 1 == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("dmp1 must be odd.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if dmq1 & 1 == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("dmq1 must be odd.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if p * q != modulus:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("p*q must equal modulus.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_public_key_components(e, n):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if n < 3:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("n must be >= 3.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if e < 3 or e >= n:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("e must be >= 3 and < n.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if e & 1 == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("e must be odd.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _modinv(e, m):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Modular Multiplicative Inverse. Returns x such that: (x*e) mod m == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- x1, y1, x2, y2 = 1, 0, 0, 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a, b = e, m
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while b > 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q, r = divmod(a, b)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- xn, yn = x1 - q * x2, y1 - q * y2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a, b, x1, y1, x2, y2 = b, r, x2, y2, xn, yn
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x1 % m
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def rsa_crt_iqmp(p, q):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Compute the CRT (q ** -1) % p value from RSA primes p and q.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _modinv(q, p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def rsa_crt_dmp1(private_exponent, p):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Compute the CRT private_exponent % (p - 1) value from the RSA
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private_exponent (d) and p.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return private_exponent % (p - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def rsa_crt_dmq1(private_exponent, q):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Compute the CRT private_exponent % (q - 1) value from the RSA
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- private_exponent (d) and q.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return private_exponent % (q - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Controls the number of iterations rsa_recover_prime_factors will perform
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# to obtain the prime factors. Each iteration increments by 2 so the actual
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# maximum attempts is half this number.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_MAX_RECOVERY_ATTEMPTS = 1000
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def rsa_recover_prime_factors(n, e, d):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Compute factors p and q from the private exponent d. We assume that n has
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- no more than two factors. This function is adapted from code in PyCrypto.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # See 8.2.2(i) in Handbook of Applied Cryptography.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ktot = d * e - 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The quantity d*e-1 is a multiple of phi(n), even,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # and can be represented as t*2^s.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- t = ktot
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while t % 2 == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- t = t // 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Cycle through all multiplicative inverses in Zn.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The algorithm is non-deterministic, but there is a 50% chance
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # any candidate a leads to successful factoring.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # See "Digitalized Signatures and Public Key Functions as Intractable
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # as Factorization", M. Rabin, 1979
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- spotted = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a = 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while not spotted and a < _MAX_RECOVERY_ATTEMPTS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- k = t
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Cycle through all values a^{t*2^i}=a^k
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while k < ktot:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cand = pow(a, k, n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Check if a^k is a non-trivial root of unity (mod n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cand != 1 and cand != (n - 1) and pow(cand, 2, n) == 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # We have found a number such that (cand-1)(cand+1)=0 (mod n).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Either of the terms divides n.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = gcd(cand + 1, n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- spotted = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- break
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- k *= 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This value was not any good... let's try another!
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a += 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not spotted:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Unable to compute factors p and q from exponent d.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Found !
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q, r = divmod(n, p)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert r == 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p, q = sorted((p, q), reverse=True)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (p, q)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RSAPrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, p, q, d, dmp1, dmq1, iqmp,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(p, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(q, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(d, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(dmp1, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(dmq1, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(iqmp, six.integer_types)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RSAPrivateNumbers p, q, d, dmp1, dmq1, iqmp arguments must"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " all be an integers."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(public_numbers, RSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RSAPrivateNumbers public_numbers must be an RSAPublicNumbers"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " instance."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._p = p
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._q = q
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._d = d
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dmp1 = dmp1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._dmq1 = dmq1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._iqmp = iqmp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = utils.read_only_property("_p")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q = utils.read_only_property("_q")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- d = utils.read_only_property("_d")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmp1 = utils.read_only_property("_dmp1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dmq1 = utils.read_only_property("_dmq1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iqmp = utils.read_only_property("_iqmp")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_rsa_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, RSAPrivateNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.p == other.p and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.q == other.q and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.d == other.d and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.dmp1 == other.dmp1 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.dmq1 == other.dmq1 and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.iqmp == other.iqmp and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.public_numbers == other.public_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.p,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.q,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.d,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.dmp1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.dmq1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.iqmp,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.public_numbers,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RSAPublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, e, n):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(e, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(n, six.integer_types)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("RSAPublicNumbers arguments must be integers.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._e = e
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._n = n
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = utils.read_only_property("_e")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = utils.read_only_property("_n")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_rsa_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<RSAPublicNumbers(e={0.e}, n={0.n})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, RSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.e == other.e and self.n == other.n
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.e, self.n))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/utils.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,38 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from asn1crypto.algos import DSASignature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def decode_dss_signature(signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = DSASignature.load(signature, strict=True).native
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data['r'], data['s']
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def encode_dss_signature(r, s):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(r, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(s, six.integer_types)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Both r and s must be integers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return DSASignature({'r': r, 's': s}).dump()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Prehashed(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected instance of HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest_size = algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x25519.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,73 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class X25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.x25519_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x25519_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding=None, format=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class X25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.x25519_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x25519_generate_key()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.x25519_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x25519_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Performs a key exchange operation using the provided peer's public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x448.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x448.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,73 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class X448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.x448_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x448_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class X448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.x448_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x448_generate_key()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.x448_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "X448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x448_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Performs a key exchange operation using the provided peer's public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,21 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.base import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AEADCipherContext, AEADDecryptionContext, AEADEncryptionContext,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BlockCipherAlgorithm, Cipher, CipherAlgorithm, CipherContext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-__all__ = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cipher",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CipherAlgorithm",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "BlockCipherAlgorithm",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CipherContext",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AEADCipherContext",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AEADDecryptionContext",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AEADEncryptionContext",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/aead.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/aead.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/aead.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,188 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import exceptions, utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl import aead
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ChaCha20Poly1305(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _MAX_SIZE = 2 ** 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.aead_cipher_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise exceptions.UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ChaCha20Poly1305 is not supported by this version of OpenSSL",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- exceptions._Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) != 32:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("ChaCha20Poly1305 key must be 32 bytes.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_key(cls):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return os.urandom(32)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- associated_data = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) > self._MAX_SIZE or len(associated_data) > self._MAX_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is OverflowError to match what cffi would raise
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise OverflowError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Data or associated data too long. Max 2**32 bytes"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aead._encrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- associated_data = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aead._decrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _check_params(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("associated_data", associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(nonce) != 12:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Nonce must be 12 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AESCCM(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _MAX_SIZE = 2 ** 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key, tag_length=16):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) not in (16, 24, 32):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("AESCCM key must be 128, 192, or 256 bits.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(tag_length, int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("tag_length must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if tag_length not in (4, 6, 8, 10, 12, 14, 16):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid tag_length")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag_length = tag_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.aead_cipher_supported(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise exceptions.UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AESCCM is not supported by this version of OpenSSL",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- exceptions._Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_key(cls, bit_length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(bit_length, int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("bit_length must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if bit_length not in (128, 192, 256):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("bit_length must be 128, 192, or 256")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return os.urandom(bit_length // 8)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- associated_data = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) > self._MAX_SIZE or len(associated_data) > self._MAX_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is OverflowError to match what cffi would raise
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise OverflowError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Data or associated data too long. Max 2**32 bytes"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._validate_lengths(nonce, len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aead._encrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, self, nonce, data, associated_data, self._tag_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- associated_data = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aead._decrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, self, nonce, data, associated_data, self._tag_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _validate_lengths(self, nonce, data_len):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # For information about computing this, see
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # https://tools.ietf.org/html/rfc3610#section-2.1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- l_val = 15 - len(nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if 2 ** (8 * l_val) < data_len:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Nonce too long for data")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _check_params(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("associated_data", associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not 7 <= len(nonce) <= 13:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Nonce must be between 7 and 13 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AESGCM(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _MAX_SIZE = 2 ** 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) not in (16, 24, 32):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("AESGCM key must be 128, 192, or 256 bits.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate_key(cls, bit_length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(bit_length, int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("bit_length must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if bit_length not in (128, 192, 256):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("bit_length must be 128, 192, or 256")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return os.urandom(bit_length // 8)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- associated_data = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) > self._MAX_SIZE or len(associated_data) > self._MAX_SIZE:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is OverflowError to match what cffi would raise
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise OverflowError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Data or associated data too long. Max 2**32 bytes"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aead._encrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- associated_data = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return aead._decrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _check_params(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("associated_data", associated_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(nonce) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Nonce must be at least 1 byte")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/algorithms.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/algorithms.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/algorithms.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,167 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BlockCipherAlgorithm, CipherAlgorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.modes import ModeWithNonce
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _verify_key_size(algorithm, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Verify that the key is instance of bytes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Verify that the key size matches the expected key size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) * 8 not in algorithm.key_sizes:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid key size ({}) for {}.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(key) * 8, algorithm.name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AES(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "AES"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 512 added to support AES-256-XTS, which uses 512-bit keys
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([128, 192, 256, 512])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Camellia(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "camellia"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([128, 192, 256])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class TripleDES(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "3DES"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([64, 128, 192])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) == 8:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key += key + key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif len(key) == 16:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key += key[:8]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Blowfish(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "Blowfish"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset(range(32, 449, 8))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CAST5(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "CAST5"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset(range(40, 129, 8))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ARC4(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "RC4"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([40, 56, 64, 80, 128, 160, 192, 256])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class IDEA(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "IDEA"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([128])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SEED(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "SEED"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([128])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithNonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ChaCha20(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "ChaCha20"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_sizes = frozenset([256])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key, nonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(nonce) != 16:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("nonce must be 128-bits (16 bytes)")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._nonce = nonce
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce = utils.read_only_property("_nonce")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/base.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/base.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/base.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,235 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, AlreadyUpdated, NotYetFinalized, UnsupportedAlgorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import CipherBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers import modes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CipherAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- A string naming this mode (e.g. "AES", "Camellia").
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def key_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The size of the key being used as an integer in bits (e.g. 128, 256).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BlockCipherAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def block_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The size of a block as an integer in bits (e.g. 64, 128).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CipherContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Processes the provided bytes through the cipher and returns the results
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Processes the provided bytes and writes the resulting data into the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- provided buffer. Returns the number of bytes written.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the results of processing the final block as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AEADCipherContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def authenticate_additional_data(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Authenticates the provided bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AEADDecryptionContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize_with_tag(self, tag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the results of processing the final block as bytes and allows
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- delayed passing of the authentication tag.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AEADEncryptionContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tag(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns tag bytes. This is only available after encryption is
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finalized.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Cipher(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, mode, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, CipherBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement CipherBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, CipherAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected interface of CipherAlgorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if mode is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mode.validate_for_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.mode = mode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encryptor(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(self.mode, modes.ModeWithAuthenticationTag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.mode.tag is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Authentication tag must be None when encrypting."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend.create_symmetric_encryption_ctx(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.algorithm, self.mode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._wrap_ctx(ctx, encrypt=True)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decryptor(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = self._backend.create_symmetric_decryption_ctx(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.algorithm, self.mode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._wrap_ctx(ctx, encrypt=False)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _wrap_ctx(self, ctx, encrypt):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(self.mode, modes.ModeWithAuthenticationTag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if encrypt:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _AEADEncryptionContext(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _AEADCipherContext(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _CipherContext(ctx)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _CipherContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, ctx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ctx.update_into(data, buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AEADCipherContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(CipherContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AEADDecryptionContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _AEADCipherContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, ctx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._bytes_processed = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._aad_bytes_processed = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._updated = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _check_limit(self, data_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._updated = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._bytes_processed += data_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._bytes_processed > self._ctx._mode._MAX_ENCRYPTED_BYTES:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} has a maximum encrypted byte limit of {}".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx._mode.name, self._ctx._mode._MAX_ENCRYPTED_BYTES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_limit(len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._check_limit(len(data))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._ctx.update_into(data, buf)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = self._ctx.tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize_with_tag(self, tag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = self._ctx.finalize_with_tag(tag)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = self._ctx.tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def authenticate_additional_data(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._updated:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyUpdated("Update has been called on this context.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._aad_bytes_processed += len(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._aad_bytes_processed > self._ctx._mode._MAX_AAD_BYTES:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} has a maximum AAD byte limit of {}".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx._mode.name, self._ctx._mode._MAX_AAD_BYTES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx.authenticate_additional_data(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(AEADEncryptionContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _AEADEncryptionContext(_AEADCipherContext):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tag(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotYetFinalized("You must finalize encryption before "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "getting the tag.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/modes.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/modes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/modes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,218 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Mode(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- A string naming this mode (e.g. "ECB", "CBC").
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks that all the necessary invariants of this (mode, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- combination are met.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ModeWithInitializationVector(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def initialization_vector(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The value of the initialization vector for this mode as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ModeWithTweak(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tweak(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The value of the tweak for this mode as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ModeWithNonce(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def nonce(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The value of the nonce for this mode as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ModeWithAuthenticationTag(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tag(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The value of the tag supplied to the constructor of this mode.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_aes_key_length(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if algorithm.key_size > 256 and algorithm.name == "AES":
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Only 128, 192, and 256 bit keys are allowed for this AES mode"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_iv_length(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(self.initialization_vector) * 8 != algorithm.block_size:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid IV size ({}) for {}.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(self.initialization_vector), self.name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_iv_and_key_length(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_aes_key_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_iv_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CBC(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "CBC"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithTweak)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class XTS(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "XTS"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, tweak):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("tweak", tweak)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(tweak) != 16:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("tweak must be 128-bits (16 bytes)")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tweak = tweak
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tweak = utils.read_only_property("_tweak")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if algorithm.key_size not in (256, 512):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "The XTS specification requires a 256-bit key for AES-128-XTS"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " and 512-bit key for AES-256-XTS"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ECB(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "ECB"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- validate_for_algorithm = _check_aes_key_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OFB(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "OFB"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CFB(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "CFB"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CFB8(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "CFB8"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithNonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CTR(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "CTR"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, nonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._nonce = nonce
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce = utils.read_only_property("_nonce")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_aes_key_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(self.nonce) * 8 != algorithm.block_size:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid nonce size ({}) for {}.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(self.nonce), self.name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ModeWithAuthenticationTag)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class GCM(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "GCM"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _MAX_ENCRYPTED_BYTES = (2 ** 39 - 256) // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _MAX_AAD_BYTES = (2 ** 64) // 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, initialization_vector, tag=None, min_tag_length=16):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # len(initialization_vector) must in [1, 2 ** 64), but it's impossible
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # to actually construct a bytes object that large, so we don't check
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # for it
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(initialization_vector) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("initialization_vector must be at least 1 byte")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if tag is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("tag", tag)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if min_tag_length < 4:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("min_tag_length must be >= 4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(tag) < min_tag_length:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Authentication tag must be {} bytes or longer.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- min_tag_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._tag = tag
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._min_tag_length = min_tag_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- tag = utils.read_only_property("_tag")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _check_aes_key_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/cmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/cmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/cmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,64 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import CMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import ciphers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CMAC(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, backend, ctx=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, CMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement CMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, ciphers.BlockCipherAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Expected instance of BlockCipherAlgorithm."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = self._backend.create_cmac_ctx(self._algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._ctx = self._ctx, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx.verify(signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CMAC(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend=self._backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx=self._ctx.copy()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/constant_time.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/constant_time.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/constant_time.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,35 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import hmac
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.bindings._constant_time import lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-if hasattr(hmac, "compare_digest"):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def bytes_eq(a, b):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(a, bytes) or not isinstance(b, bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("a and b must be bytes.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hmac.compare_digest(a, b)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Support for your Python version is deprecated. The next version of "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "cryptography will remove support. Please upgrade to a release "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "(2.7.7+) that supports hmac.compare_digest as soon as possible.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.PersistentlyDeprecated2018,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def bytes_eq(a, b):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(a, bytes) or not isinstance(b, bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("a and b must be bytes.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return lib.Cryptography_constant_time_bytes_eq(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a, len(a), b, len(b)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ) == 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hashes.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hashes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hashes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,255 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HashBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HashAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- A string naming this algorithm (e.g. "sha256", "md5").
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def digest_size(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The size of the resulting digest in bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HashContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- A HashAlgorithm that will be used by this context.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Processes the provided bytes through the hash.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Finalizes the hash context and returns the hash digest as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return a HashContext that is a copy of the current context.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ExtendableOutputFunction(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- An interface for extendable output functions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Hash(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, backend, ctx=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HashBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HashBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = self._backend.create_hash_ctx(self.algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return Hash(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.algorithm, backend=self._backend, ctx=self._ctx.copy()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA1(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 20
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA512_224(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha512-224"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 28
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA512_256(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha512-256"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA224(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha224"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 28
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA256(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha256"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA384(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha384"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 48
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA512(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha512"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA3_224(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha3-224"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 28
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA3_256(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha3-256"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA3_384(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha3-384"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 48
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHA3_512(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "sha3-512"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtendableOutputFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHAKE128(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "shake128"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(digest_size, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("digest_size must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if digest_size < 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("digest_size must be a positive integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtendableOutputFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SHAKE256(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "shake256"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(digest_size, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("digest_size must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if digest_size < 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("digest_size must be a positive integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class MD5(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "md5"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = 16
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BLAKE2b(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "blake2b"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _max_digest_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _min_digest_size = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 128
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if digest_size != 64:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Digest size must be 64")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BLAKE2s(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = "blake2s"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- block_size = 64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _max_digest_size = 32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _min_digest_size = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if digest_size != 32:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Digest size must be 32")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hmac.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,66 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(hashes.HashContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HMAC(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key, algorithm, backend, ctx=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = self._backend.create_hmac_ctx(key, self.algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def copy(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return HMAC(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- backend=self._backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx=self._ctx.copy()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._ctx = self._ctx, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx.verify(signature)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,26 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class KeyDerivationFunction(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Deterministically generates and returns a new key based on the existing
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key material.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks whether the key generated by the key material matches the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- expected derived key. Raises an exception if they do not match.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/concatkdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/concatkdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/concatkdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,124 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HashBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, hashes, hmac
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _int_to_u32be(n):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return struct.pack('>I', n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _common_args_checks(algorithm, length, otherinfo):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- max_length = algorithm.digest_size * (2 ** 32 - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if length > max_length:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Can not derive keys larger than {} bits.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- max_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if otherinfo is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("otherinfo", otherinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _concatkdf_derive(key_material, length, auxfn, otherinfo):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output = [b""]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while (length > outlen):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = auxfn()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(_int_to_u32be(counter))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(otherinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen += len(output[-1])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter += 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"".join(output)[:length]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ConcatKDFHash(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, length, otherinfo, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _common_args_checks(algorithm, length, otherinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._otherinfo = otherinfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._otherinfo is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._otherinfo = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HashBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HashBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _concatkdf_derive(key_material, self._length,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hash, self._otherinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ConcatKDFHMAC(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, length, salt, otherinfo, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _common_args_checks(algorithm, length, otherinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._otherinfo = otherinfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._otherinfo is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._otherinfo = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if salt is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- salt = b"\x00" * algorithm.block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._salt = salt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _hmac(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hmac.HMAC(self._salt, self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _concatkdf_derive(key_material, self._length,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hmac, self._otherinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/hkdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/hkdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/hkdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,110 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, hmac
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HKDF(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, length, salt, info, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if salt is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- salt = b"\x00" * self._algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._salt = salt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hkdf_expand = HKDFExpand(self._algorithm, length, info, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _extract(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = hmac.HMAC(self._salt, self._algorithm, backend=self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return h.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._hkdf_expand.derive(self._extract(key_material))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HKDFExpand(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, length, info, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- max_length = 255 * algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if length > max_length:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Can not derive keys larger than {} octets.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- max_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if info is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- info = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("info", info)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._info = info
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _expand(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output = [b""]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while self._algorithm.digest_size * (len(output) - 1) < self._length:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = hmac.HMAC(key_material, self._algorithm, backend=self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(output[-1])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(self._info)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(six.int2byte(counter))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter += 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"".join(output)[:self._length]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._expand(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/kbkdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/kbkdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/kbkdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,145 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from six.moves import range
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, hashes, hmac
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Mode(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CounterMode = "ctr"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CounterLocation(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BeforeFixed = "before_fixed"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AfterFixed = "after_fixed"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class KBKDFHMAC(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, mode, length, rlen, llen,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- location, label, context, fixed, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Algorithm supplied is not a supported hash algorithm.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.hmac_supported(algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Algorithm supplied is not a supported hmac algorithm.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(mode, Mode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("mode must be of type Mode")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(location, CounterLocation):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("location must be of type CounterLocation")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (label or context) and fixed:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("When supplying fixed data, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "label and context are ignored.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rlen is None or not self._valid_byte_length(rlen):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("rlen must be between 1 and 4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if llen is None and fixed is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Please specify an llen")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if llen is not None and not isinstance(llen, int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("llen must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if label is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- label = b''
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if context is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- context = b''
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("label", label)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("context", context)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._mode = mode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._rlen = rlen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._llen = llen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._location = location
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._label = label
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._context = context
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._fixed_data = fixed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _valid_byte_length(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(value, int):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('value must be of type int')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value_bin = utils.int_to_bytes(1, value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not 1 <= len(value_bin) <= 4:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # inverse floor division (equivalent to ceiling)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rounds = -(-self._length // self._algorithm.digest_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output = [b'']
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # For counter mode, the number of iterations shall not be
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # larger than 2^r-1, where r <= 32 is the binary length of the counter
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This ensures that the counter values used as an input to the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # PRF will not repeat during a particular call to the KDF function.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r_bin = utils.int_to_bytes(1, self._rlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rounds > pow(2, len(r_bin) * 8) - 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('There are too many iterations.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(1, rounds + 1):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = hmac.HMAC(key_material, self._algorithm, backend=self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter = utils.int_to_bytes(i, self._rlen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._location == CounterLocation.BeforeFixed:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(counter)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(self._generate_fixed_input())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._location == CounterLocation.AfterFixed:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(counter)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b''.join(output)[:self._length]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _generate_fixed_input(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._fixed_data and isinstance(self._fixed_data, bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._fixed_data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- l_val = utils.int_to_bytes(self._length * 8, self._llen)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"".join([self._label, b"\x00", self._context, l_val])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/pbkdf2.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/pbkdf2.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/pbkdf2.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,56 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import PBKDF2HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PBKDF2HMAC(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, length, salt, iterations, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, PBKDF2HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement PBKDF2HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.pbkdf2_hmac_supported(algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is not supported for PBKDF2 by this backend.".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- algorithm.name),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._salt = salt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._iterations = iterations
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("PBKDF2 instances can only be used once.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.derive_pbkdf2_hmac(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._salt,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._iterations,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- derived_key = self.derive(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(derived_key, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey("Keys do not match.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/scrypt.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/scrypt.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/scrypt.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,63 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import sys
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import ScryptBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This is used by the scrypt tests to skip tests that require more memory
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# than the MEM_LIMIT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_MEM_LIMIT = sys.maxsize // 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Scrypt(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, salt, length, n, r, p, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, ScryptBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement ScryptBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if n < 2 or (n & (n - 1)) != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("n must be greater than 1 and be a power of 2.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if r < 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("r must be greater than or equal to 1.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if p < 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("p must be greater than or equal to 1.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._salt = salt
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._n = n
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._r = r
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._p = p
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Scrypt instances can only be used once.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._backend.derive_scrypt(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_material, self._salt, self._length, self._n, self._r, self._p
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- derived_key = self.derive(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(derived_key, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey("Keys do not match.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/x963kdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/x963kdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/x963kdf.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,68 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HashBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _int_to_u32be(n):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return struct.pack('>I', n)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class X963KDF(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, algorithm, length, sharedinfo, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- max_len = algorithm.digest_size * (2 ** 32 - 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if length > max_len:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Can not derive keys larger than {} bits.".format(max_len))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if sharedinfo is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("sharedinfo", sharedinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._sharedinfo = sharedinfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HashBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HashBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = False
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._used:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._used = True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output = [b""]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while self._length > outlen:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(key_material)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(_int_to_u32be(counter))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._sharedinfo is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- h.update(self._sharedinfo)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outlen += len(output[-1])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter += 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"".join(output)[:self._length]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/keywrap.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/keywrap.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/keywrap.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,154 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers import Cipher
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.algorithms import AES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.ciphers.modes import ECB
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.constant_time import bytes_eq
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _wrap_core(wrapping_key, a, r, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # RFC 3394 Key Wrap - 2.2.1 (index method)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryptor = Cipher(AES(wrapping_key), ECB(), backend).encryptor()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = len(r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for j in range(6):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in range(n):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # every encryption operation is a discrete 16 byte chunk (because
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # AES has a 128-bit block size) and since we're using ECB it is
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # safe to reuse the encryptor for the entire operation
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b = encryptor.update(a + r[i])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # pack/unpack are safe as these are always 64-bit chunks
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a = struct.pack(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ">Q", struct.unpack(">Q", b[:8])[0] ^ ((n * j) + i + 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r[i] = b[-8:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert encryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return a + b"".join(r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def aes_key_wrap(wrapping_key, key_to_wrap, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key_to_wrap) < 16:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("The key to wrap must be at least 16 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key_to_wrap) % 8 != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("The key to wrap must be a multiple of 8 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a = b"\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r = [key_to_wrap[i:i + 8] for i in range(0, len(key_to_wrap), 8)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _wrap_core(wrapping_key, a, r, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _unwrap_core(wrapping_key, a, r, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Implement RFC 3394 Key Unwrap - 2.2.2 (index method)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decryptor = Cipher(AES(wrapping_key), ECB(), backend).decryptor()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = len(r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for j in reversed(range(6)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for i in reversed(range(n)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # pack/unpack are safe as these are always 64-bit chunks
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- atr = struct.pack(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ">Q", struct.unpack(">Q", a)[0] ^ ((n * j) + i + 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ) + r[i]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # every decryption operation is a discrete 16 byte chunk so
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # it is safe to reuse the decryptor for the entire operation
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b = decryptor.update(atr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a = b[:8]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r[i] = b[-8:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert decryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return a, r
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def aes_key_wrap_with_padding(wrapping_key, key_to_wrap, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aiv = b"\xA6\x59\x59\xA6" + struct.pack(">i", len(key_to_wrap))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # pad the key to wrap if necessary
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pad = (8 - (len(key_to_wrap) % 8)) % 8
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_to_wrap = key_to_wrap + b"\x00" * pad
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key_to_wrap) == 8:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # RFC 5649 - 4.1 - exactly 8 octets after padding
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encryptor = Cipher(AES(wrapping_key), ECB(), backend).encryptor()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b = encryptor.update(aiv + key_to_wrap)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert encryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r = [key_to_wrap[i:i + 8] for i in range(0, len(key_to_wrap), 8)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _wrap_core(wrapping_key, aiv, r, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def aes_key_unwrap_with_padding(wrapping_key, wrapped_key, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapped_key) < 16:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidUnwrap("Must be at least 16 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapped_key) == 16:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # RFC 5649 - 4.2 - exactly two 64-bit blocks
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decryptor = Cipher(AES(wrapping_key), ECB(), backend).decryptor()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b = decryptor.update(wrapped_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert decryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a = b[:8]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = b[8:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r = [wrapped_key[i:i + 8] for i in range(0, len(wrapped_key), 8)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encrypted_aiv = r.pop(0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = len(r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a, r = _unwrap_core(wrapping_key, encrypted_aiv, r, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = b"".join(r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 1) Check that MSB(32,A) = A65959A6.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 2) Check that 8*(n-1) < LSB(32,A) <= 8*n. If so, let
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # MLI = LSB(32,A).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # 3) Let b = (8*n)-MLI, and then check that the rightmost b octets of
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # the output data are zero.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (mli,) = struct.unpack(">I", a[4:])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b = (8 * n) - mli
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not bytes_eq(a[:4], b"\xa6\x59\x59\xa6") or not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 8 * (n - 1) < mli <= 8 * n or (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b != 0 and not bytes_eq(data[-b:], b"\x00" * b)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidUnwrap()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if b == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data[:-b]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def aes_key_unwrap(wrapping_key, wrapped_key, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapped_key) < 24:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidUnwrap("Must be at least 24 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapped_key) % 8 != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidUnwrap("The wrapped key must be a multiple of 8 bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aiv = b"\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- r = [wrapped_key[i:i + 8] for i in range(0, len(wrapped_key), 8)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a = r.pop(0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- a, r = _unwrap_core(wrapping_key, a, r, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not bytes_eq(a, aiv):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidUnwrap()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return b"".join(r)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidUnwrap(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/padding.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/padding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/padding.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,200 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.bindings._padding import lib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PaddingContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Pads the provided bytes and returns any available data as bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Finalize the padding, returns bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _byte_padding_check(block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not (0 <= block_size <= 2040):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("block_size must be in range(0, 2041).")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if block_size % 8 != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("block_size must be a multiple of 8.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _byte_padding_update(buffer_, data, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer_ += data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finished_blocks = len(buffer_) // (block_size // 8)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = buffer_[:finished_blocks * (block_size // 8)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer_ = buffer_[finished_blocks * (block_size // 8):]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return buffer_, result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _byte_padding_pad(buffer_, block_size, paddingfn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pad_size = block_size // 8 - len(buffer_)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return buffer_ + paddingfn(pad_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _byte_unpadding_update(buffer_, data, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer_ += data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- finished_blocks = max(len(buffer_) // (block_size // 8) - 1, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = buffer_[:finished_blocks * (block_size // 8)]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer_ = buffer_[finished_blocks * (block_size // 8):]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return buffer_, result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _byte_unpadding_check(buffer_, block_size, checkfn):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(buffer_) != block_size // 8:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid padding bytes.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- valid = checkfn(buffer_, block_size // 8)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not valid:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid padding bytes.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pad_size = six.indexbytes(buffer_, -1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return buffer_[:-pad_size]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PKCS7(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _byte_padding_check(block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def padder(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _PKCS7PaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def unpadder(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _PKCS7UnpaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _PKCS7PaddingContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, result = _byte_padding_update(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _padding(self, size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return six.int2byte(size) * size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = _byte_padding_pad(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, self.block_size, self._padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _PKCS7UnpaddingContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, result = _byte_unpadding_update(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = _byte_unpadding_check(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, self.block_size,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.Cryptography_check_pkcs7_padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ANSIX923(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _byte_padding_check(block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def padder(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ANSIX923PaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def unpadder(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ANSIX923UnpaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _ANSIX923PaddingContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, result = _byte_padding_update(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _padding(self, size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return six.int2byte(0) * (size - 1) + six.int2byte(size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = _byte_padding_pad(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, self.block_size, self._padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _ANSIX923UnpaddingContext(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, result = _byte_unpadding_update(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = _byte_unpadding_check(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer, self.block_size,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib.Cryptography_check_ansix923_padding)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._buffer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/poly1305.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/poly1305.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/poly1305.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,43 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Poly1305(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not backend.poly1305_supported():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "poly1305 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.UNSUPPORTED_MAC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = backend.create_poly1305_ctx(key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def update(self, data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def finalize(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mac = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ctx = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return mac
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, tag):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils._check_bytes("tag", tag)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx, self._ctx = self._ctx, None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx.verify(tag)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,26 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.serialization.base import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BestAvailableEncryption, Encoding, KeySerializationEncryption,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NoEncryption, ParameterFormat, PrivateFormat, PublicFormat,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- load_der_parameters, load_der_private_key, load_der_public_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- load_pem_parameters, load_pem_private_key, load_pem_public_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.serialization.ssh import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- load_ssh_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_PEM_DER = (Encoding.PEM, Encoding.DER)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-__all__ = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_der_parameters", "load_der_private_key", "load_der_public_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_pem_parameters", "load_pem_private_key", "load_pem_public_key",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_ssh_public_key", "Encoding", "PrivateFormat", "PublicFormat",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ParameterFormat", "KeySerializationEncryption", "BestAvailableEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NoEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/base.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/base.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/base.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,82 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_pem_private_key(data, password, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_pem_private_key(data, password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_pem_public_key(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_pem_public_key(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_pem_parameters(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_pem_parameters(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_private_key(data, password, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_private_key(data, password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_public_key(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_public_key(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_parameters(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_parameters(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Encoding(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PEM = "PEM"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DER = "DER"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OpenSSH = "OpenSSH"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Raw = "Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- X962 = "ANSI X9.62"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PrivateFormat(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PKCS8 = "PKCS8"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TraditionalOpenSSL = "TraditionalOpenSSL"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Raw = "Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PublicFormat(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SubjectPublicKeyInfo = "X.509 subjectPublicKeyInfo with PKCS#1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PKCS1 = "Raw PKCS#1"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OpenSSH = "OpenSSH"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Raw = "Raw"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CompressedPoint = "X9.62 Compressed Point"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UncompressedPoint = "X9.62 Uncompressed Point"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ParameterFormat(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PKCS3 = "PKCS3"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class KeySerializationEncryption(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeySerializationEncryption)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BestAvailableEncryption(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, password):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(password, bytes) or len(password) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Password must be 1 or more bytes.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.password = password
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(KeySerializationEncryption)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class NoEncryption(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/pkcs12.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/pkcs12.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/pkcs12.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,9 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_key_and_certificates(data, password, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_key_and_certificates_from_pkcs12(data, password)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/ssh.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/ssh.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/ssh.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,153 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import base64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import UnsupportedAlgorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_ssh_public_key(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_parts = data.split(b' ', 2)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key_parts) < 2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'Key is not in the proper format or contains extra data.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_type = key_parts[0]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if key_type == b'ssh-rsa':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- loader = _load_ssh_rsa_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == b'ssh-dss':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- loader = _load_ssh_dss_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type in [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b'ecdsa-sha2-nistp256', b'ecdsa-sha2-nistp384', b'ecdsa-sha2-nistp521',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- loader = _load_ssh_ecdsa_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif key_type == b'ssh-ed25519':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- loader = _load_ssh_ed25519_public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm('Key type is not supported.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_body = key_parts[1]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decoded_data = base64.b64decode(key_body)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except TypeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Key is not in the proper format.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- inner_key_type, rest = _ssh_read_next_string(decoded_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if inner_key_type != key_type:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'Key header and key body contain different key type values.'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return loader(key_type, rest, backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _load_ssh_rsa_public_key(key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e, rest = _ssh_read_next_mpint(decoded_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rest:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return rsa.RSAPublicNumbers(e, n).public_key(backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _load_ssh_dss_public_key(key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p, rest = _ssh_read_next_mpint(decoded_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- q, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- g, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- y, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rest:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameter_numbers = dsa.DSAParameterNumbers(p, q, g)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_numbers = dsa.DSAPublicNumbers(y, parameter_numbers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return public_numbers.public_key(backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _load_ssh_ecdsa_public_key(expected_key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve_name, rest = _ssh_read_next_string(decoded_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, rest = _ssh_read_next_string(rest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if expected_key_type != b"ecdsa-sha2-" + curve_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'Key header and key body contain different key type values.'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rest:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- curve = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b"nistp256": ec.SECP256R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b"nistp384": ec.SECP384R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- b"nistp521": ec.SECP521R1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }[curve_name]()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if six.indexbytes(data, 0) != 4:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Compressed elliptic curve points are not supported"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ec.EllipticCurvePublicKey.from_encoded_point(curve, data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _load_ssh_ed25519_public_key(expected_key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data, rest = _ssh_read_next_string(decoded_data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if rest:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ed25519.Ed25519PublicKey.from_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ssh_read_next_string(data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Retrieves the next RFC 4251 string value from the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- While the RFC calls these strings, in Python they are bytes objects.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) < 4:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Key is not in the proper format")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- str_len, = struct.unpack('>I', data[:4])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(data) < str_len + 4:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Key is not in the proper format")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return data[4:4 + str_len], data[4 + str_len:]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ssh_read_next_mpint(data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Reads the next mpint from the data.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Currently, all mpints are interpreted as unsigned.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- mpint_data, rest = _ssh_read_next_string(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.int_from_bytes(mpint_data, byteorder='big', signed=False), rest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ssh_write_string(data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return struct.pack(">I", len(data)) + data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _ssh_write_mpint(value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = utils.int_to_bytes(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if six.indexbytes(data, 0) & 0x80:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = b"\x00" + data
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _ssh_write_string(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,9 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidToken(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/hotp.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/hotp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/hotp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,68 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import struct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, hmac
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.twofactor import InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class HOTP(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key, length, algorithm, backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enforce_key_length=True):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(key) < 16 and enforce_key_length is True:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Key length has to be at least 128 bits.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(length, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Length parameter must be an integer type.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if length < 6 or length > 8:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Length of HOTP has to be between 6 to 8.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, (SHA1, SHA256, SHA512)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Algorithm must be SHA1, SHA256 or SHA512.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key = key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._length = length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._backend = backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate(self, counter):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- truncated_value = self._dynamic_truncate(counter)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hotp = truncated_value % (10 ** self._length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "{0:0{1}}".format(hotp, self._length).encode()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, hotp, counter):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.generate(counter), hotp):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken("Supplied HOTP value does not match.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _dynamic_truncate(self, counter):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx = hmac.HMAC(self._key, self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ctx.update(struct.pack(">Q", counter))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hmac_value = ctx.finalize()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- offset = six.indexbytes(hmac_value, len(hmac_value) - 1) & 0b1111
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- p = hmac_value[offset:offset + 4]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return struct.unpack(">I", p)[0] & 0x7fffffff
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_provisioning_uri(self, account_name, counter, issuer):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _generate_uri(self, "hotp", account_name, issuer, [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ("counter", int(counter)),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/totp.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/totp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/totp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,40 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.twofactor import InvalidToken
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.twofactor.hotp import HOTP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class TOTP(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key, length, algorithm, time_step, backend,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enforce_key_length=True):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._time_step = time_step
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._hotp = HOTP(key, length, algorithm, backend, enforce_key_length)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def generate(self, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- counter = int(time / self._time_step)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._hotp.generate(counter)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def verify(self, totp, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not constant_time.bytes_eq(self.generate(time), totp):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InvalidToken("Supplied TOTP value does not match.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_provisioning_uri(self, account_name, issuer):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _generate_uri(self._hotp, "totp", account_name, issuer, [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ("period", int(self._time_step)),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/utils.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,30 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import base64
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from six.moves.urllib.parse import quote, urlencode
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _generate_uri(hotp, type_name, account_name, issuer, extra_parameters):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameters = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ("digits", hotp._length),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ("secret", base64.b32encode(hotp._key)),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ("algorithm", hotp._algorithm.name.upper()),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if issuer is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameters.append(("issuer", issuer))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parameters.extend(extra_parameters)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- uriparts = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "type": type_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "label": ("%s:%s" % (quote(issuer), quote(account_name)) if issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else quote(account_name)),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "parameters": urlencode(parameters),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "otpauth://{type}/{label}?{parameters}".format(**uriparts)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/utils.py lib_pypy/_cffi_ssl/cryptography/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/utils.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,173 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import binascii
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import inspect
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import sys
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# We use a UserWarning subclass, instead of DeprecationWarning, because CPython
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# decided deprecation warnings should be invisble by default.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CryptographyDeprecationWarning(UserWarning):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# Several APIs were deprecated with no specific end-of-life date because of the
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# ubiquity of their use. They should not be removed until we agree on when that
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# cycle ends.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-PersistentlyDeprecated2017 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-PersistentlyDeprecated2018 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-DeprecatedIn25 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-DeprecatedIn27 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_bytes(name, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(value, bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("{} must be bytes".format(name))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _check_byteslike(name, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- memoryview(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except TypeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("{} must be bytes-like".format(name))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def read_only_property(name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return property(lambda self: getattr(self, name))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def register_interface(iface):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def register_decorator(klass):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- verify_interface(iface, klass)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iface.register(klass)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return klass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return register_decorator
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def register_interface_if(predicate, iface):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def register_decorator(klass):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if predicate:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- verify_interface(iface, klass)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- iface.register(klass)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return klass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return register_decorator
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-if hasattr(int, "from_bytes"):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int_from_bytes = int.from_bytes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def int_from_bytes(data, byteorder, signed=False):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert byteorder == 'big'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- assert not signed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return int(binascii.hexlify(data), 16)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-if hasattr(int, "to_bytes"):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def int_to_bytes(integer, length=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return integer.to_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- length or (integer.bit_length() + 7) // 8 or 1, 'big'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def int_to_bytes(integer, length=None):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hex_string = '%x' % integer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if length is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = len(hex_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = length * 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return binascii.unhexlify(hex_string.zfill(n + (n & 1)))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InterfaceNotImplemented(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-if hasattr(inspect, "signature"):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- signature = inspect.signature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- signature = inspect.getargspec
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def verify_interface(iface, klass):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for method in iface.__abstractmethods__:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not hasattr(klass, method):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InterfaceNotImplemented(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{} is missing a {!r} method".format(klass, method)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(getattr(iface, method), abc.abstractproperty):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Can't properly verify these yet.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- continue
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sig = signature(getattr(iface, method))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- actual = signature(getattr(klass, method))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if sig != actual:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise InterfaceNotImplemented(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{}.{}'s signature differs from the expected. Expected: "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{!r}. Received: {!r}".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- klass, method, sig, actual
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# No longer needed as of 2.2, but retained because we have external consumers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# who use it.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def bit_length(x):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return x.bit_length()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _DeprecatedValue(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value, message, warning_class):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.message = message
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.warning_class = warning_class
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _ModuleWithDeprecations(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, module):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.__dict__["_module"] = module
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getattr__(self, attr):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = getattr(self._module, attr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(obj, _DeprecatedValue):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(obj.message, obj.warning_class, stacklevel=2)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = obj.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return obj
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __setattr__(self, attr, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- setattr(self._module, attr, value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __delattr__(self, attr):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- obj = getattr(self._module, attr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(obj, _DeprecatedValue):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(obj.message, obj.warning_class, stacklevel=2)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- delattr(self._module, attr)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __dir__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ["_module"] + dir(self._module)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def deprecated(value, module_name, message, warning_class):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- module = sys.modules[module_name]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(module, _ModuleWithDeprecations):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sys.modules[module_name] = _ModuleWithDeprecations(module)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return _DeprecatedValue(value, message, warning_class)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def cached_property(func):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cached_name = "_cached_{}".format(func)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sentinel = object()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def inner(instance):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cache = getattr(instance, cached_name, sentinel)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cache is not sentinel:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cache
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- result = func(instance)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- setattr(instance, cached_name, result)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return result
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return property(inner)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/__init__.py lib_pypy/_cffi_ssl/cryptography/x509/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/__init__.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,189 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509 import certificate_transparency
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.base import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Certificate, CertificateBuilder, CertificateRevocationList,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CertificateRevocationListBuilder,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CertificateSigningRequest, CertificateSigningRequestBuilder,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- InvalidVersion, RevokedCertificate, RevokedCertificateBuilder,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Version, load_der_x509_certificate, load_der_x509_crl, load_der_x509_csr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- load_pem_x509_certificate, load_pem_x509_crl, load_pem_x509_csr,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- random_serial_number,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.extensions import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AccessDescription, AuthorityInformationAccess,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AuthorityKeyIdentifier, BasicConstraints, CRLDistributionPoints,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLNumber, CRLReason, CertificateIssuer, CertificatePolicies,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DeltaCRLIndicator, DistributionPoint, DuplicateExtension, ExtendedKeyUsage,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Extension, ExtensionNotFound, ExtensionType, Extensions, FreshestCRL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GeneralNames, InhibitAnyPolicy, InvalidityDate, IssuerAlternativeName,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- IssuingDistributionPoint, KeyUsage, NameConstraints, NoticeReference,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPNoCheck, OCSPNonce, PolicyConstraints, PolicyInformation,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PrecertPoison, PrecertificateSignedCertificateTimestamps, ReasonFlags,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SubjectAlternativeName, SubjectKeyIdentifier, TLSFeature, TLSFeatureType,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UnrecognizedExtension, UserNotice
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.general_name import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DNSName, DirectoryName, GeneralName, IPAddress, OtherName, RFC822Name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RegisteredID, UniformResourceIdentifier, UnsupportedGeneralNameType,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _GENERAL_NAMES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.name import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Name, NameAttribute, RelativeDistinguishedName
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AuthorityInformationAccessOID, CRLEntryExtensionOID,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CertificatePoliciesOID, ExtendedKeyUsageOID, ExtensionOID, NameOID,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ObjectIdentifier, SignatureAlgorithmOID, _SIG_OIDS_TO_HASH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_AUTHORITY_INFORMATION_ACCESS = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_AUTHORITY_KEY_IDENTIFIER = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_BASIC_CONSTRAINTS = ExtensionOID.BASIC_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CERTIFICATE_POLICIES = ExtensionOID.CERTIFICATE_POLICIES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CRL_DISTRIBUTION_POINTS = ExtensionOID.CRL_DISTRIBUTION_POINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_EXTENDED_KEY_USAGE = ExtensionOID.EXTENDED_KEY_USAGE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_FRESHEST_CRL = ExtensionOID.FRESHEST_CRL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_INHIBIT_ANY_POLICY = ExtensionOID.INHIBIT_ANY_POLICY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ISSUER_ALTERNATIVE_NAME = ExtensionOID.ISSUER_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_KEY_USAGE = ExtensionOID.KEY_USAGE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_NAME_CONSTRAINTS = ExtensionOID.NAME_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_OCSP_NO_CHECK = ExtensionOID.OCSP_NO_CHECK
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_POLICY_CONSTRAINTS = ExtensionOID.POLICY_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_POLICY_MAPPINGS = ExtensionOID.POLICY_MAPPINGS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SUBJECT_ALTERNATIVE_NAME = ExtensionOID.SUBJECT_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SUBJECT_DIRECTORY_ATTRIBUTES = ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SUBJECT_INFORMATION_ACCESS = ExtensionOID.SUBJECT_INFORMATION_ACCESS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SUBJECT_KEY_IDENTIFIER = ExtensionOID.SUBJECT_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_DSA_WITH_SHA1 = SignatureAlgorithmOID.DSA_WITH_SHA1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_DSA_WITH_SHA224 = SignatureAlgorithmOID.DSA_WITH_SHA224
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_DSA_WITH_SHA256 = SignatureAlgorithmOID.DSA_WITH_SHA256
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ECDSA_WITH_SHA1 = SignatureAlgorithmOID.ECDSA_WITH_SHA1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ECDSA_WITH_SHA224 = SignatureAlgorithmOID.ECDSA_WITH_SHA224
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ECDSA_WITH_SHA256 = SignatureAlgorithmOID.ECDSA_WITH_SHA256
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ECDSA_WITH_SHA384 = SignatureAlgorithmOID.ECDSA_WITH_SHA384
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ECDSA_WITH_SHA512 = SignatureAlgorithmOID.ECDSA_WITH_SHA512
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSA_WITH_MD5 = SignatureAlgorithmOID.RSA_WITH_MD5
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSA_WITH_SHA1 = SignatureAlgorithmOID.RSA_WITH_SHA1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSA_WITH_SHA224 = SignatureAlgorithmOID.RSA_WITH_SHA224
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSA_WITH_SHA256 = SignatureAlgorithmOID.RSA_WITH_SHA256
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSA_WITH_SHA384 = SignatureAlgorithmOID.RSA_WITH_SHA384
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSA_WITH_SHA512 = SignatureAlgorithmOID.RSA_WITH_SHA512
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_RSASSA_PSS = SignatureAlgorithmOID.RSASSA_PSS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_COMMON_NAME = NameOID.COMMON_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_COUNTRY_NAME = NameOID.COUNTRY_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_DOMAIN_COMPONENT = NameOID.DOMAIN_COMPONENT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_DN_QUALIFIER = NameOID.DN_QUALIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_EMAIL_ADDRESS = NameOID.EMAIL_ADDRESS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_GENERATION_QUALIFIER = NameOID.GENERATION_QUALIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_GIVEN_NAME = NameOID.GIVEN_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_LOCALITY_NAME = NameOID.LOCALITY_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ORGANIZATIONAL_UNIT_NAME = NameOID.ORGANIZATIONAL_UNIT_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ORGANIZATION_NAME = NameOID.ORGANIZATION_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_PSEUDONYM = NameOID.PSEUDONYM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SERIAL_NUMBER = NameOID.SERIAL_NUMBER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_STATE_OR_PROVINCE_NAME = NameOID.STATE_OR_PROVINCE_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SURNAME = NameOID.SURNAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_TITLE = NameOID.TITLE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CLIENT_AUTH = ExtendedKeyUsageOID.CLIENT_AUTH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CODE_SIGNING = ExtendedKeyUsageOID.CODE_SIGNING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_EMAIL_PROTECTION = ExtendedKeyUsageOID.EMAIL_PROTECTION
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_OCSP_SIGNING = ExtendedKeyUsageOID.OCSP_SIGNING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_SERVER_AUTH = ExtendedKeyUsageOID.SERVER_AUTH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_TIME_STAMPING = ExtendedKeyUsageOID.TIME_STAMPING
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_ANY_POLICY = CertificatePoliciesOID.ANY_POLICY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CPS_QUALIFIER = CertificatePoliciesOID.CPS_QUALIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CPS_USER_NOTICE = CertificatePoliciesOID.CPS_USER_NOTICE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CERTIFICATE_ISSUER = CRLEntryExtensionOID.CERTIFICATE_ISSUER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CRL_REASON = CRLEntryExtensionOID.CRL_REASON
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_INVALIDITY_DATE = CRLEntryExtensionOID.INVALIDITY_DATE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_CA_ISSUERS = AuthorityInformationAccessOID.CA_ISSUERS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-OID_OCSP = AuthorityInformationAccessOID.OCSP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-__all__ = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "certificate_transparency",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_pem_x509_certificate",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_der_x509_certificate",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_pem_x509_csr",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_der_x509_csr",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_pem_x509_crl",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "load_der_x509_crl",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "random_serial_number",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "InvalidVersion",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DeltaCRLIndicator",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DuplicateExtension",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ExtensionNotFound",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UnsupportedGeneralNameType",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NameAttribute",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Name",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RelativeDistinguishedName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ObjectIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ExtensionType",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Extensions",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Extension",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ExtendedKeyUsage",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "FreshestCRL",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "IssuingDistributionPoint",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "TLSFeature",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "TLSFeatureType",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OCSPNoCheck",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "BasicConstraints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CRLNumber",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "KeyUsage",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AuthorityInformationAccess",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AccessDescription",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificatePolicies",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "PolicyInformation",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UserNotice",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NoticeReference",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SubjectKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "NameConstraints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CRLDistributionPoints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DistributionPoint",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ReasonFlags",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "InhibitAnyPolicy",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SubjectAlternativeName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "IssuerAlternativeName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AuthorityKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "GeneralNames",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "GeneralName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RFC822Name",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DNSName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UniformResourceIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RegisteredID",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DirectoryName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "IPAddress",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OtherName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Certificate",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificateRevocationList",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificateRevocationListBuilder",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificateSigningRequest",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RevokedCertificate",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RevokedCertificateBuilder",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificateSigningRequestBuilder",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificateBuilder",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Version",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_SIG_OIDS_TO_HASH",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OID_CA_ISSUERS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OID_OCSP",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_GENERAL_NAMES",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CertificateIssuer",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CRLReason",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "InvalidityDate",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UnrecognizedExtension",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "PolicyConstraints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "PrecertificateSignedCertificateTimestamps",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "PrecertPoison",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "OCSPNonce",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/base.py lib_pypy/_cffi_ssl/cryptography/x509/base.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/base.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,753 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import datetime
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.extensions import Extension, ExtensionType
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.name import Name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_EARLIEST_UTC_TIME = datetime.datetime(1950, 1, 1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _reject_duplicate_extension(extension, extensions):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is quadratic in the number of extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for e in extensions:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if e.oid == extension.oid:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('This extension has already been set.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _convert_to_naive_utc_time(time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """Normalizes a datetime to a naive datetime in UTC.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time -- datetime to normalize. Assumed to be in UTC if not timezone
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aware.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if time.tzinfo is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- offset = time.utcoffset()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- offset = offset if offset else datetime.timedelta()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return time.replace(tzinfo=None) - offset
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Version(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- v1 = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- v3 = 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_pem_x509_certificate(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_pem_x509_certificate(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_x509_certificate(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_x509_certificate(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_pem_x509_csr(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_pem_x509_csr(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_x509_csr(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_x509_csr(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_pem_x509_crl(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_pem_x509_crl(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_x509_crl(data, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_x509_crl(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidVersion(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, msg, parsed_version):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- super(InvalidVersion, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.parsed_version = parsed_version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Certificate(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns bytes using digest passed.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns certificate serial number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def version(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the certificate version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the public key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def not_valid_before(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Not before time (represented as UTC datetime)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def not_valid_after(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Not after time (represented as UTC datetime)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the issuer name object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def subject(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the subject name object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- in the certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the ObjectIdentifier of the signature algorithm.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an Extensions object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the signature bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_certificate_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the tbsCertificate payload bytes as defined in RFC 5280.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks equality.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks not equal.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Computes a hash.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Serializes the certificate to PEM or DER format.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificateRevocationList(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Serializes the CRL to PEM or DER format.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns bytes using digest passed.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_revoked_certificate_by_serial_number(self, serial_number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an instance of RevokedCertificate or None if the serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- is not in the CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- in the certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the ObjectIdentifier of the signature algorithm.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the X509Name with the issuer of this CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def next_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the date of next update for this CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def last_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the date of last update for this CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an Extensions object containing a list of CRL extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the signature bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_certlist_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the tbsCertList payload bytes as defined in RFC 5280.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks equality.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks not equal.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Number of revoked certificates in the CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a revoked certificate (or slice of revoked certificates).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Iterator over the revoked certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def is_signature_valid(self, public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verifies signature of revocation list against given public key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificateSigningRequest(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks equality.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Checks not equal.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Computes a hash.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the public key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def subject(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the subject name object.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- in the certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the ObjectIdentifier of the signature algorithm.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the extensions in the signing request.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Encodes the request to PEM or DER format.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the signature bytes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_certrequest_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the PKCS#10 CertificationRequestInfo bytes as defined in RFC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 2986.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def is_signature_valid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Verifies signature of signing request.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RevokedCertificate(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the serial number of the revoked certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_date(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the date of when this certificate was revoked.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an Extensions object containing a list of Revoked extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificateSigningRequestBuilder(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, subject_name=None, extensions=[]):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Creates an empty X.509 certificate request (v1).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._subject_name = subject_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def subject_name(self, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the certificate requestor's distinguished name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(name, Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._subject_name is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The subject name may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateSigningRequestBuilder(name, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Adds an X.509 extension to the certificate request.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateSigningRequestBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._subject_name, self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, private_key, algorithm, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the request using the requestor's private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._subject_name is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A CertificateSigningRequest must have a subject")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_x509_csr(self, private_key, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificateBuilder(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, issuer_name=None, subject_name=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- public_key=None, serial_number=None, not_valid_before=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not_valid_after=None, extensions=[]):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._version = Version.v3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name = issuer_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._subject_name = subject_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number = serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_before = not_valid_before
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after = not_valid_after
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_name(self, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the CA's distinguished name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(name, Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._issuer_name is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The issuer name may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name, self._subject_name, self._public_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def subject_name(self, name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the requestor's distinguished name.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(name, Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._subject_name is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The subject name may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, name, self._public_key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_key(self, key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the requestor's public key (as found in the signing request).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(key, (dsa.DSAPublicKey, rsa.RSAPublicKey,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ec.EllipticCurvePublicKey)):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting one of DSAPublicKey, RSAPublicKey,'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' or EllipticCurvePublicKey.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._public_key is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The public key may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._subject_name, key,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self, number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the certificate serial number.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Serial number must be of integral type.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._serial_number is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The serial number may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if number <= 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The serial number should be positive.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ASN.1 integers are always signed, so most significant bit must be
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # zero.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if number.bit_length() >= 160: # As defined in RFC 5280
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The serial number should not be more than 159 '
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'bits.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key, number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def not_valid_before(self, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the certificate activation time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._not_valid_before is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The not valid before may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time = _convert_to_naive_utc_time(time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The not valid before date must be on or after'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' 1950 January 1).')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._not_valid_after is not None and time > self._not_valid_after:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'The not valid before date must be before the not valid after '
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'date.'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key, self._serial_number, time,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def not_valid_after(self, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Sets the certificate expiration time.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._not_valid_after is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The not valid after may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time = _convert_to_naive_utc_time(time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The not valid after date must be on or after'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (self._not_valid_before is not None and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time < self._not_valid_before):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'The not valid after date must be after the not valid before '
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'date.'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key, self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Adds an X.509 extension to the certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._public_key, self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._not_valid_after, self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, private_key, algorithm, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Signs the certificate using the CA's private key.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._subject_name is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A certificate must have a subject name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._issuer_name is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A certificate must have an issuer name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._serial_number is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A certificate must have a serial number")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._not_valid_before is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A certificate must have a not valid before time")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._not_valid_after is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A certificate must have a not valid after time")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._public_key is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A certificate must have a public key")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_x509_certificate(self, private_key, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificateRevocationListBuilder(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, issuer_name=None, last_update=None, next_update=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=[], revoked_certificates=[]):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name = issuer_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._last_update = last_update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._next_update = next_update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._revoked_certificates = revoked_certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_name(self, issuer_name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(issuer_name, Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._issuer_name is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The issuer name may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- issuer_name, self._last_update, self._next_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions, self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def last_update(self, last_update):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(last_update, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._last_update is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Last update may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- last_update = _convert_to_naive_utc_time(last_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if last_update < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The last update date must be on or after'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._next_update is not None and last_update > self._next_update:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'The last update date must be before the next update date.'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, last_update, self._next_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions, self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def next_update(self, next_update):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(next_update, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._next_update is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('Last update may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update = _convert_to_naive_utc_time(next_update)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if next_update < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The last update date must be on or after'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._last_update is not None and next_update < self._last_update:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'The next update date must be after the last update date.'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._last_update, next_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions, self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Adds an X.509 extension to the certificate revocation list.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._last_update, self._next_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions + [extension], self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_revoked_certificate(self, revoked_certificate):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Adds a revoked certificate to the CRL.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(revoked_certificate, RevokedCertificate):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Must be an instance of RevokedCertificate")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer_name, self._last_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._next_update, self._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._revoked_certificates + [revoked_certificate]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, private_key, algorithm, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._issuer_name is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A CRL must have an issuer name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._last_update is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A CRL must have a last update time")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._next_update is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A CRL must have a next update time")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_x509_crl(self, private_key, algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RevokedCertificateBuilder(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, serial_number=None, revocation_date=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=[]):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number = serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._revocation_date = revocation_date
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self, number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Serial number must be of integral type.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._serial_number is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The serial number may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if number <= 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The serial number should be positive')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # ASN.1 integers are always signed, so most significant bit must be
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # zero.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if number.bit_length() >= 160: # As defined in RFC 5280
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The serial number should not be more than 159 '
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'bits.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return RevokedCertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- number, self._revocation_date, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_date(self, time):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._revocation_date is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The revocation date may only be set once.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- time = _convert_to_naive_utc_time(time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The revocation date must be on or after'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return RevokedCertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number, time, self._extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return RevokedCertificateBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._serial_number, self._revocation_date,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def build(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._serial_number is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("A revoked certificate must have a serial number")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._revocation_date is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "A revoked certificate must have a revocation date"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_x509_revoked_certificate(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def random_serial_number():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return utils.int_from_bytes(os.urandom(20), "big") >> 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/certificate_transparency.py lib_pypy/_cffi_ssl/cryptography/x509/certificate_transparency.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/certificate_transparency.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,46 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class LogEntryType(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- X509_CERTIFICATE = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PRE_CERTIFICATE = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Version(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- v1 = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SignedCertificateTimestamp(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def version(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the SCT version.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def log_id(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns an identifier indicating which log this SCT is for.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def timestamp(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the timestamp for this SCT.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def entry_type(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns whether this is an SCT for a certificate or pre-certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/extensions.py lib_pypy/_cffi_ssl/cryptography/x509/extensions.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/extensions.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,1654 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import datetime
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import hashlib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import ipaddress
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from asn1crypto.keys import PublicKeyInfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import constant_time, serialization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.certificate_transparency import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignedCertificateTimestamp
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.general_name import GeneralName, IPAddress, OtherName
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.name import RelativeDistinguishedName
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID, ExtensionOID, OCSPExtensionOID, ObjectIdentifier,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _key_identifier_from_public_key(public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(public_key, RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = public_key.public_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.Encoding.DER,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.PKCS1,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif isinstance(public_key, EllipticCurvePublicKey):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = public_key.public_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.Encoding.X962,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is a very slow way to do this.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialized = public_key.public_bytes(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.Encoding.DER,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data = bytes(PublicKeyInfo.load(serialized)['public_key'])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hashlib.sha1(data).digest()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DuplicateExtension(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, msg, oid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- super(DuplicateExtension, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.oid = oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ExtensionNotFound(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, msg, oid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- super(ExtensionNotFound, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.oid = oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ExtensionType(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns the oid associated with the given extension type.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Extensions(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, extensions):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_extension_for_oid(self, oid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for ext in self:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ext.oid == oid:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ExtensionNotFound("No {} extension was found".format(oid), oid)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_extension_for_class(self, extclass):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if extclass is UnrecognizedExtension:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UnrecognizedExtension can't be used with "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "get_extension_for_class because more than one instance of the"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " class may be present."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for ext in self:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(ext.value, extclass):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ext
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ExtensionNotFound(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "No {} extension was found".format(extclass), extclass.oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._extensions[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<Extensions({})>".format(self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CRLNumber(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.CRL_NUMBER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, crl_number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(crl_number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("crl_number must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._crl_number = crl_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, CRLNumber):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.crl_number == other.crl_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.crl_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<CRLNumber({})>".format(self.crl_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_number = utils.read_only_property("_crl_number")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AuthorityKeyIdentifier(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, key_identifier, authority_cert_issuer,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (authority_cert_issuer is None) != (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number is None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "authority_cert_issuer and authority_cert_serial_number "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "must both be present or both None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if authority_cert_issuer is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_issuer = list(authority_cert_issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, GeneralName) for x in authority_cert_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "authority_cert_issuer must be a list of GeneralName "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "objects"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if authority_cert_serial_number is not None and not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number, six.integer_types
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "authority_cert_serial_number must be an integer"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_identifier = key_identifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._authority_cert_issuer = authority_cert_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._authority_cert_serial_number = authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_issuer_public_key(cls, public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = _key_identifier_from_public_key(public_key)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cls(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_identifier=digest,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_issuer=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number=None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_issuer_subject_key_identifier(cls, ski):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(ski, SubjectKeyIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = ski.digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = ski.value.digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Extension objects are deprecated as arguments to "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "from_issuer_subject_key_identifier and support will be "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "removed soon. Please migrate to passing a "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "SubjectKeyIdentifier directly.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.DeprecatedIn27,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cls(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_identifier=digest,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_issuer=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number=None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<AuthorityKeyIdentifier(key_identifier={0.key_identifier!r}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "authority_cert_issuer={0.authority_cert_issuer}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "authority_cert_serial_number={0.authority_cert_serial_number}"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ")>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, AuthorityKeyIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_identifier == other.key_identifier and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.authority_cert_issuer == other.authority_cert_issuer and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.authority_cert_serial_number ==
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other.authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.authority_cert_issuer is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aci = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aci = tuple(self.authority_cert_issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_identifier, aci, self.authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_identifier = utils.read_only_property("_key_identifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_issuer = utils.read_only_property("_authority_cert_issuer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- authority_cert_serial_number = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_authority_cert_serial_number"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SubjectKeyIdentifier(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.SUBJECT_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, digest):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digest = digest
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def from_public_key(cls, public_key):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return cls(_key_identifier_from_public_key(public_key))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digest = utils.read_only_property("_digest")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<SubjectKeyIdentifier(digest={0!r})>".format(self.digest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, SubjectKeyIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return constant_time.bytes_eq(self.digest, other.digest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.digest)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AuthorityInformationAccess(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, descriptions):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- descriptions = list(descriptions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, AccessDescription) for x in descriptions):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Every item in the descriptions list must be an "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "AccessDescription"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._descriptions = descriptions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._descriptions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._descriptions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<AuthorityInformationAccess({})>".format(self._descriptions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, AuthorityInformationAccess):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._descriptions == other._descriptions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._descriptions[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._descriptions))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AccessDescription(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, access_method, access_location):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(access_method, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("access_method must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(access_location, GeneralName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("access_location must be a GeneralName")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._access_method = access_method
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._access_location = access_location
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<AccessDescription(access_method={0.access_method}, access_locati"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "on={0.access_location})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, AccessDescription):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.access_method == other.access_method and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.access_location == other.access_location
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.access_method, self.access_location))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- access_method = utils.read_only_property("_access_method")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- access_location = utils.read_only_property("_access_location")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class BasicConstraints(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.BASIC_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, ca, path_length):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(ca, bool):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("ca must be a boolean value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if path_length is not None and not ca:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("path_length must be None when ca is False")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- path_length is not None and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (not isinstance(path_length, six.integer_types) or path_length < 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "path_length must be a non-negative integer or None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._ca = ca
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._path_length = path_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ca = utils.read_only_property("_ca")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- path_length = utils.read_only_property("_path_length")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ("<BasicConstraints(ca={0.ca}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "path_length={0.path_length})>").format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, BasicConstraints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.ca == other.ca and self.path_length == other.path_length
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.ca, self.path_length))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DeltaCRLIndicator(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.DELTA_CRL_INDICATOR
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, crl_number):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(crl_number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("crl_number must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._crl_number = crl_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_number = utils.read_only_property("_crl_number")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DeltaCRLIndicator):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.crl_number == other.crl_number
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.crl_number)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<DeltaCRLIndicator(crl_number={0.crl_number})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CRLDistributionPoints(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.CRL_DISTRIBUTION_POINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, distribution_points):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- distribution_points = list(distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, DistributionPoint) for x in distribution_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "distribution_points must be a list of DistributionPoint "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "objects"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._distribution_points = distribution_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<CRLDistributionPoints({})>".format(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, CRLDistributionPoints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._distribution_points == other._distribution_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._distribution_points[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._distribution_points))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class FreshestCRL(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.FRESHEST_CRL
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, distribution_points):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- distribution_points = list(distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, DistributionPoint) for x in distribution_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "distribution_points must be a list of DistributionPoint "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "objects"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._distribution_points = distribution_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<FreshestCRL({})>".format(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, FreshestCRL):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._distribution_points == other._distribution_points
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._distribution_points[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._distribution_points))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DistributionPoint(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, full_name, relative_name, reasons, crl_issuer):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if full_name and relative_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "You cannot provide both full_name and relative_name, at "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "least one must be None."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if full_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name = list(full_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, GeneralName) for x in full_name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "full_name must be a list of GeneralName objects"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if relative_name:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(relative_name, RelativeDistinguishedName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "relative_name must be a RelativeDistinguishedName"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if crl_issuer:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_issuer = list(crl_issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, GeneralName) for x in crl_issuer):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "crl_issuer must be None or a list of general names"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if reasons and (not isinstance(reasons, frozenset) or not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, ReasonFlags) for x in reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("reasons must be None or frozenset of ReasonFlags")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if reasons and (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ReasonFlags.unspecified in reasons or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ReasonFlags.remove_from_crl in reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "unspecified and remove_from_crl are not valid reasons in a "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DistributionPoint"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if reasons and not crl_issuer and not (full_name or relative_name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "You must supply crl_issuer, full_name, or relative_name when "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "reasons is not None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._full_name = full_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._relative_name = relative_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._reasons = reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._crl_issuer = crl_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<DistributionPoint(full_name={0.full_name}, relative_name={0.rela"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "tive_name}, reasons={0.reasons}, crl_issuer={0.crl_issuer})>"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- .format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DistributionPoint):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.full_name == other.full_name and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.relative_name == other.relative_name and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.reasons == other.reasons and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.crl_issuer == other.crl_issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.full_name is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fn = tuple(self.full_name)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fn = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.crl_issuer is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_issuer = tuple(self.crl_issuer)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_issuer = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((fn, self.relative_name, self.reasons, crl_issuer))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name = utils.read_only_property("_full_name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- relative_name = utils.read_only_property("_relative_name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reasons = utils.read_only_property("_reasons")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_issuer = utils.read_only_property("_crl_issuer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ReasonFlags(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- unspecified = "unspecified"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_compromise = "keyCompromise"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ca_compromise = "cACompromise"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- affiliation_changed = "affiliationChanged"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- superseded = "superseded"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cessation_of_operation = "cessationOfOperation"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certificate_hold = "certificateHold"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- privilege_withdrawn = "privilegeWithdrawn"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- aa_compromise = "aACompromise"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- remove_from_crl = "removeFromCRL"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PolicyConstraints(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.POLICY_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, require_explicit_policy, inhibit_policy_mapping):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if require_explicit_policy is not None and not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- require_explicit_policy, six.integer_types
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "require_explicit_policy must be a non-negative integer or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if inhibit_policy_mapping is not None and not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- inhibit_policy_mapping, six.integer_types
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "inhibit_policy_mapping must be a non-negative integer or None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if inhibit_policy_mapping is None and require_explicit_policy is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "At least one of require_explicit_policy and "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "inhibit_policy_mapping must not be None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._require_explicit_policy = require_explicit_policy
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._inhibit_policy_mapping = inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- u"<PolicyConstraints(require_explicit_policy={0.require_explicit"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- u"_policy}, inhibit_policy_mapping={0.inhibit_policy_"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- u"mapping})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, PolicyConstraints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.require_explicit_policy == other.require_explicit_policy and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.inhibit_policy_mapping == other.inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (self.require_explicit_policy, self.inhibit_policy_mapping)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- require_explicit_policy = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_require_explicit_policy"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- inhibit_policy_mapping = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_inhibit_policy_mapping"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificatePolicies(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.CERTIFICATE_POLICIES
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, policies):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- policies = list(policies)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, PolicyInformation) for x in policies):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Every item in the policies list must be a "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "PolicyInformation"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._policies = policies
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._policies)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._policies)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<CertificatePolicies({})>".format(self._policies)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, CertificatePolicies):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._policies == other._policies
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._policies[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._policies))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PolicyInformation(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, policy_identifier, policy_qualifiers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(policy_identifier, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("policy_identifier must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._policy_identifier = policy_identifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if policy_qualifiers:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- policy_qualifiers = list(policy_qualifiers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, (six.text_type, UserNotice))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for x in policy_qualifiers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "policy_qualifiers must be a list of strings and/or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "UserNotice objects or None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._policy_qualifiers = policy_qualifiers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<PolicyInformation(policy_identifier={0.policy_identifier}, polic"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "y_qualifiers={0.policy_qualifiers})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, PolicyInformation):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.policy_identifier == other.policy_identifier and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.policy_qualifiers == other.policy_qualifiers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.policy_qualifiers is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pq = tuple(self.policy_qualifiers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pq = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.policy_identifier, pq))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- policy_identifier = utils.read_only_property("_policy_identifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- policy_qualifiers = utils.read_only_property("_policy_qualifiers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class UserNotice(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, notice_reference, explicit_text):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if notice_reference and not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_reference, NoticeReference
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "notice_reference must be None or a NoticeReference"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._notice_reference = notice_reference
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._explicit_text = explicit_text
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<UserNotice(notice_reference={0.notice_reference}, explicit_text="
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{0.explicit_text!r})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, UserNotice):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.notice_reference == other.notice_reference and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.explicit_text == other.explicit_text
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.notice_reference, self.explicit_text))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_reference = utils.read_only_property("_notice_reference")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- explicit_text = utils.read_only_property("_explicit_text")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class NoticeReference(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, organization, notice_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._organization = organization
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_numbers = list(notice_numbers)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, int) for x in notice_numbers):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "notice_numbers must be a list of integers"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._notice_numbers = notice_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<NoticeReference(organization={0.organization!r}, notice_numbers="
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{0.notice_numbers})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, NoticeReference):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.organization == other.organization and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.notice_numbers == other.notice_numbers
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.organization, tuple(self.notice_numbers)))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- organization = utils.read_only_property("_organization")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- notice_numbers = utils.read_only_property("_notice_numbers")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ExtendedKeyUsage(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.EXTENDED_KEY_USAGE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, usages):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- usages = list(usages)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, ObjectIdentifier) for x in usages):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Every item in the usages list must be an ObjectIdentifier"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._usages = usages
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._usages)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._usages)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<ExtendedKeyUsage({})>".format(self._usages)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, ExtendedKeyUsage):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._usages == other._usages
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._usages))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPNoCheck(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.OCSP_NO_CHECK
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, OCSPNoCheck):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(OCSPNoCheck)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<OCSPNoCheck()>"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PrecertPoison(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.PRECERT_POISON
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, PrecertPoison):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return True
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(PrecertPoison)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<PrecertPoison()>"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class TLSFeature(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.TLS_FEATURE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, features):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- features = list(features)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not all(isinstance(x, TLSFeatureType) for x in features) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len(features) == 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "features must be a list of elements from the TLSFeatureType "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "enum"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._features = features
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._features)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._features)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<TLSFeature(features={0._features})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, TLSFeature):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._features == other._features
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._features[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._features))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class TLSFeatureType(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # status_request is defined in RFC 6066 and is used for what is commonly
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # called OCSP Must-Staple when present in the TLS Feature extension in an
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # X.509 certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- status_request = 5
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # status_request_v2 is defined in RFC 6961 and allows multiple OCSP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # responses to be provided. It is not currently in use by clients or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # servers.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- status_request_v2 = 17
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_TLS_FEATURE_TYPE_TO_ENUM = dict((x.value, x) for x in TLSFeatureType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InhibitAnyPolicy(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.INHIBIT_ANY_POLICY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, skip_certs):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(skip_certs, six.integer_types):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("skip_certs must be an integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if skip_certs < 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("skip_certs must be a non-negative integer")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._skip_certs = skip_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<InhibitAnyPolicy(skip_certs={0.skip_certs})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, InhibitAnyPolicy):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.skip_certs == other.skip_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.skip_certs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- skip_certs = utils.read_only_property("_skip_certs")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class KeyUsage(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.KEY_USAGE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, digital_signature, content_commitment, key_encipherment,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_encipherment, key_agreement, key_cert_sign, crl_sign,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encipher_only, decipher_only):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not key_agreement and (encipher_only or decipher_only):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "encipher_only and decipher_only can only be true when "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "key_agreement is true"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._digital_signature = digital_signature
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._content_commitment = content_commitment
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_encipherment = key_encipherment
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._data_encipherment = data_encipherment
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_agreement = key_agreement
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._key_cert_sign = key_cert_sign
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._crl_sign = crl_sign
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._encipher_only = encipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._decipher_only = decipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- digital_signature = utils.read_only_property("_digital_signature")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- content_commitment = utils.read_only_property("_content_commitment")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_encipherment = utils.read_only_property("_key_encipherment")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- data_encipherment = utils.read_only_property("_data_encipherment")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_agreement = utils.read_only_property("_key_agreement")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key_cert_sign = utils.read_only_property("_key_cert_sign")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_sign = utils.read_only_property("_crl_sign")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def encipher_only(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not self.key_agreement:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "encipher_only is undefined unless key_agreement is true"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._encipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def decipher_only(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not self.key_agreement:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "decipher_only is undefined unless key_agreement is true"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._decipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encipher_only = self.encipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decipher_only = self.decipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except ValueError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- encipher_only = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- decipher_only = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ("<KeyUsage(digital_signature={0.digital_signature}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "content_commitment={0.content_commitment}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "key_encipherment={0.key_encipherment}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "data_encipherment={0.data_encipherment}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "key_agreement={0.key_agreement}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "key_cert_sign={0.key_cert_sign}, crl_sign={0.crl_sign}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "encipher_only={1}, decipher_only={2})>").format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self, encipher_only, decipher_only)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, KeyUsage):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.digital_signature == other.digital_signature and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.content_commitment == other.content_commitment and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_encipherment == other.key_encipherment and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.data_encipherment == other.data_encipherment and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_agreement == other.key_agreement and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_cert_sign == other.key_cert_sign and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.crl_sign == other.crl_sign and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._encipher_only == other._encipher_only and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._decipher_only == other._decipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.digital_signature, self.content_commitment,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_encipherment, self.data_encipherment,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.key_agreement, self.key_cert_sign,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.crl_sign, self._encipher_only,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._decipher_only
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class NameConstraints(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.NAME_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, permitted_subtrees, excluded_subtrees):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if permitted_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- permitted_subtrees = list(permitted_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, GeneralName) for x in permitted_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "permitted_subtrees must be a list of GeneralName objects "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "or None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._validate_ip_name(permitted_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if excluded_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- excluded_subtrees = list(excluded_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, GeneralName) for x in excluded_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "excluded_subtrees must be a list of GeneralName objects "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "or None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._validate_ip_name(excluded_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if permitted_subtrees is None and excluded_subtrees is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "At least one of permitted_subtrees and excluded_subtrees "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "must not be None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._permitted_subtrees = permitted_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._excluded_subtrees = excluded_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, NameConstraints):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.excluded_subtrees == other.excluded_subtrees and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.permitted_subtrees == other.permitted_subtrees
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _validate_ip_name(self, tree):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if any(isinstance(name, IPAddress) and not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name.value, (ipaddress.IPv4Network, ipaddress.IPv6Network)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ) for name in tree):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "IPAddress name constraints must be an IPv4Network or"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " IPv6Network object"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- u"<NameConstraints(permitted_subtrees={0.permitted_subtrees}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- u"excluded_subtrees={0.excluded_subtrees})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.permitted_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ps = tuple(self.permitted_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ps = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self.excluded_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- es = tuple(self.excluded_subtrees)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- es = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((ps, es))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- permitted_subtrees = utils.read_only_property("_permitted_subtrees")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- excluded_subtrees = utils.read_only_property("_excluded_subtrees")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Extension(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, oid, critical, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(oid, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "oid argument must be an ObjectIdentifier instance."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(critical, bool):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("critical must be a boolean value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._oid = oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._critical = critical
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = utils.read_only_property("_oid")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- critical = utils.read_only_property("_critical")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ("<Extension(oid={0.oid}, critical={0.critical}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "value={0.value})>").format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, Extension):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.oid == other.oid and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.critical == other.critical and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.oid, self.critical, self.value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class GeneralNames(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- general_names = list(general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, GeneralName) for x in general_names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Every item in the general_names list must be an "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "object conforming to the GeneralName interface"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._general_names = general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Return the value of each GeneralName, except for OtherName instances
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # which we return directly because it has two important properties not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # just one value.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- objs = (i for i in self if isinstance(i, type))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if type != OtherName:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- objs = (i.value for i in objs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return list(objs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<GeneralNames({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, GeneralNames):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._general_names))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SubjectAlternativeName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.SUBJECT_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._general_names = GeneralNames(general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names.get_values_for_type(type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<SubjectAlternativeName({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, SubjectAlternativeName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class IssuerAlternativeName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.ISSUER_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._general_names = GeneralNames(general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names.get_values_for_type(type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<IssuerAlternativeName({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, IssuerAlternativeName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificateIssuer(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = CRLEntryExtensionOID.CERTIFICATE_ISSUER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._general_names = GeneralNames(general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names.get_values_for_type(type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<CertificateIssuer({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, CertificateIssuer):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self._general_names)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CRLReason(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = CRLEntryExtensionOID.CRL_REASON
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, reason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(reason, ReasonFlags):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("reason must be an element from ReasonFlags")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._reason = reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<CRLReason(reason={})>".format(self._reason)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, CRLReason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.reason == other.reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.reason)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- reason = utils.read_only_property("_reason")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class InvalidityDate(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = CRLEntryExtensionOID.INVALIDITY_DATE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, invalidity_date):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(invalidity_date, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("invalidity_date must be a datetime.datetime")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._invalidity_date = invalidity_date
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<InvalidityDate(invalidity_date={})>".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._invalidity_date
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, InvalidityDate):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.invalidity_date == other.invalidity_date
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.invalidity_date)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- invalidity_date = utils.read_only_property("_invalidity_date")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class PrecertificateSignedCertificateTimestamps(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, signed_certificate_timestamps):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- signed_certificate_timestamps = list(signed_certificate_timestamps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(sct, SignedCertificateTimestamp)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for sct in signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Every item in the signed_certificate_timestamps list must be "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "a SignedCertificateTimestamp"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signed_certificate_timestamps = signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._signed_certificate_timestamps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._signed_certificate_timestamps)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._signed_certificate_timestamps[idx]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<PrecertificateSignedCertificateTimestamps({})>".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- list(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._signed_certificate_timestamps))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, PrecertificateSignedCertificateTimestamps):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._signed_certificate_timestamps ==
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other._signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPNonce(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = OCSPExtensionOID.NONCE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, nonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(nonce, bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("nonce must be bytes")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._nonce = nonce
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, OCSPNonce):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.nonce == other.nonce
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.nonce)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<OCSPNonce(nonce={0.nonce!r})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- nonce = utils.read_only_property("_nonce")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class IssuingDistributionPoint(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = ExtensionOID.ISSUING_DISTRIBUTION_POINT
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, full_name, relative_name, only_contains_user_certs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_ca_certs, only_some_reasons, indirect_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_attribute_certs):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_some_reasons and (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(only_some_reasons, frozenset) or not all(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(x, ReasonFlags) for x in only_some_reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_some_reasons must be None or frozenset of ReasonFlags"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if only_some_reasons and (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ReasonFlags.unspecified in only_some_reasons or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ReasonFlags.remove_from_crl in only_some_reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "unspecified and remove_from_crl are not valid reasons in an "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "IssuingDistributionPoint"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(only_contains_user_certs, bool) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(only_contains_ca_certs, bool) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(indirect_crl, bool) and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- isinstance(only_contains_attribute_certs, bool)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_contains_user_certs, only_contains_ca_certs, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "indirect_crl and only_contains_attribute_certs "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "must all be boolean."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- crl_constraints = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_user_certs, only_contains_ca_certs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- indirect_crl, only_contains_attribute_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len([x for x in crl_constraints if x]) > 1:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Only one of the following can be set to True: "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_contains_user_certs, only_contains_ca_certs, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "indirect_crl, only_contains_attribute_certs"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not any([
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_user_certs, only_contains_ca_certs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- indirect_crl, only_contains_attribute_certs, full_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- relative_name, only_some_reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Cannot create empty extension: "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "if only_contains_user_certs, only_contains_ca_certs, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "indirect_crl, and only_contains_attribute_certs are all False"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ", then either full_name, relative_name, or only_some_reasons "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "must have a value."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._only_contains_user_certs = only_contains_user_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._only_contains_ca_certs = only_contains_ca_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._indirect_crl = indirect_crl
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._only_contains_attribute_certs = only_contains_attribute_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._only_some_reasons = only_some_reasons
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._full_name = full_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._relative_name = relative_name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<IssuingDistributionPoint(full_name={0.full_name}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "relative_name={0.relative_name}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_contains_user_certs={0.only_contains_user_certs}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_contains_ca_certs={0.only_contains_ca_certs}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_some_reasons={0.only_some_reasons}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "indirect_crl={0.indirect_crl}, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "only_contains_attribute_certs="
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "{0.only_contains_attribute_certs})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, IssuingDistributionPoint):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.full_name == other.full_name and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.relative_name == other.relative_name and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_contains_user_certs == other.only_contains_user_certs and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_contains_ca_certs == other.only_contains_ca_certs and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_some_reasons == other.only_some_reasons and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.indirect_crl == other.indirect_crl and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_contains_attribute_certs ==
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- other.only_contains_attribute_certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.full_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.relative_name,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_contains_user_certs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_contains_ca_certs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_some_reasons,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.indirect_crl,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.only_contains_attribute_certs,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- full_name = utils.read_only_property("_full_name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- relative_name = utils.read_only_property("_relative_name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_user_certs = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_only_contains_user_certs"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_ca_certs = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_only_contains_ca_certs"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_some_reasons = utils.read_only_property("_only_some_reasons")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- indirect_crl = utils.read_only_property("_indirect_crl")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- only_contains_attribute_certs = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "_only_contains_attribute_certs"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class UnrecognizedExtension(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, oid, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(oid, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("oid must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._oid = oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = utils.read_only_property("_oid")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "<UnrecognizedExtension(oid={0.oid}, value={0.value!r})>".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, UnrecognizedExtension):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.oid == other.oid and self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.oid, self.value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/general_name.py lib_pypy/_cffi_ssl/cryptography/x509/general_name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/general_name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,360 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import ipaddress
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import warnings
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from email.utils import parseaddr
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from six.moves import urllib_parse
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.name import Name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.oid import ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_GENERAL_NAMES = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 0: "otherName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 1: "rfc822Name",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 2: "dNSName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 3: "x400Address",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 4: "directoryName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 5: "ediPartyName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 6: "uniformResourceIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 7: "iPAddress",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 8: "registeredID",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _lazy_import_idna():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Import idna lazily becase it allocates a decent amount of memory, and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # we're only using it in deprecated paths.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- import idna
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return idna
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except ImportError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ImportError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "idna is not installed, but a deprecated feature that requires it"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " was used. See: https://cryptography.io/en/latest/faq/#importe"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "rror-idna-is-not-installed"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class UnsupportedGeneralNameType(Exception):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, msg, type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- super(UnsupportedGeneralNameType, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.type = type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class GeneralName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def value(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Return the value of the object
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RFC822Name(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value.encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = self._idna_encode(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "RFC822Name values should be passed as an A-label string. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "This means unicode characters should be encoded via "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "idna. Support for passing unicode strings (aka U-label) "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "will be removed in a future version.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("value must be string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name, address = parseaddr(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if name or not address:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # parseaddr has found a name (e.g. Name <email>) or the entire
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # value is an empty string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Invalid rfc822name value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _init_without_validation(cls, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- instance = cls.__new__(cls)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- instance._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return instance
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _idna_encode(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idna = _lazy_import_idna()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _, address = parseaddr(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parts = address.split(u"@")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return parts[0] + "@" + idna.encode(parts[1]).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<RFC822Name(value={0!r})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, RFC822Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _idna_encode(value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idna = _lazy_import_idna()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Retain prefixes '*.' for common/alt names and '.' for name constraints
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for prefix in ['*.', '.']:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if value.startswith(prefix):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = value[len(prefix):]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return prefix + idna.encode(value).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return idna.encode(value).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DNSName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value.encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = _idna_encode(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "DNSName values should be passed as an A-label string. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "This means unicode characters should be encoded via "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "idna. Support for passing unicode strings (aka U-label) "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "will be removed in a future version.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("value must be string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _init_without_validation(cls, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- instance = cls.__new__(cls)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- instance._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return instance
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<DNSName(value={0!r})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DNSName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class UniformResourceIdentifier(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value.encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = self._idna_encode(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- warnings.warn(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "URI values should be passed as an A-label string. "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "This means unicode characters should be encoded via "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "idna. Support for passing unicode strings (aka U-label) "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " will be removed in a future version.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("value must be string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _init_without_validation(cls, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- instance = cls.__new__(cls)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- instance._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return instance
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def _idna_encode(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idna = _lazy_import_idna()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed = urllib_parse.urlparse(value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if parsed.port:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- netloc = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- idna.encode(parsed.hostname) +
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ":{}".format(parsed.port).encode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- netloc = idna.encode(parsed.hostname).decode("ascii")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Note that building a URL in this fashion means it should be
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # semantically indistinguishable from the original but is not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # guaranteed to be exactly the same.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return urllib_parse.urlunparse((
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed.scheme,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- netloc,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed.path,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed.params,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed.query,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- parsed.fragment
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<UniformResourceIdentifier(value={0!r})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, UniformResourceIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class DirectoryName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(value, Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("value must be a Name")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<DirectoryName(value={})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, DirectoryName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RegisteredID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(value, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("value must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<RegisteredID(value={})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, RegisteredID):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class IPAddress(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ipaddress.IPv4Address,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ipaddress.IPv6Address,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ipaddress.IPv4Network,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ipaddress.IPv6Network
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "value must be an instance of ipaddress.IPv4Address, "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ipaddress.IPv6Address, ipaddress.IPv4Network, or "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "ipaddress.IPv6Network"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<IPAddress(value={})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, IPAddress):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OtherName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, type_id, value):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(type_id, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("type_id must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(value, bytes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("value must be a binary string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._type_id = type_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- type_id = utils.read_only_property("_type_id")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<OtherName(type_id={}, value={!r})>".format(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.type_id, self.value)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, OtherName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self.type_id == other.type_id and self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.type_id, self.value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/name.py lib_pypy/_cffi_ssl/cryptography/x509/name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/name.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,259 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import utils
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.oid import NameOID, ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _ASN1Type(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UTF8String = 12
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NumericString = 18
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PrintableString = 19
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- T61String = 20
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- IA5String = 22
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UTCTime = 23
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GeneralizedTime = 24
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- VisibleString = 26
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UniversalString = 28
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BMPString = 30
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ASN1_TYPE_TO_ENUM = dict((i.value, i) for i in _ASN1Type)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_SENTINEL = object()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_NAMEOID_DEFAULT_TYPE = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.COUNTRY_NAME: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.JURISDICTION_COUNTRY_NAME: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.SERIAL_NUMBER: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.DN_QUALIFIER: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.EMAIL_ADDRESS: _ASN1Type.IA5String,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.DOMAIN_COMPONENT: _ASN1Type.IA5String,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#: Short attribute names from RFC 4514:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#: https://tools.ietf.org/html/rfc4514#page-7
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_NAMEOID_TO_NAME = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.COMMON_NAME: 'CN',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.LOCALITY_NAME: 'L',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.STATE_OR_PROVINCE_NAME: 'ST',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.ORGANIZATION_NAME: 'O',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.ORGANIZATIONAL_UNIT_NAME: 'OU',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.COUNTRY_NAME: 'C',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.STREET_ADDRESS: 'STREET',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.DOMAIN_COMPONENT: 'DC',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.USER_ID: 'UID',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _escape_dn_value(val):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """Escape special characters in RFC4514 Distinguished Name value."""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # See https://tools.ietf.org/html/rfc4514#section-2.4
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace('\\', '\\\\')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace('"', '\\"')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace('+', '\\+')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace(',', '\\,')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace(';', '\\;')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace('<', '\\<')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace('>', '\\>')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val.replace('\0', '\\00')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if val[0] in ('#', ' '):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = '\\' + val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if val[-1] == ' ':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- val = val[:-1] + '\\ '
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return val
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class NameAttribute(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, oid, value, _type=_SENTINEL):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(oid, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "oid argument must be an ObjectIdentifier instance."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "value argument must be a text type."
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid == NameOID.COUNTRY_NAME or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid == NameOID.JURISDICTION_COUNTRY_NAME
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(value.encode("utf8")) != 2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Country name must be a 2 character country code"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(value) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Value cannot be an empty string")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # The appropriate ASN1 string type varies by OID and is defined across
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # multiple RFCs including 2459, 3280, and 5280. In general UTF8String
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # is preferred (2459), but 3280 and 5280 specify several OIDs with
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # alternate types. This means when we see the sentinel value we need
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # to look up whether the OID has a non-UTF8 type. If it does, set it
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # to that. Otherwise, UTF8!
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if _type == _SENTINEL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _type = _NAMEOID_DEFAULT_TYPE.get(oid, _ASN1Type.UTF8String)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(_type, _ASN1Type):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("_type must be from the _ASN1Type enum")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._oid = oid
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._value = value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._type = _type
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- oid = utils.read_only_property("_oid")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rfc4514_string(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Format as RFC4514 Distinguished Name string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Use short attribute name if available, otherwise fall back to OID
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dotted string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- key = _NAMEOID_TO_NAME.get(self.oid, self.oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return '%s=%s' % (key, _escape_dn_value(self.value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, NameAttribute):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.oid == other.oid and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self.value == other.value
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash((self.oid, self.value))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<NameAttribute(oid={0.oid}, value={0.value!r})>".format(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class RelativeDistinguishedName(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes = list(attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not attributes:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("a relative distinguished name cannot be empty")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, NameAttribute) for x in attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("attributes must be an iterable of NameAttribute")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Keep list and frozenset to preserve attribute order where it matters
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._attributes = attributes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._attribute_set = frozenset(attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(self._attribute_set) != len(attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("duplicate attributes are not allowed")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_attributes_for_oid(self, oid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [i for i in self if i.oid == oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rfc4514_string(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Format as RFC4514 Distinguished Name string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Within each RDN, attributes are joined by '+', although that is rarely
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- used in certificates.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return '+'.join(attr.rfc4514_string() for attr in self._attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, RelativeDistinguishedName):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._attribute_set == other._attribute_set
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(self._attribute_set)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return iter(self._attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return len(self._attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<RelativeDistinguishedName({})>".format(self.rfc4514_string())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class Name(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- attributes = list(attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if all(isinstance(x, NameAttribute) for x in attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._attributes = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RelativeDistinguishedName([x]) for x in attributes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elif all(isinstance(x, RelativeDistinguishedName) for x in attributes):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._attributes = attributes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "attributes must be a list of NameAttribute"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " or a list RelativeDistinguishedName"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rfc4514_string(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Format as RFC4514 Distinguished Name string.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- For example 'CN=foobar.com,O=Foo Corp,C=US'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- An X.509 name is a two-level structure: a list of sets of attributes.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Each list element is separated by ',' and within each list element, set
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- elements are separated by '+'. The latter is almost never used in
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- real world certificates.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ','.join(attr.rfc4514_string() for attr in self._attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def get_attributes_for_oid(self, oid):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return [i for i in self if i.oid == oid]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @property
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def rdns(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._attributes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, backend):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.x509_name_bytes(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(other, Name):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return NotImplemented
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return self._attributes == other._attributes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return not self == other
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # TODO: this is relatively expensive, if this looks like a bottleneck
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # for you, consider optimizing!
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hash(tuple(self._attributes))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for rdn in self._attributes:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for ava in rdn:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- yield ava
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __len__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return sum(len(rdn) for rdn in self._attributes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if six.PY2:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<Name({})>".format(self.rfc4514_string().encode('utf8'))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<Name({})>".format(self.rfc4514_string())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/ocsp.py lib_pypy/_cffi_ssl/cryptography/x509/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/ocsp.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,422 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import abc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import datetime
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from enum import Enum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import six
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography import x509
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.x509.base import (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _EARLIEST_UTC_TIME, _convert_to_naive_utc_time, _reject_duplicate_extension
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OIDS_TO_HASH = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "1.3.14.3.2.26": hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "2.16.840.1.101.3.4.2.4": hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "2.16.840.1.101.3.4.2.1": hashes.SHA256(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "2.16.840.1.101.3.4.2.2": hashes.SHA384(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "2.16.840.1.101.3.4.2.3": hashes.SHA512(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPResponderEncoding(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- HASH = "By Hash"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NAME = "By Name"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPResponseStatus(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SUCCESSFUL = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- MALFORMED_REQUEST = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- INTERNAL_ERROR = 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TRY_LATER = 3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SIG_REQUIRED = 5
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNAUTHORIZED = 6
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_RESPONSE_STATUS_TO_ENUM = dict((x.value, x) for x in OCSPResponseStatus)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_ALLOWED_HASHES = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA1, hashes.SHA224, hashes.SHA256,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hashes.SHA384, hashes.SHA512
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def _verify_algorithm(algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, _ALLOWED_HASHES):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPCertStatus(Enum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GOOD = 0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- REVOKED = 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- UNKNOWN = 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_CERT_STATUS_TO_ENUM = dict((x.value, x) for x in OCSPCertStatus)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_ocsp_request(data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_ocsp_request(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def load_der_ocsp_response(data):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.load_der_ocsp_response(data)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPRequestBuilder(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, request=None, extensions=[]):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._request = request
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_certificate(self, cert, issuer, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._request is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Only one certificate can be added to a request")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _verify_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(cert, x509.Certificate) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(issuer, x509.Certificate)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("cert and issuer must be a Certificate")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return OCSPRequestBuilder((cert, issuer, algorithm), self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(extension, x509.ExtensionType):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension = x509.Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return OCSPRequestBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._request, self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def build(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._request is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("You must add a certificate before building")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_ocsp_request(self)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class _SingleResponse(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, cert, issuer, algorithm, cert_status, this_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update, revocation_time, revocation_reason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(cert, x509.Certificate) or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(issuer, x509.Certificate)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("cert and issuer must be a Certificate")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _verify_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(this_update, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("this_update must be a datetime object")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update is not None and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(next_update, datetime.datetime)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("next_update must be a datetime object or None")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cert = cert
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._issuer = issuer
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._this_update = this_update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._next_update = next_update
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(cert_status, OCSPCertStatus):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "cert_status must be an item from the OCSPCertStatus enum"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if cert_status is not OCSPCertStatus.REVOKED:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if revocation_time is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "revocation_time can only be provided if the certificate "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "is revoked"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if revocation_reason is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "revocation_reason can only be provided if the certificate"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- " is revoked"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(revocation_time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("revocation_time must be a datetime object")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revocation_time = _convert_to_naive_utc_time(revocation_time)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if revocation_time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError('The revocation_time must be on or after'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revocation_reason is not None and
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not isinstance(revocation_reason, x509.ReasonFlags)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "revocation_reason must be an item from the ReasonFlags "
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "enum or None"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._cert_status = cert_status
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._revocation_time = revocation_time
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._revocation_reason = revocation_reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPResponseBuilder(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def __init__(self, response=None, responder_id=None, certs=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extensions=[]):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._response = response
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._responder_id = responder_id
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._certs = certs
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_response(self, cert, issuer, algorithm, cert_status, this_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- next_update, revocation_time, revocation_reason):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._response is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("Only one response per OCSPResponse.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- singleresp = _SingleResponse(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- cert, issuer, algorithm, cert_status, this_update, next_update,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revocation_time, revocation_reason
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- singleresp, self._responder_id,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._certs, self._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def responder_id(self, encoding, responder_cert):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._responder_id is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("responder_id can only be set once")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(responder_cert, x509.Certificate):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("responder_cert must be a Certificate")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(encoding, OCSPResponderEncoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "encoding must be an element from OCSPResponderEncoding"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._response, (responder_cert, encoding),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._certs, self._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def certificates(self, certs):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._certs is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("certificates may only be set once")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certs = list(certs)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if len(certs) == 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("certs must not be an empty list")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not all(isinstance(x, x509.Certificate) for x in certs):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("certs must be a list of Certificates")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._response, self._responder_id,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certs, self._extensions,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(extension, x509.ExtensionType):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extension = x509.Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._response, self._responder_id,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- self._certs, self._extensions + [extension],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def sign(self, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._response is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("You must add a response before signing")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if self._responder_id is None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("You must add a responder_id before signing")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError("Algorithm must be a registered hash algorithm.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_ocsp_response(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPResponseStatus.SUCCESSFUL, self, private_key, algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @classmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def build_unsuccessful(cls, response_status):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not isinstance(response_status, OCSPResponseStatus):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise TypeError(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "response_status must be an item from OCSPResponseStatus"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if response_status is OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- raise ValueError("response_status cannot be SUCCESSFUL")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return backend.create_ocsp_response(response_status, None, None, None)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPRequest(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The hash of the issuer public key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The hash of the issuer name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The hash algorithm used in the issuer name and key hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serial number of the cert whose status is being checked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Serializes the request to DER
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The list of request extensions. Not single request extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPResponse(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def response_status(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The status of the response. This is a value from the OCSPResponseStatus
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- enumeration
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The ObjectIdentifier of the signature algorithm
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def signature(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The signature bytes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def tbs_response_bytes(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The tbsResponseData bytes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def certificates(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- A list of certificates used to help build a chain to verify the OCSP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- response. This situation occurs when the OCSP responder uses a delegate
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- certificate.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def responder_key_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The responder's key hash or None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def responder_name(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The responder's Name or None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def produced_at(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The time the response was produced
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def certificate_status(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The status of the certificate (an element from the OCSPCertStatus enum)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_time(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The date of when the certificate was revoked or None if not
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- revoked.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def revocation_reason(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The reason the certificate was revoked or None if not specified or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- not revoked.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def this_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The most recent time at which the status being indicated is known by
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- the responder to have been correct
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def next_update(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The time when newer information will be available
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The hash of the issuer public key
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The hash of the issuer name
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The hash algorithm used in the issuer name and key hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The serial number of the cert whose status is being checked
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def extensions(self):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- The list of response extensions. Not single response extensions.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/cryptography/x509/oid.py lib_pypy/_cffi_ssl/cryptography/x509/oid.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/cryptography/x509/oid.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,226 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# for complete details.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat._oid import ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ExtensionOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- KEY_USAGE = ObjectIdentifier("2.5.29.15")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ISSUING_DISTRIBUTION_POINT = ObjectIdentifier("2.5.29.28")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TLS_FEATURE = ObjectIdentifier("1.3.6.1.5.5.7.1.24")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRL_NUMBER = ObjectIdentifier("2.5.29.20")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DELTA_CRL_INDICATOR = ObjectIdentifier("2.5.29.27")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ObjectIdentifier("1.3.6.1.4.1.11129.2.4.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PRECERT_POISON = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ObjectIdentifier("1.3.6.1.4.1.11129.2.4.3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class OCSPExtensionOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NONCE = ObjectIdentifier("1.3.6.1.5.5.7.48.1.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CRLEntryExtensionOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CERTIFICATE_ISSUER = ObjectIdentifier("2.5.29.29")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRL_REASON = ObjectIdentifier("2.5.29.21")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- INVALIDITY_DATE = ObjectIdentifier("2.5.29.24")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class NameOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- COMMON_NAME = ObjectIdentifier("2.5.4.3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- LOCALITY_NAME = ObjectIdentifier("2.5.4.7")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- STATE_OR_PROVINCE_NAME = ObjectIdentifier("2.5.4.8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- STREET_ADDRESS = ObjectIdentifier("2.5.4.9")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ORGANIZATION_NAME = ObjectIdentifier("2.5.4.10")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ORGANIZATIONAL_UNIT_NAME = ObjectIdentifier("2.5.4.11")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SERIAL_NUMBER = ObjectIdentifier("2.5.4.5")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SURNAME = ObjectIdentifier("2.5.4.4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GIVEN_NAME = ObjectIdentifier("2.5.4.42")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TITLE = ObjectIdentifier("2.5.4.12")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- GENERATION_QUALIFIER = ObjectIdentifier("2.5.4.44")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- X500_UNIQUE_IDENTIFIER = ObjectIdentifier("2.5.4.45")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DN_QUALIFIER = ObjectIdentifier("2.5.4.46")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PSEUDONYM = ObjectIdentifier("2.5.4.65")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- USER_ID = ObjectIdentifier("0.9.2342.19200300.100.1.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- JURISDICTION_COUNTRY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- JURISDICTION_LOCALITY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- JURISDICTION_STATE_OR_PROVINCE_NAME = ObjectIdentifier(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "1.3.6.1.4.1.311.60.2.1.2"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- )
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- BUSINESS_CATEGORY = ObjectIdentifier("2.5.4.15")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- POSTAL_ADDRESS = ObjectIdentifier("2.5.4.16")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- POSTAL_CODE = ObjectIdentifier("2.5.4.17")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class SignatureAlgorithmOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSA_WITH_MD5 = ObjectIdentifier("1.2.840.113549.1.1.4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSA_WITH_SHA1 = ObjectIdentifier("1.2.840.113549.1.1.5")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # This is an alternate OID for RSA with SHA1 that is occasionally seen
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- _RSA_WITH_SHA1 = ObjectIdentifier("1.3.14.3.2.29")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSA_WITH_SHA224 = ObjectIdentifier("1.2.840.113549.1.1.14")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- RSASSA_PSS = ObjectIdentifier("1.2.840.113549.1.1.10")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ECDSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10045.4.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ECDSA_WITH_SHA512 = ObjectIdentifier("1.2.840.10045.4.3.4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_SIG_OIDS_TO_HASH = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_MD5: hashes.MD5(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID._RSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA224: hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA256: hashes.SHA256(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA384: hashes.SHA384(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA512: hashes.SHA512(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA224: hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA256: hashes.SHA256(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA384: hashes.SHA384(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA512: hashes.SHA512(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.DSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.DSA_WITH_SHA224: hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.DSA_WITH_SHA256: hashes.SHA256()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class ExtendedKeyUsageOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SERVER_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CLIENT_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CODE_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.3")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- EMAIL_PROTECTION = ObjectIdentifier("1.3.6.1.5.5.7.3.4")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- TIME_STAMPING = ObjectIdentifier("1.3.6.1.5.5.7.3.8")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSP_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.9")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ANY_EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37.0")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class AuthorityInformationAccessOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CA_ISSUERS = ObjectIdentifier("1.3.6.1.5.5.7.48.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSP = ObjectIdentifier("1.3.6.1.5.5.7.48.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-class CertificatePoliciesOID(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CPS_QUALIFIER = ObjectIdentifier("1.3.6.1.5.5.7.2.1")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CPS_USER_NOTICE = ObjectIdentifier("1.3.6.1.5.5.7.2.2")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ANY_POLICY = ObjectIdentifier("2.5.29.32.0")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-_OID_NAMES = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.COMMON_NAME: "commonName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.COUNTRY_NAME: "countryName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.LOCALITY_NAME: "localityName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.STATE_OR_PROVINCE_NAME: "stateOrProvinceName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.STREET_ADDRESS: "streetAddress",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.ORGANIZATION_NAME: "organizationName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.ORGANIZATIONAL_UNIT_NAME: "organizationalUnitName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.SERIAL_NUMBER: "serialNumber",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.SURNAME: "surname",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.GIVEN_NAME: "givenName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.TITLE: "title",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.GENERATION_QUALIFIER: "generationQualifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.X500_UNIQUE_IDENTIFIER: "x500UniqueIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.DN_QUALIFIER: "dnQualifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.PSEUDONYM: "pseudonym",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.USER_ID: "userID",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.DOMAIN_COMPONENT: "domainComponent",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.EMAIL_ADDRESS: "emailAddress",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.JURISDICTION_COUNTRY_NAME: "jurisdictionCountryName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.JURISDICTION_LOCALITY_NAME: "jurisdictionLocalityName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.JURISDICTION_STATE_OR_PROVINCE_NAME: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "jurisdictionStateOrProvinceName"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.BUSINESS_CATEGORY: "businessCategory",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.POSTAL_ADDRESS: "postalAddress",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NameOID.POSTAL_CODE: "postalCode",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_MD5: "md5WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA1: "sha1WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA224: "sha224WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA256: "sha256WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA384: "sha384WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSA_WITH_SHA512: "sha512WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.RSASSA_PSS: "RSASSA-PSS",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA1: "ecdsa-with-SHA1",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA224: "ecdsa-with-SHA224",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA256: "ecdsa-with-SHA256",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA384: "ecdsa-with-SHA384",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.ECDSA_WITH_SHA512: "ecdsa-with-SHA512",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.DSA_WITH_SHA1: "dsa-with-sha1",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.DSA_WITH_SHA224: "dsa-with-sha224",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- SignatureAlgorithmOID.DSA_WITH_SHA256: "dsa-with-sha256",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtendedKeyUsageOID.SERVER_AUTH: "serverAuth",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtendedKeyUsageOID.CLIENT_AUTH: "clientAuth",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtendedKeyUsageOID.CODE_SIGNING: "codeSigning",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtendedKeyUsageOID.EMAIL_PROTECTION: "emailProtection",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtendedKeyUsageOID.TIME_STAMPING: "timeStamping",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtendedKeyUsageOID.OCSP_SIGNING: "OCSPSigning",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.KEY_USAGE: "keyUsage",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUER_ALTERNATIVE_NAME: "issuerAltName",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.BASIC_CONSTRAINTS: "basicConstraints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "signedCertificateTimestampList"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.PRECERT_POISON: "ctPoison",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.CRL_REASON: "cRLReason",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.INVALIDITY_DATE: "invalidityDate",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRLEntryExtensionOID.CERTIFICATE_ISSUER: "certificateIssuer",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.NAME_CONSTRAINTS: "nameConstraints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CERTIFICATE_POLICIES: "certificatePolicies",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.POLICY_MAPPINGS: "policyMappings",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.POLICY_CONSTRAINTS: "policyConstraints",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.EXTENDED_KEY_USAGE: "extendedKeyUsage",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.FRESHEST_CRL: "freshestCRL",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.ISSUING_DISTRIBUTION_POINT: (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "issuingDistributionPoint"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.OCSP_NO_CHECK: "OCSPNoCheck",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.CRL_NUMBER: "cRLNumber",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.DELTA_CRL_INDICATOR: "deltaCRLIndicator",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ExtensionOID.TLS_FEATURE: "TLSFeature",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AuthorityInformationAccessOID.OCSP: "OCSP",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- AuthorityInformationAccessOID.CA_ISSUERS: "caIssuers",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CertificatePoliciesOID.CPS_QUALIFIER: "id-qt-cps",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CertificatePoliciesOID.CPS_USER_NOTICE: "id-qt-unotice",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- OCSPExtensionOID.NONCE: "OCSPNonce",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.c lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,655 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* osurandom engine
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * Windows CryptGenRandom()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * macOS >= 10.12 getentropy()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * OpenBSD 5.6+ getentropy()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * other BSD getentropy() if SYS_getentropy is defined
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * Linux 3.17+ getrandom() with fallback to /dev/urandom
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * other /dev/urandom with cached fd
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * The /dev/urandom, getrandom and getentropy code is derived from Python's
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * Python/random.c, written by Antoine Pitrou and Victor Stinner.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * Copyright 2001-2016 Python Software Foundation; All Rights Reserved.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifdef __linux__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#include <poll.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifndef OPENSSL_NO_ENGINE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* OpenSSL has ENGINE support so build the engine. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_id = "osrandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * Windows
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_name = "osrandom_engine CryptGenRandom()";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static HCRYPTPROV hCryptProv = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (hCryptProv != 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (CryptAcquireContext(&hCryptProv, NULL, NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_INIT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (hCryptProv == 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (!CryptGenRandom(hCryptProv, (DWORD)size, buffer)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (CryptReleaseContext(hCryptProv, 0)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- hCryptProv = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_FINISH,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return hCryptProv != 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "CryptGenRandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * /dev/urandom helpers for all non-BSD Unix platforms
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifdef CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static struct {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dev_t st_dev;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ino_t st_ino;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-} urandom_cache = { -1 };
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int open_cloexec(const char *path) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int open_flags = O_RDONLY;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifdef O_CLOEXEC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- open_flags |= O_CLOEXEC;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd = open(path, open_flags);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd == -1) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifndef O_CLOEXEC
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int flags = fcntl(fd, F_GETFD);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (flags == -1) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) == -1) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifdef __linux__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* On Linux, we open("/dev/random") and use poll() to wait until it's readable
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * before we read from /dev/urandom, this ensures that we don't read from
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * /dev/urandom before the kernel CSPRNG is initialized. This isn't necessary on
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * other platforms because they don't have the same _bug_ as Linux does with
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * /dev/urandom and early boot. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int wait_on_devrandom(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- struct pollfd pfd = {};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int ret = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int random_fd = open_cloexec("/dev/random");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (random_fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pfd.fd = random_fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pfd.events = POLLIN;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pfd.revents = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- do {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ret = poll(&pfd, 1, -1);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } while (ret < 0 && (errno == EINTR || errno == EAGAIN));
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- close(random_fd);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return ret;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* return -1 on error */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int dev_urandom_fd(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd = -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- struct stat st;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Check that fd still points to the correct device */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (urandom_cache.fd >= 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fstat(urandom_cache.fd, &st)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- || st.st_dev != urandom_cache.st_dev
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- || st.st_ino != urandom_cache.st_ino) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Somebody replaced our FD. Invalidate our cache but don't
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * close the fd. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- urandom_cache.fd = -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (urandom_cache.fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifdef __linux__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (wait_on_devrandom() < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- goto error;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fd = open_cloexec("/dev/urandom");
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- goto error;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fstat(fd, &st)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- goto error;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Another thread initialized the fd */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (urandom_cache.fd >= 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- close(fd);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return urandom_cache.fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- urandom_cache.st_dev = st.st_dev;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- urandom_cache.st_ino = st.st_ino;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- urandom_cache.fd = fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return urandom_cache.fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- error:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd != -1) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- close(fd);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int dev_urandom_read(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- do {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = (int)read(fd, buffer, (size_t)size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } while (n < 0 && errno == EINTR);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (n <= 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer += n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- size -= n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static void dev_urandom_close(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (urandom_cache.fd >= 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- struct stat st;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fstat(urandom_cache.fd, &st)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- && st.st_dev == urandom_cache.st_dev
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- && st.st_ino == urandom_cache.st_ino) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- fd = urandom_cache.fd;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- urandom_cache.fd = -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- close(fd);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * BSD getentropy
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_name = "osrandom_engine getentropy()";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_NOT_INIT;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if !defined(__APPLE__)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (&getentropy != NULL) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int res;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch(getentropy_works) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if defined(__APPLE__)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dev_urandom_read(buffer, size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* OpenBSD and macOS restrict maximum buffer size to 256. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len = size > 256 ? 256 : size;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- res = getentropy(buffer, (size_t)len);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (res < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer += len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- size -= len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch(getentropy_works) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "/dev/urandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "getentropy";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * Linux getrandom engine with fallback to dev_urandom
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_name = "osrandom_engine getrandom()";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* We try to detect working getrandom until we succeed. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (getrandom_works != CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- long n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- char dest[1];
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* if the kernel CSPRNG is not initialized this will block */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = syscall(SYS_getrandom, dest, sizeof(dest), 0);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (n == sizeof(dest)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int e = errno;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch(e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case ENOSYS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Fallback: Kernel does not support the syscall. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- break;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case EPERM:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Fallback: seccomp prevents syscall */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- break;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- default:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* EINTR cannot occur for buflen < 256. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_INIT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "errno", e
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- break;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* fallback to dev urandom */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (getrandom_works == CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- long n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch(getrandom_works) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dev_urandom_read(buffer, size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- do {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- n = syscall(SYS_getrandom, buffer, size, 0);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } while (n < 0 && errno == EINTR);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (n <= 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- );
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- buffer += n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- size -= (int)n;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dev_urandom_close();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch(getrandom_works) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return urandom_cache.fd >= 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch(getrandom_works) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<failed>";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "<not initialized>";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "/dev/urandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "getrandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * dev_urandom engine for all remaining platforms
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_name = "osrandom_engine /dev/urandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return dev_urandom_read(buffer, size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- dev_urandom_close();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return urandom_cache.fd >= 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return "/dev/urandom";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/****************************************************************************
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * ENGINE boiler plate
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* This replicates the behavior of the OpenSSL FIPS RNG, which returns a
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- -1 in the event that there is an error when calling RAND_pseudo_bytes. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_pseudo_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- int res = osrandom_rand_bytes(buffer, size);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (res == 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return -1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return res;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static RAND_METHOD osrandom_rand = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- osrandom_rand_bytes,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- NULL,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- osrandom_pseudo_rand_bytes,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- osrandom_rand_status,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const ENGINE_CMD_DEFN osrandom_cmd_defns[] = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "get_implementation",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Get CPRNG implementation.",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINE_CMD_FLAG_NO_INPUT},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {0, NULL, NULL, 0}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int osrandom_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- const char *name;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- size_t len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- switch (cmd) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- case CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* i: buffer size, p: char* buffer */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- name = osurandom_get_implementation();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- len = strlen(name);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ((p == NULL) && (i == 0)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* return required buffer len */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (int)len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if ((p == NULL) || i < 0 || ((size_t)i <= len)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* no buffer or buffer too small */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_INVALID_ARGUMENT);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- strncpy((char *)p, name, len);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return (int)len;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- default:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* error reporting */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define ERR_FUNC(func) ERR_PACK(0, func, 0)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define ERR_REASON(reason) ERR_PACK(0, 0, reason)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_lib_name[] = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {0, "osrandom_engine"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {0, NULL}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_str_funcs[] = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_INIT),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "osrandom_init"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "osrandom_rand_bytes"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_FINISH),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "osrandom_finish"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "dev_urandom_fd"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "dev_urandom_read"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {0, NULL}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_str_reasons[] = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CryptAcquireContext() failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CryptGenRandom() failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "CryptReleaseContext() failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "getentropy() failed"},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "open('/dev/urandom') failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "Reading from /dev/urandom fd failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "getrandom() initialization failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "getrandom() initialization failed with unexpected errno."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "getrandom() syscall failed."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- "getrandom() engine was not properly initialized."},
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- {0, NULL}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static int Cryptography_OSRandom_lib_error_code = 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static void ERR_load_Cryptography_OSRandom_strings(void)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-{
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (Cryptography_OSRandom_lib_error_code == 0) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- Cryptography_OSRandom_lib_error_code = ERR_get_next_error_library();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_load_strings(Cryptography_OSRandom_lib_error_code,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_lib_name);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_load_strings(Cryptography_OSRandom_lib_error_code,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_str_funcs);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_load_strings(Cryptography_OSRandom_lib_error_code,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_str_reasons);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static void ERR_Cryptography_OSRandom_error(int function, int reason,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- char *file, int line)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-{
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_PUT_error(Cryptography_OSRandom_lib_error_code, function, reason,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- file, line);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* Returns 1 if successfully added, 2 if engine has previously been added,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- and 0 for error. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int Cryptography_add_osrandom_engine(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINE *e;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_load_Cryptography_OSRandom_strings();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = ENGINE_by_id(Cryptography_osrandom_engine_id);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (e != NULL) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINE_free(e);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 2;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- } else {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ERR_clear_error();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- e = ENGINE_new();
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (e == NULL) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (!ENGINE_set_id(e, Cryptography_osrandom_engine_id) ||
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- !ENGINE_set_name(e, Cryptography_osrandom_engine_name) ||
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- !ENGINE_set_RAND(e, &osrandom_rand) ||
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- !ENGINE_set_init_function(e, osrandom_init) ||
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- !ENGINE_set_finish_function(e, osrandom_finish) ||
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- !ENGINE_set_cmd_defns(e, osrandom_cmd_defns) ||
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- !ENGINE_set_ctrl_function(e, osrandom_ctrl)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINE_free(e);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (!ENGINE_add(e)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- ENGINE_free(e);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (!ENGINE_free(e)) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 1;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* If OpenSSL has no ENGINE support then we don't want
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * to compile the osrandom engine, but we do need some
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * placeholders */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_id = "no-engine-support";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled due to no engine support";
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-int Cryptography_add_osrandom_engine(void) {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return 0;
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.h lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.h
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.h
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -1,114 +0,0 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifndef OPENSSL_NO_ENGINE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* OpenSSL has ENGINE support so include all of this. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifdef _WIN32
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <Wincrypt.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <fcntl.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <unistd.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* for defined(BSD) */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <sys/param.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #ifdef BSD
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* for SYS_getentropy */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <sys/syscall.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #ifdef __APPLE__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <sys/random.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* To support weak linking we need to declare this as a weak import even if
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * it's not present in sys/random (e.g. macOS < 10.12). */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- extern int getentropy(void *buffer, size_t size) __attribute((weak_import));
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #ifdef __linux__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* for SYS_getrandom */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #include <sys/syscall.h>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #ifndef GRND_NONBLOCK
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define GRND_NONBLOCK 0x0001
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif /* GRND_NONBLOCK */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #ifndef SYS_getrandom
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* We only bother to define the constants for platforms where we ship
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * wheels, since that's the predominant way you get a situation where
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * you don't have SYS_getrandom at compile time but do have the syscall
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * at runtime */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #if defined __x86_64__
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define SYS_getrandom 318
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #elif defined(__i386__)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define SYS_getrandom 355
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif /* __linux__ */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* _WIN32 */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM 3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM 4
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#ifndef CRYPTOGRAPHY_OSRANDOM_ENGINE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #if defined(_WIN32)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Windows */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #elif defined(BSD) && defined(SYS_getentropy)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* OpenBSD 5.6+ & macOS with SYS_getentropy defined, although < 10.12 will fallback
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- * to urandom */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #elif defined(__linux__) && defined(SYS_getrandom)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Linux 3.17+ */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #else
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- /* Keep this as last entry, fall back to /dev/urandom */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* Fallbacks need /dev/urandom helper functions. */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM || \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM || \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY && \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- defined(__APPLE__))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #define CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM 1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-enum {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED = -2,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-enum {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETENTROPY_NOT_INIT,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-};
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* engine ctrl */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION ENGINE_CMD_BASE
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-/* error reporting */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static void ERR_load_Cryptography_OSRandom_strings(void);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-static void ERR_Cryptography_OSRandom_error(int function, int reason,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- char *file, int line);
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_F_INIT 100
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES 101
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_F_FINISH 102
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD 300
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ 301
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT 100
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM 101
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT 102
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED 200
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED 300
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED 301
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED 400
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED 402
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED 403
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT 404
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-#endif
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_cffi_ssl/tools/make_ssl_data.py lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -3,80 +3,126 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ This script should be called *manually* when we want to upgrade SSLError
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ `library` and `reason` mnemnonics to a more recent OpenSSL version.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ It takes two arguments:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ - the path to the OpenSSL source tree (e.g. git checkout)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-- the path to the C file to be generated
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- (probably Modules/_ssl_data.h)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++- the path to the wrapper file to be generated
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++- error codes are version specific
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++Sample invocation (from folder containing this file):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++python make_ssl_data.py ../openssl/src/ ../_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ """
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++import argparse
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ import datetime
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++import operator
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ import re
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ import sys
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-import _ssl
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++parser = argparse.ArgumentParser(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ description="Generate ssl_data.h from OpenSSL sources"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++parser.add_argument("srcdir", help="OpenSSL source directory")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++parser.add_argument(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ "output", nargs="?", type=argparse.FileType("w"), default=sys.stdout
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def _file_search(fname, pat):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ with open(fname, encoding="utf-8") as f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ for line in f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ match = pat.search(line)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if match is not None:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield match
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def parse_err_h(args):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ """Parse err codes, e.g. ERR_LIB_X509: 11"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ pat = re.compile(r"#\s*define\W+ERR_LIB_(\w+)\s+(\d+)")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib2errnum = {}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ for match in _file_search(args.err_h, pat):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ libname, num = match.groups()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib2errnum[libname] = int(num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ return lib2errnum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def parse_openssl_error_text(args):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ """Parse error reasons, X509_R_AKID_MISMATCH"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # ignore backslash line continuation for now
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ pat = re.compile(r"^((\w+?)_R_(\w+)):(\d+):")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ for match in _file_search(args.errtxt, pat):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reason, libname, errname, num = match.groups()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if "_F_" in reason:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # ignore function codes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ continue
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ num = int(num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield reason, libname, errname, num
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def parse_extra_reasons(args):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ """Parse extra reasons from openssl.ec"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ pat = re.compile(r"^R\s+((\w+)_R_(\w+))\s+(\d+)")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ for match in _file_search(args.errcodes, pat):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reason, libname, errname, num = match.groups()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ num = int(num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield reason, libname, errname, num
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-def parse_error_codes(h_file, prefix, libcode):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- pat = re.compile(r"#define\W+(%s([\w]+))\W+(\d+)\b" % re.escape(prefix))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- with open(h_file, "r", encoding="latin1") as f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for line in f:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- match = pat.search(line)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if match:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- code, name, num = match.groups()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- num = int(num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # e.g. ("SSL_R_BAD_DATA", ("ERR_LIB_SSL", "BAD_DATA", 390))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes.append((code, (libcode, name, num)))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- return codes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def gen_library_codes(args):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ """Generate table short libname to numeric code"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield "_lib_codes = ["
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ for libname in sorted(args.lib2errnum):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield f' ("{libname}", lib.ERR_LIB_{libname}),'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield "]"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield ""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def gen_error_codes(args):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ """Generate error code table for error reasons"""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield "_error_codes = ["
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ for reason, libname, errname, num in args.reasons:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield f' ("{errname}", lib.ERR_LIB_{libname}, {num}),'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield "]"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ yield ""
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++def main():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args = parser.parse_args()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.err_h = os.path.join(args.srcdir, "include", "openssl", "err.h")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if not os.path.isfile(args.err_h):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # Fall back to infile for OpenSSL 3.0.0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.err_h += ".in"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.errcodes = os.path.join(args.srcdir, "crypto", "err", "openssl.ec")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.errtxt = os.path.join(args.srcdir, "crypto", "err", "openssl.txt")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if not os.path.isfile(args.errtxt):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ parser.error(f"File {args.errtxt} not found in srcdir\n.")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # {X509: 11, ...}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.lib2errnum = parse_err_h(args)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # [('X509_R_AKID_MISMATCH', 'X509', 'AKID_MISMATCH', 110), ...]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reasons = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reasons.extend(parse_openssl_error_text(args))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ reasons.extend(parse_extra_reasons(args))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # sort by libname, numeric error code
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.reasons = sorted(reasons, key=operator.itemgetter(0, 3))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lines = [
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ "# File generated by lib_pypy/_cffi_ssl/tools/make_ssl_data.py",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ f"# Generated on {datetime.datetime.utcnow().isoformat()}",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ "",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ "from _pypy_openssl import ffi, lib"
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lines.extend(gen_library_codes(args))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lines.append("")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lines.extend(gen_error_codes(args))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ args.output.write("\n".join(lines))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if __name__ == "__main__":
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- openssl_inc = sys.argv[1]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- outfile = sys.argv[2]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- use_stdout = outfile == '-'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- f = sys.stdout if use_stdout else open(outfile, "w")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- error_libraries = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # mnemonic -> (library code, error prefix, header file)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'PEM': ('ERR_LIB_PEM', 'PEM_R_', 'include/openssl/pem.h'),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'SSL': ('ERR_LIB_SSL', 'SSL_R_', 'include/openssl/ssl.h'),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'X509': ('ERR_LIB_X509', 'X509_R_', 'include/openssl/x509.h'),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Read codes from libraries
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- new_codes = []
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for libcode, prefix, h_file in sorted(error_libraries.values()):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- new_codes += parse_error_codes(os.path.join(openssl_inc, h_file),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- prefix, libcode)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- new_code_nums = set((libcode, num)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for (code, (libcode, name, num)) in new_codes)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Merge with existing codes (in case some old codes disappeared).
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes = {}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for errname, (libnum, errnum) in _ssl.err_names_to_codes.items():
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- lib = error_libraries[_ssl.lib_codes_to_names[libnum]]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- libcode = lib[0] # e.g. ERR_LIB_PEM
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- errcode = lib[1] + errname # e.g. SSL_R_BAD_SSL_SESSION_ID_LENGTH
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- # Only keep it if the numeric codes weren't reused
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if (libcode, errnum) not in new_code_nums:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes[errcode] = libcode, errname, errnum
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- codes.update(dict(new_codes))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- def w(l):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- f.write(l + "\n")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w("# File generated by tools/make_ssl_data.py")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w("# Generated on %s" % datetime.datetime.now().isoformat())
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w("")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w("from _openssl import ffi, lib ")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w("_lib_codes = []")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for mnemo, (libcode, _, _) in sorted(error_libraries.items()):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w('_lib_codes.append(("%s", lib.%s))' % (mnemo, libcode))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w("_error_codes = []")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- for errcode, (libcode, name, num) in sorted(codes.items()):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #w('if lib.%s:' % (errcode))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #w(' _error_codes.append(("%s", lib.%s, lib.%s))' % (name, libcode, errcode))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- #w('else:')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- w('_error_codes.append(("%s", lib.%s, %d))' % (name, libcode, num))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- if not use_stdout:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- f.close()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ main()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/_ssl_build.py lib_pypy/_ssl_build.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/_ssl_build.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/_ssl_build.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -18,6 +18,8 @@ ffi = build_ffi_for_binding(
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # This goes first so we can define some cryptography-wide symbols.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "cryptography",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ # Provider comes early as well so we define OSSL_LIB_CTX
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ "provider",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "aes",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "asn1",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ "bignum",
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/pypy_tools/build_cffi_imports.py lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -60,21 +60,22 @@ configure_args = ['./configure',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # please note the deliberate use of a mirror site: we can't use HTTPS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # without an _ssl module, but the OpenSSL download site redirect HTTP
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-# to HTTPS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++# to HTTPS. Use a mirror from https://www.openssl.org/source/mirror.html
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ cffi_dependencies = {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- '_ssl': ('http://distfiles.macports.org/openssl/openssl-1.1.1k.tar.gz',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- '892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- [['./config', '--prefix=/usr', 'no-shared'],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ '_ssl': ('http://artfiles.org/openssl.org/source/openssl-3.0.0.tar.gz',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ '59eedfcb46c25214c9bd37ed6078297b4df01d012267fe9e9eee31f61bc70536',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ [['./config', '--prefix=/usr', 'no-shared', 'enable-fips'],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ['make', '-s', '-j', str(multiprocessing.cpu_count())],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ['make', 'install', 'DESTDIR={}/'.format(deps_destdir)],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ]),
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ }
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if sys.platform == 'darwin' or platform.machine() == 'aarch64':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # TODO: use these on x86 after upgrading Docker images to manylinux2014
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ cffi_dependencies['_gdbm'] = (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # this does not compile on the x86 buildbot, linker is missing '_history_list'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- 'http://distfiles.macports.org/gdbm/gdbm-1.18.1.tar.gz',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- '86e613527e5dba544e73208f42b78b7c022d4fa5a6d5498bf18c8d6f745b91dc',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ 'http://distfiles.macports.org/gdbm/gdbm-1.19.tar.gz',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ '37ed12214122b972e18a0d94995039e57748191939ef74115b1d41d8811364bc',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ [configure_args + ['--without-readline'],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ['make', '-s', '-j', str(multiprocessing.cpu_count())],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ ['make', 'install', 'DESTDIR={}/'.format(deps_destdir)],
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -238,7 +239,8 @@ def create_cffi_import_libraries(pypy_c,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ env['CPPFLAGS'] = \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ '-I{}/usr/include {}'.format(deps_destdir, env.get('CPPFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ env['LDFLAGS'] = \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- '-L{}/usr/lib {}'.format(deps_destdir, env.get('LDFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ '-L{}/usr/lib -L{}/usr/lib64 {}'.format(deps_destdir, deps_destdir,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ env.get('LDFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ status, stdout, stderr = run_subprocess(str(pypy_c), args,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -274,8 +276,8 @@ if __name__ == '__main__':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sys.exit(1)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ tool_dir = os.path.dirname(os.path.abspath(sys.argv[0]))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- base_dir = os.path.dirname(os.path.dirname(tool_dir))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- sys.path.insert(0, base_dir)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ lib_pypy_dir = os.path.dirname(os.path.dirname(tool_dir))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ sys.path.insert(0, lib_pypy_dir)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ class Options(object):
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ pass
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -287,7 +289,7 @@ if __name__ == '__main__':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ parser.add_argument('--rebuild', dest='rebuild', action='store_true',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ help='Rebuild the module even if it already appears to have been built.')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ parser.add_argument('--only', dest='only', default=None,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- help='Only build the modules delimited by a colon. E.g. _ssl,sqlite')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ help='Only build the modules delimited by a comma e.g. _ssl,sqlite')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ parser.add_argument('--embed-dependencies', dest='embed_dependencies', action='store_true',
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ help='embed dependencies for distribution')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ args = parser.parse_args()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -306,9 +308,14 @@ if __name__ == '__main__':
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ only = None
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ only = set(args.only.split(','))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- failures = create_cffi_import_libraries(exename, options, basedir, only=only,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- embed_dependencies=args.embed_dependencies,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- rebuild=args.rebuild)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ olddir = os.getcwd()
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ os.chdir(lib_pypy_dir)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ try:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ failures = create_cffi_import_libraries(exename, options, basedir,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ only=only, embed_dependencies=args.embed_dependencies,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ rebuild=args.rebuild)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ finally:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ os.chdir(olddir)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if len(failures) > 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ print('*** failed to build the CFFI modules %r' % (
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ [f[1] for f in failures],), file=sys.stderr)
</span><span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/pypy38-cflags.diff b/lang/pypy/files/pypy38-cflags.diff
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..e9efa9314c9
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/files/pypy38-cflags.diff
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,36 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# HG changeset patch
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# User Dan Villiom Podlaski Christiansen <danchr@gmail.com>
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Date 1633441137 -7200
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Tue Oct 05 15:38:57 2021 +0200
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Branch release-pypy3.8-v7.x
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Node ID 7b60c4aeb4296a536e293e01e0489a90806bed9f
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+# Parent 7e233b73b92740ab7a20680a404ac100be1eb508
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+build_cffi_imports: fix determining CFLAGS
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+The previous logic implicitly assumed that CFLAGS was either unset or
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+started with a space, breaking the MacPorts build. In addition, it
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+also extracted the version info from the _running_ interpreter rather
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+than the _built_ one.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+diff --git lib_pypy/pypy_tools/build_cffi_imports.py lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+--- lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++++ lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -198,8 +198,16 @@ def create_cffi_import_libraries(pypy_c,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ else:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # normally, this would be correctly added by setuptools/distutils, but
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # we moved this, and the ensurepip setuptools has not caught up yet
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- include_path = os.path.join(basedir, 'include', 'pypy%d.%d' % sys.version_info[:2])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+- env['CFLAGS'] = '-fPIC -I%s' % include_path + env.get('CFLAGS', '')
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ status, stdout, stderr = run_subprocess(str(pypy_c), ['-c', 'from _sysconfigdata import build_time_vars as v; print(v["INCLUDEPY"])'])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ if status != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ failures.append((key, module))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ print("stdout:")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ print(stdout.decode('utf-8'))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ print("stderr:")
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ print(stderr.decode('utf-8'))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ continue
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ include_path = stdout
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>++ env['CFLAGS'] = ' '.join(('-fPIC', '-I' + include_path, env.get('CFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ status, stdout, stderr = run_subprocess(str(pypy_c), ['-c', 'import setuptools'])
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ if status != 0:
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ status, stdout, stderr = run_subprocess(str(pypy_c), ['-m', 'ensurepip'])
</span></pre><pre style='margin:0'>
</pre>