<pre style='margin:0'>
Dan Villiom Podlaski Christiansen (danchr) pushed a commit to branch master
in repository macports-ports.
</pre>
<p><a href="https://github.com/macports/macports-ports/commit/f708ef18a585e3fcca8557ad84454f6e80dbf5d0">https://github.com/macports/macports-ports/commit/f708ef18a585e3fcca8557ad84454f6e80dbf5d0</a></p>
<pre style="white-space: pre; background: #F8F8F8"><span style='display:block; white-space:pre;color:#808000;'>commit f708ef18a585e3fcca8557ad84454f6e80dbf5d0
</span>Author: Dan Villiom Podlaski Christiansen <danchr@macports.org>
AuthorDate: Wed Jun 8 13:23:48 2022 +0200
<span style='display:block; white-space:pre;color:#404040;'> pypy: update to 7.3.9; add pypy39 subports
</span>---
lang/pypy/Portfile | 57 +-
lang/pypy/files/pypy2-darwin.py.diff | 14 +-
lang/pypy/files/pypy37-openssl3.diff | 22094 ---------------------------------
lang/pypy/files/pypy38-cflags.diff | 36 -
lang/pypy/files/python-pypy39 | 13 +
lang/pypy/files/python3-pypy39 | 13 +
6 files changed, 71 insertions(+), 22156 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/Portfile b/lang/pypy/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index 919bc2996bd..6db68731d61 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/lang/pypy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -7,8 +7,8 @@ PortGroup deprecated 1.0
</span> PortGroup openssl 1.0
gitlab.instance https://foss.heptapod.net
<span style='display:block; white-space:pre;background:#ffe0e0;'>-gitlab.setup pypy pypy 7.3.7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-revision 2
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+gitlab.setup pypy pypy 7.3.9
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision 0
</span>
categories lang python devel
license MIT PSF
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -90,6 +90,18 @@ subport pypy38 {
</span> select.entries-append [list python3 python3-$subport $subport]
}
<span style='display:block; white-space:pre;background:#e0ffe0;'>+subport pypy39 {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set python.branch 3.9
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set module_scripts(venv) venv
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set module_scripts(idle) idlelib
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ depends_lib-append port:xz
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ depends_run-append port:python3_select
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ select.entries-append [list python3 python3-$subport $subport]
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span>
subport pypy-tkinter {
set python.branch 2.7
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -107,6 +119,10 @@ subport pypy38-tkinter {
</span> set python.branch 3.8
}
<span style='display:block; white-space:pre;background:#e0ffe0;'>+subport pypy39-tkinter {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set python.branch 3.9
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+}
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span> if {$subport == ${name}} {
set python.branch 2.7
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -115,13 +131,11 @@ if {$subport == ${name}} {
</span> }
if {${python.branch} == 2.7} {
<span style='display:block; white-space:pre;background:#ffe0e0;'>- version 7.3.6
</span> patchfiles-append pypy2-darwin.py.diff
<span style='display:block; white-space:pre;background:#ffe0e0;'>- openssl.branch 1.1
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>- checksums rmd160 fffd65ed0ba685ab2eb419758431b827701e4d22 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- sha256 0114473c8c57169cdcab1a69c60ad7fef7089731fdbe6f46af55060b29be41e4 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- size 21621891
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ checksums rmd160 962c6d7a898769a78907af9f4044b3be9e246339 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sha256 39b0972956f6548ce5828019dbae12503c32d6cbe91a2becf88d3e42cc52197b \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ size 23328628
</span>
set use_prefix no
} elseif {${python.branch} == 3.6} {
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -143,20 +157,27 @@ if {${python.branch} == 2.7} {
</span>
set use_prefix no
} elseif {${python.branch} == 3.7} {
<span style='display:block; white-space:pre;background:#ffe0e0;'>- patchfiles-append pypy3-darwin.py.diff pypy37-openssl3.diff
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patchfiles-append pypy3-darwin.py.diff
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>- checksums rmd160 19304ae652f6f987841d693d52d9e855ae8c7129 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- sha256 2ed02ac9e710859c41bc82deafb08619792bb9a27eeaa1676c741ededd214dd7 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- size 23804463
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ checksums rmd160 32498233dcf14e76cce466f4d246e58764a1775b \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sha256 70426163b194ee46009986eea6d9426098a3ffb552d9cdbd3dfaa64a47373f49 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ size 26092870
</span>
set use_prefix no
} elseif {${python.branch} == 3.8} {
patchfiles-append pypy3-darwin.py.diff
<span style='display:block; white-space:pre;background:#ffe0e0;'>- openssl.branch 1.1
</span>
<span style='display:block; white-space:pre;background:#ffe0e0;'>- checksums rmd160 541e6d98e10379d8982cf08e99a68c9f103a506d \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- sha256 21ae339f4f5016d6ca7300305f3e3b554373835cb3c39a9041fe30e6811c80c6 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- size 24375444
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ checksums rmd160 e0724177307c1d21e4fe4e2977c3f72be1a9642f \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sha256 5b5d9d9256f12a129af8384e2f581bdfab3bc0fbbe3a0a480d9c1d2e95490eb1 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ size 26642176
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ set use_prefix yes
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+} elseif {${python.branch} == 3.9} {
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ patchfiles-append pypy3-darwin.py.diff
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ checksums rmd160 a977b07ac5ae199054563eb0cfbb9f5ed8acd11d \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sha256 2abaa1e9fe1ec0e233c9fbc377a0c8e9a0634080a8f4f30eb6898301f6618c12 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ size 26976726
</span>
set use_prefix yes
}
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -236,9 +257,9 @@ if {$subport ne $name} {
</span> distfiles-append ${bootstrapper}${extract.suffix}
checksums-append \
${bootstrapper}${extract.suffix} \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- rmd160 3d58032c522e135b2b13027f1dd55781e7d15959 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- sha256 9a97de82037d4be1949ec0c35a4d638ba635e8b34948549ae2fa08abd2cbaa8c \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- size 24367213
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ rmd160 192d5d6cdc41123c22dc5c9f7e20acb6e8872510 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ sha256 77314f5a6b2cc35d24e6f952bef89f5da612b90e4127a8034aed708d9ae483c4 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ size 23915729
</span> } else {
# for compatibility, don't bump this needlessly
set bootstrapper "pypy-5.1.0-osx64"
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/pypy2-darwin.py.diff b/lang/pypy/files/pypy2-darwin.py.diff
</span><span style='display:block; white-space:pre;color:#808080;'>index 5145fff622b..17ccf3182c0 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/lang/pypy/files/pypy2-darwin.py.diff
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/files/pypy2-darwin.py.diff
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -1,22 +1,20 @@
</span> diff --git rpython/translator/platform/darwin.py rpython/translator/platform/darwin.py
--- rpython/translator/platform/darwin.py
+++ rpython/translator/platform/darwin.py
<span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -9,7 +9,7 @@ import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # since 10.5, so we use that as minimum requirement. Bumped to 10.7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # to allow the use of thread-local in __thread in C.
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -11,7 +11,7 @@ import os
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # Bumped to 10.9 2021-11-22 to match CPython,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ # see https://github.com/python/cpython/blob/42205ee51
</span> #
<span style='display:block; white-space:pre;background:#ffe0e0;'>--DARWIN_VERSION_MIN = '-mmacosx-version-min=10.7'
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-DARWIN_VERSION_MIN = '-mmacosx-version-min=10.9'
</span> +DARWIN_VERSION_MIN = ''
class Darwin(posix.BasePosix):
name = "darwin"
<span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -23,7 +23,6 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+@@ -25,7 +25,6 @@ class Darwin(posix.BasePosix):
</span> DARWIN_VERSION_MIN,)
so_ext = 'dylib'
- DEFAULT_CC = 'clang'
rpath_flags = ['-Wl,-rpath', '-Wl,@executable_path/']
<span style='display:block; white-space:pre;background:#ffe0e0;'>- def get_rpath_flags(self, rel_libdirs):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-Diff finished. Tue Dec 29 14:19:30 2020
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ def get_multiarch(self):
</span><span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/pypy37-openssl3.diff b/lang/pypy/files/pypy37-openssl3.diff
</span>deleted file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 05cac73bc3c..00000000000
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/lang/pypy/files/pypy37-openssl3.diff
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -1,22094 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# HG changeset patch
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# User Matti Picus <matti.picus@gmail.com>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Date 1636378163 -7200
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Mon Nov 08 15:29:23 2021 +0200
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Branch py3.7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Node ID c1239ffec2247e1416bd99845fb5aa82c634d294
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Parent 27a6cf77daa9f9ce77af1dd52f708323f1df6378
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Parent ad7ac191b0b9ce26689c6911206bf9a614ba28b8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-merge py3.7-openssl-3.0.0 which provides openssl3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib-python/3/test/test_ssl.py lib-python/3/test/test_ssl.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib-python/3/test/test_ssl.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib-python/3/test/test_ssl.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -33,6 +33,7 @@ HOST = support.HOST
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- IS_LIBRESSL = ssl.OPENSSL_VERSION.startswith('LibreSSL')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- IS_OPENSSL_1_1_0 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- IS_OPENSSL_1_1_1 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (1, 1, 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+IS_OPENSSL_3_0_0 = not IS_LIBRESSL and ssl.OPENSSL_VERSION_INFO >= (3, 0, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- PY_SSL_DEFAULT_CIPHERS = sysconfig.get_config_var('PY_SSL_DEFAULT_CIPHERS')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- PROTOCOL_TO_TLS_VERSION = {}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -141,6 +142,7 @@ OP_SINGLE_DH_USE = getattr(ssl, "OP_SING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OP_SINGLE_ECDH_USE = getattr(ssl, "OP_SINGLE_ECDH_USE", 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OP_CIPHER_SERVER_PREFERENCE = getattr(ssl, "OP_CIPHER_SERVER_PREFERENCE", 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OP_ENABLE_MIDDLEBOX_COMPAT = getattr(ssl, "OP_ENABLE_MIDDLEBOX_COMPAT", 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+OP_IGNORE_UNEXPECTED_EOF = getattr(ssl, "OP_IGNORE_UNEXPECTED_EOF", 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # Ubuntu has patched OpenSSL and changed behavior of security level 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # see https://bugs.python.org/issue41561#msg389003
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -206,6 +208,10 @@ def has_tls_version(version):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if not getattr(ssl, f'HAS_{version.name}'):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if IS_OPENSSL_3_0_0 and version < ssl.TLSVersion.TLSv1_2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # bpo43791: 3.0.0-alpha14 fails with TLSV1_ALERT_INTERNAL_ERROR
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # check runtime and dynamic crypto policy settings. A TLS version may
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # be compiled in but disabled by a policy or config option.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ctx = ssl.SSLContext()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1179,7 +1185,8 @@ class ContextTests(unittest.TestCase):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # SSLContext also enables these by default
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- default |= (OP_NO_COMPRESSION | OP_CIPHER_SERVER_PREFERENCE |
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OP_SINGLE_DH_USE | OP_SINGLE_ECDH_USE |
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OP_ENABLE_MIDDLEBOX_COMPAT)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ OP_ENABLE_MIDDLEBOX_COMPAT |
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ OP_IGNORE_UNEXPECTED_EOF)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- self.assertEqual(default, ctx.options)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ctx.options |= ssl.OP_NO_TLSv1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- self.assertEqual(default | ssl.OP_NO_TLSv1, ctx.options)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -2281,6 +2288,8 @@ class NetworkedTests(unittest.TestCase):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- rc = s.connect_ex((REMOTE_HOST, 443))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if rc == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- self.skipTest("REMOTE_HOST responded too quickly")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ elif rc == errno.ENETUNREACH:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ self.skipTest("Network unreachable.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- self.assertIn(rc, (errno.EAGAIN, errno.EWOULDBLOCK))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- @unittest.skipUnless(support.IPV6_ENABLED, 'Needs IPv6')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -2501,6 +2510,14 @@ class ThreadedEchoServer(threading.Threa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- sys.stdout.write(err.args[1])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # test_pha_required_nocert is expecting this exception
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- raise ssl.SSLError('tlsv13 alert certificate required')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if 'UNEXPECTED_EOF_WHILE_READING' == err.reason:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # PyPy OpenSSL3 needs this, on CPython a
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # BrokenPipeError is raised which is caught as an
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # OSError. In this case do not stop the server.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if self.server.chatty:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ handle_error("Test server failure:\n")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ self.close()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ self.running = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- except OSError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if self.server.chatty:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- handle_error("Test server failure:\n")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -4613,7 +4630,6 @@ def test_main(verbose=False):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if support.verbose:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- plats = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'Linux': platform.linux_distribution,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- 'Mac': platform.mac_ver,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- 'Windows': platform.win32_ver,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/README.md lib_pypy/_cffi_ssl/README.md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/README.md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/README.md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,35 +1,11 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # PyPy's SSL module
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--All of the CFFI code is copied from cryptography. PyPy vendors it's own copy of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--the cffi backend thus it renames the compiled shared object to _pypy_openssl.so
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--(which means that cryptography can ship their own cffi backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Modifications to cryptography 2.7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+PyPy's _ssl module began as a fork of cryptography 2.7. The code in _cffi_src
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+contains vestiges of the cryptography code, but has diverged significantly to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+handle newer OpenSSL versions and to more closely track what is needed for
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+CPython compatibility.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/asn1.py` : revert removal of `ASN1_TIME_print`,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- `ASN1_ITEM`, `ASN1_ITEM_EXP`, `ASN1_VALUE`, `ASN1_item_d2i`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/bio.py` : revert removal of `BIO_s_file`, `BIO_read_filename`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/evp.py` : revert removal of `EVP_MD_size`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/nid.py` : revert removal of `NID_ad_OCSP`,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- `NID_info_access`, `NID_ad_ca_issuers`, `NID_crl_distribution_points`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/pem.py` : revert removal of `PEM_read_bio_X509_AUX`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/x509.py` : revert removal of `X509_get_ext_by_NID`,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- `i2d_X509`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/x509v3.py` : revert removal of `X509V3_EXT_get`,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- `X509V3_EXT_METHOD`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/ssl.py: expose Cryptography_HAS_CTRL_GET_MAX_PROTO_VERSION
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- `_cffi_src/openssl/ssl.py: thow an early `#error` if OpenSSL is older than 1.0.2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Tests?
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--Currently this module is tested using CPython's standard library test suite.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Install it into PyPy's source tree
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--Copy over all the sources into the folder `lib_pypy/_cffi_ssl/*`. Updating the cffi backend can be simply done by the following command::
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- $ cp -r <cloned cryptography folder>/src/* .
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Crpytography version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--Copied over release version `2.7`
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+The build uses cffi. The declarations and definitions of the imported functions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+are in _cffi_src/openssl. The cryptography LICENSE is preserved in this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+directory
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/build_constant_time.py lib_pypy/_cffi_ssl/_cffi_src/build_constant_time.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/build_constant_time.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,27 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from _cffi_src.utils import build_ffi, compiler_type, extra_link_args
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- os.path.dirname(__file__), "hazmat_src/constant_time.h"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)) as f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- types = f.read()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- os.path.dirname(__file__), "hazmat_src/constant_time.c"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)) as f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- functions = f.read()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--ffi = build_ffi(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- module_name="_constant_time",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdef_source=types,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- verify_source=functions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extra_link_args=extra_link_args(compiler_type()),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/build_padding.py lib_pypy/_cffi_ssl/_cffi_src/build_padding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/build_padding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,27 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from _cffi_src.utils import build_ffi, compiler_type, extra_link_args
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- os.path.dirname(__file__), "hazmat_src/padding.h"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)) as f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- types = f.read()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--with open(os.path.join(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- os.path.dirname(__file__), "hazmat_src/padding.c"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)) as f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- functions = f.read()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--ffi = build_ffi(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- module_name="_padding",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdef_source=types,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- verify_source=functions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extra_link_args=extra_link_args(compiler_type()),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.c lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,22 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// repository for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--uint8_t Cryptography_constant_time_bytes_eq(uint8_t *a, size_t len_a,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint8_t *b, size_t len_b) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- size_t i = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint8_t mismatch = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (len_a != len_b) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for (i = 0; i < len_a; i++) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= a[i] ^ b[i];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Make sure any bits set are copied to the lowest bit */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 4;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 2;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Now check the low bit to see if it's set */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (mismatch & 1) == 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.h lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.h
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/constant_time.h
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,6 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// repository for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--uint8_t Cryptography_constant_time_bytes_eq(uint8_t *, size_t, uint8_t *,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- size_t);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.c lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,65 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// repository for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* Returns the value of the input with the most-significant-bit copied to all
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- of the bits. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static uint16_t Cryptography_DUPLICATE_MSB_TO_ALL(uint16_t a) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (1 - (a >> (sizeof(uint16_t) * 8 - 1))) - 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* This returns 0xFFFF if a < b else 0x0000, but does so in a constant time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fashion */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static uint16_t Cryptography_constant_time_lt(uint16_t a, uint16_t b) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a -= b;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return Cryptography_DUPLICATE_MSB_TO_ALL(a);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--uint8_t Cryptography_check_pkcs7_padding(const uint8_t *data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t block_len) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t i;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t pad_size = data[block_len - 1];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t mismatch = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for (i = 0; i < block_len; i++) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unsigned int mask = Cryptography_constant_time_lt(i, pad_size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t b = data[block_len - 1 - i];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= (mask & (pad_size ^ b));
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Check to make sure the pad_size was within the valid range. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= ~Cryptography_constant_time_lt(0, pad_size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= Cryptography_constant_time_lt(block_len, pad_size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Make sure any bits set are copied to the lowest bit */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 8;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 4;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 2;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Now check the low bit to see if it's set */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (mismatch & 1) == 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--uint8_t Cryptography_check_ansix923_padding(const uint8_t *data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t block_len) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t i;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t pad_size = data[block_len - 1];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t mismatch = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Skip the first one with the pad size */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for (i = 1; i < block_len; i++) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unsigned int mask = Cryptography_constant_time_lt(i, pad_size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uint16_t b = data[block_len - 1 - i];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= (mask & b);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Check to make sure the pad_size was within the valid range. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= ~Cryptography_constant_time_lt(0, pad_size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= Cryptography_constant_time_lt(block_len, pad_size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Make sure any bits set are copied to the lowest bit */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 8;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 4;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 2;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mismatch |= mismatch >> 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Now check the low bit to see if it's set */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (mismatch & 1) == 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.h lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.h
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/hazmat_src/padding.h
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,6 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// 2.0, and the BSD License. See the LICENSE file in the root of this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--// repository for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--uint8_t Cryptography_check_pkcs7_padding(const uint8_t *, uint8_t);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--uint8_t Cryptography_check_ansix923_padding(const uint8_t *, uint8_t);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/__init__.py lib_pypy/_cffi_ssl/_cffi_src/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/bio.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -26,9 +26,9 @@ int BIO_write(BIO *, const void *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int BIO_up_ref(BIO *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- BIO *BIO_new(BIO_METHOD *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--BIO_METHOD *BIO_s_mem(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--BIO_METHOD *BIO_s_file(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--BIO_METHOD *BIO_s_datagram(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+const BIO_METHOD *BIO_s_mem(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+const BIO_METHOD *BIO_s_file(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+const BIO_METHOD *BIO_s_datagram(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- BIO *BIO_new_mem_buf(const void *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- long BIO_set_mem_eof_return(BIO *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- long BIO_get_mem_data(BIO *, char **);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/crypto.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -30,7 +30,6 @@ static const int CRYPTO_MEM_CHECK_DISABL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int CRYPTO_mem_ctrl(int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void OPENSSL_cleanup(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -130,4 +129,11 @@ void *Cryptography_realloc_wrapper(void
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void Cryptography_free_wrapper(void *ptr, const char *path, int line) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- free(ptr);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_300
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTO_MEM_CHECK_ON=0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTO_MEM_CHECK_OFF=0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTO_MEM_CHECK_ENABLE=0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTO_MEM_CHECK_DISABLE=0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/cryptography.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -40,10 +40,16 @@ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (LIBRESSL_VERSION_NUMBER >= 0x2080000f)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_LIBRESSL_291_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (LIBRESSL_VERSION_NUMBER >= 0x2090100f)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ (LIBRESSL_VERSION_NUMBER < 0x3030200f)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_340 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ (LIBRESSL_VERSION_NUMBER < 0x3040000f)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_LIBRESSL_27_OR_GREATER (0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_LIBRESSL_28_OR_GREATER (0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_LIBRESSL_291_OR_GREATER (0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_332 (0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_340 (0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_OPENSSL_102_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -54,6 +60,10 @@ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (OPENSSL_VERSION_NUMBER >= 0x10100000 && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (OPENSSL_VERSION_NUMBER >= 0x1010006f && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_OPENSSL_111D_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ (OPENSSL_VERSION_NUMBER >= 0x10101040 && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_OPENSSL_300_OR_GREATER \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ (OPENSSL_VERSION_NUMBER >= 0x30000000 && !CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (OPENSSL_VERSION_NUMBER < 0x10002000 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -67,17 +77,31 @@ INCLUDES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (OPENSSL_VERSION_NUMBER < 0x10101000 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- (OPENSSL_VERSION_NUMBER < 0x10101020 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_300 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ (OPENSSL_VERSION_NUMBER < 0x30000000 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ (OPENSSL_VERSION_NUMBER < 0x10101040 || CRYPTOGRAPHY_IS_LIBRESSL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if (CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D && !CRYPTOGRAPHY_IS_LIBRESSL && \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ !defined(OPENSSL_NO_ENGINE)) || defined(USE_OSRANDOM_RNG_FOR_TESTING)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- TYPES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_102L_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_110_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTOGRAPHY_OPENSSL_111D_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTOGRAPHY_OPENSSL_300_OR_GREATER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_300;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int CRYPTOGRAPHY_IS_LIBRESSL;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/err.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -18,10 +18,53 @@ static const int ERR_LIB_EVP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_LIB_EC;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_LIB_PEM;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_LIB_ASN1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const int ERR_LIB_RSA;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_ASYNC;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_BIO;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_BN;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_BUF;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CMP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CMS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_COMP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CONF;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CRMF;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CRYPTO;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CT;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_DH;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_DSA;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_DSO;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_EC;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_ECDH;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_ECDSA;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_ENGINE;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_ESS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_EVP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_FIPS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_HMAC;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_HTTP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_KDF;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_MASK;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_NONE;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OBJ;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OCSP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OFFSET;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OSSL_DECODER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OSSL_ENCODER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OSSL_STORE;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_PEM;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_LIB_PKCS12;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_PKCS7;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_PROP;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_PROV;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_RAND;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_RSA;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_SM2;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_LIB_SSL;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_SYS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_TS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_UI;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_USER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_LIB_X509;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_X509V3;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int ERR_R_MALLOC_FAILURE;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_MEMORY_LIMIT_EXCEEDED;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -66,7 +109,6 @@ static const int EVP_R_DIFFERENT_KEY_TYP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_INITIALIZATION_ERROR;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_INPUT_NOT_INITIALIZED;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_INVALID_KEY_LENGTH;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const int EVP_R_KEYGEN_FAILURE;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_MISSING_PARAMETERS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_NO_CIPHER_SET;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const int EVP_R_NO_DIGEST_SET;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -155,10 +197,8 @@ unsigned long ERR_get_error(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- unsigned long ERR_peek_error(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- unsigned long ERR_peek_last_error(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void ERR_clear_error(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--void ERR_put_error(int, int, int, const char *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int ERR_GET_LIB(unsigned long);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int ERR_GET_FUNC(unsigned long);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int ERR_GET_REASON(unsigned long);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -179,4 +219,18 @@ static const long Cryptography_HAS_EVP_R
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const long EVP_R_MEMORY_LIMIT_EXCEEDED = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const long Cryptography_HAS_EVP_R_MEMORY_LIMIT_EXCEEDED = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CMP = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_CRMF = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_ESS = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_HTTP = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_MASK = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OFFSET = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OSSL_DECODER = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_OSSL_ENCODER = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_PROP = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const int ERR_LIB_PROV = -42;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/evp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -119,9 +119,6 @@ int EVP_PKEY_derive_set_peer(EVP_PKEY_CT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_PKEY_derive(EVP_PKEY_CTX *, unsigned char *, size_t *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_PKEY_set_type(EVP_PKEY *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int EVP_PKEY_id(const EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int Cryptography_EVP_PKEY_id(const EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- /* in 1.1.0 _create and _destroy were renamed to _new and _free. The following
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- two functions wrap both the old and new functions so we can call them
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- without worrying about what OpenSSL we're running against. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -138,7 +135,7 @@ int EVP_PKEY_set1_tls_encodedpoint(EVP_P
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- size_t);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- /* EVP_PKEY * became const in 1.1.0 */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int EVP_PKEY_bits(EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+// int EVP_PKEY_bits(EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void OpenSSL_add_all_algorithms(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -146,8 +143,7 @@ int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_PKEY_set1_EC_KEY(EVP_PKEY *, EC_KEY *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int EVP_MD_CTX_block_size(const EVP_MD_CTX *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+// int EVP_MD_CTX_block_size(const EVP_MD_CTX *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int PKCS5_PBKDF2_HMAC(const char *, int, const unsigned char *, int, int,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -175,10 +171,6 @@ const long Cryptography_HAS_EVP_PKEY_DHX
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const long EVP_PKEY_DHX = -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return EVP_PKEY_id(key);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #if CRYPTOGRAPHY_OPENSSL_LESS_THAN_110
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return EVP_MD_CTX_create();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/fips.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -5,24 +5,13 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- INCLUDES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#include <openssl/crypto.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- TYPES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const long Cryptography_HAS_FIPS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int FIPS_mode_set(int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int FIPS_mode(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- CUSTOMIZATIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const long Cryptography_HAS_FIPS = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int (*FIPS_mode_set)(int) = NULL;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int (*FIPS_mode)(void) = NULL;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const long Cryptography_HAS_FIPS = 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -25,7 +25,7 @@ int OCSP_response_status(OCSP_RESPONSE *
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- OCSP_BASICRESP *OCSP_response_get1_basic(OCSP_RESPONSE *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int OCSP_BASICRESP_get_ext_count(OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const ASN1_OCTET_STRING *OCSP_resp_get0_signature(const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--Cryptography_STACK_OF_X509 *OCSP_resp_get0_certs(const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+const Cryptography_STACK_OF_X509 *OCSP_resp_get0_certs(const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const ASN1_GENERALIZEDTIME *OCSP_resp_get0_produced_at(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const OCSP_BASICRESP *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const OCSP_CERTID *OCSP_SINGLERESP_get0_id(const OCSP_SINGLERESP *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/provider.py lib_pypy/_cffi_ssl/_cffi_src/openssl/provider.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-new file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/provider.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -0,0 +1,38 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+INCLUDES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#include <openssl/provider.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#include <openssl/proverr.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+TYPES = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long Cryptography_HAS_PROVIDERS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+typedef ... OSSL_PROVIDER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+typedef ... OSSL_LIB_CTX;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long PROV_R_BAD_DECRYPT;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long PROV_R_XTS_DUPLICATED_KEYS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long PROV_R_WRONG_FINAL_BLOCK_LENGTH;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+CUSTOMIZATIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if CRYPTOGRAPHY_OPENSSL_300_OR_GREATER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long Cryptography_HAS_PROVIDERS = 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long Cryptography_HAS_PROVIDERS = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+typedef void OSSL_PROVIDER;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+typedef void OSSL_LIB_CTX;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long PROV_R_BAD_DECRYPT = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long PROV_R_XTS_DUPLICATED_KEYS = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long PROV_R_WRONG_FINAL_BLOCK_LENGTH = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -49,8 +49,8 @@ void RSA_get0_key(const RSA *, const BIG
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void RSA_get0_factors(const RSA *, const BIGNUM **, const BIGNUM **);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void RSA_get0_crt_params(const RSA *, const BIGNUM **, const BIGNUM **,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- const BIGNUM **);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+// int EVP_PKEY_CTX_set_rsa_padding(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+//int EVP_PKEY_CTX_set_rsa_pss_saltlen(EVP_PKEY_CTX *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_PKEY_CTX_set_rsa_mgf1_md(EVP_PKEY_CTX *, EVP_MD *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int EVP_PKEY_CTX_set0_rsa_oaep_label(EVP_PKEY_CTX *, unsigned char *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -60,17 +60,13 @@ int EVP_PKEY_CTX_set_rsa_oaep_md(EVP_PKE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- CUSTOMIZATIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const long Cryptography_HAS_PSS_PADDING = 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if defined(EVP_PKEY_CTX_set_rsa_oaep_md)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if !CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const long Cryptography_HAS_RSA_OAEP_MD = 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long Cryptography_HAS_RSA_OAEP_LABEL = 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const long Cryptography_HAS_RSA_OAEP_MD = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const long Cryptography_HAS_RSA_OAEP_LABEL = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int (*EVP_PKEY_CTX_set_rsa_oaep_md)(EVP_PKEY_CTX *, EVP_MD *) = NULL;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if defined(EVP_PKEY_CTX_set0_rsa_oaep_label)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const long Cryptography_HAS_RSA_OAEP_LABEL = 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const long Cryptography_HAS_RSA_OAEP_LABEL = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int (*EVP_PKEY_CTX_set0_rsa_oaep_label)(EVP_PKEY_CTX *, unsigned char *,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int) = NULL;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -17,8 +17,9 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #include <poll.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifndef OPENSSL_NO_ENGINE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* OpenSSL has ENGINE support so build the engine. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#if CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+/* OpenSSL has ENGINE support and is older than 1.1.1d (the first version that
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ * properly implements fork safety in its RNG) so build the engine. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const char *Cryptography_osrandom_engine_id = "osrandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- /****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -251,7 +252,7 @@ static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #if !defined(__APPLE__)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- #else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (&getentropy != NULL) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if (__builtin_available(macOS 10.12, *)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -277,7 +278,11 @@ static int osrandom_rand_bytes(unsigned
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- /* OpenBSD and macOS restrict maximum buffer size to 256. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- len = size > 256 ? 256 : size;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+/* on mac, availability is already checked using `__builtin_available` above */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#pragma clang diagnostic push
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#pragma clang diagnostic ignored "-Wunguarded-availability"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- res = getentropy(buffer, (size_t)len);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+#pragma clang diagnostic pop
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if (res < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -524,7 +529,7 @@ static int osrandom_ctrl(ENGINE *e, int
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_INVALID_ARGUMENT);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- strncpy((char *)p, name, len);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ strcpy((char *)p, name);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return (int)len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- default:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -646,7 +651,7 @@ int Cryptography_add_osrandom_engine(voi
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * to compile the osrandom engine, but we do need some
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * placeholders */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- static const char *Cryptography_osrandom_engine_id = "no-engine-support";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled due to no engine support";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int Cryptography_add_osrandom_engine(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/ssl.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -235,6 +235,8 @@ int SSL_CTX_set_cipher_list(SSL_CTX *, c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int SSL_CTX_load_verify_locations(SSL_CTX *, const char *, const char *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void SSL_CTX_set_default_passwd_cb(SSL_CTX *, pem_password_cb *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *, void *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int SSL_CTX_use_certificate(SSL_CTX *, X509 *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int SSL_CTX_use_certificate_ASN1(SSL_CTX *, int, const unsigned char *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int SSL_CTX_use_certificate_file(SSL_CTX *, const char *, int);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_cffi_src/openssl/x509name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -25,7 +25,7 @@ FUNCTIONS = """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- X509_NAME *X509_NAME_new(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- void X509_NAME_free(X509_NAME *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--unsigned long X509_NAME_hash(X509_NAME *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+// unsigned long X509_NAME_hash(X509_NAME *);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int i2d_X509_NAME(X509_NAME *, unsigned char **);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- int X509_NAME_add_entry_by_txt(X509_NAME *, const char *, int,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_stdssl/__init__.py lib_pypy/_cffi_ssl/_stdssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_stdssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_stdssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1338,6 +1338,8 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- keyfile = certfile
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- pw_info = PasswordInfo()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- index = -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ orig_passwd_cb = lib.SSL_CTX_get_default_passwd_cb(self.ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ orig_passwd_userdata = lib.SSL_CTX_get_default_passwd_cb_userdata(self.ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if password is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if callable(password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1354,6 +1356,7 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- lib.SSL_CTX_set_default_passwd_cb(self.ctx, Cryptography_pem_password_cb)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- lib.SSL_CTX_set_default_passwd_cb_userdata(self.ctx, pw_info.handle)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ prev_errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- certfilebuf = _str_to_ffi_buffer(certfile)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1388,10 +1391,11 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if ret != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ffi.errno = prev_errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if index >= 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- del PWINFO_STORAGE[index]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.SSL_CTX_set_default_passwd_cb(self.ctx, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.SSL_CTX_set_default_passwd_cb_userdata(self.ctx, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.SSL_CTX_set_default_passwd_cb(self.ctx, orig_passwd_cb)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.SSL_CTX_set_default_passwd_cb_userdata(self.ctx, orig_passwd_userdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- def _wrap_socket(self, sock, server_side, server_hostname=None, *,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1402,43 +1406,47 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- server_hostname, owner, session, None, None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- def load_verify_locations(self, cafile=None, capath=None, cadata=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cadata is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ca_file_type = -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(cadata, str):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ca_file_type = lib.SSL_FILETYPE_ASN1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ prev_errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if cadata is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ca_file_type = -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ca_file_type = lib.SSL_FILETYPE_PEM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cadata = cadata.encode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("cadata should be a ASCII string or a bytes-like object")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cafile is None and capath is None and cadata is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("cafile and capath cannot be both omitted")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # load from cadata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cadata is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = _str_to_ffi_buffer(cadata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._add_ca_certs(buf, len(buf), ca_file_type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if not isinstance(cadata, str):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ca_file_type = lib.SSL_FILETYPE_ASN1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ca_file_type = lib.SSL_FILETYPE_PEM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ cadata = cadata.encode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise TypeError("cadata should be a ASCII string or a bytes-like object")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if cafile is None and capath is None and cadata is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise TypeError("cafile and capath cannot be both omitted")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # load from cadata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if cadata is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ buf = _str_to_ffi_buffer(cadata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ self._add_ca_certs(buf, len(buf), ca_file_type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # load cafile or capath
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cafile is not None or capath is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cafile is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cafilebuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cafilebuf = _str_to_ffi_buffer(cafile)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if capath is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- capathbuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- capathbuf = _str_to_ffi_buffer(capath)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ret = lib.SSL_CTX_load_verify_locations(self.ctx, cafilebuf, capathbuf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ret != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if _errno:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # load cafile or capath
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if cafile is not None or capath is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if cafile is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ cafilebuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ cafilebuf = _str_to_ffi_buffer(cafile)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if capath is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ capathbuf = ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ capathbuf = _str_to_ffi_buffer(capath)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ret = lib.SSL_CTX_load_verify_locations(self.ctx, cafilebuf, capathbuf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if ret != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if _errno:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ffi.errno = prev_errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- def _add_ca_certs(self, data, size, ca_file_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- biobuf = lib.BIO_new_mem_buf(data, size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1451,7 +1459,10 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if ca_file_type == lib.SSL_FILETYPE_ASN1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- cert = lib.d2i_X509_bio(biobuf, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert = lib.PEM_read_bio_X509(biobuf, ffi.NULL, ffi.NULL, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ cert = lib.PEM_read_bio_X509(biobuf, ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.SSL_CTX_get_default_passwd_cb(self.ctx),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.SSL_CTX_get_default_passwd_cb_userdata(self.ctx),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if not cert:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- break
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1482,7 +1493,7 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- lib.ERR_GET_REASON(err) == lib.PEM_R_NO_START_LINE):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # EOF PEM file, not an error
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ elif err != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- lib.BIO_free(biobuf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1564,33 +1575,37 @@ class _SSLContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- def load_dh_params(self, filepath):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if filepath is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("filepath must not be None")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = _fs_converter(filepath)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode = ffi.new("char[]",b"r")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = lib.BIO_new_file(buf, mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if bio == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ prev_errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh = lib.PEM_read_bio_DHparams(bio, ffi.NULL, ffi.NULL, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.BIO_free(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dh == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if _errno != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if filepath is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise TypeError("filepath must not be None")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ buf = _fs_converter(filepath)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ mode = ffi.new("char[]",b"r")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ffi.errno = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ bio = lib.BIO_new_file(buf, mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if bio == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if lib.SSL_CTX_set_tmp_dh(self.ctx, dh) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ dh = lib.PEM_read_bio_DHparams(bio, ffi.NULL, ffi.NULL, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.BIO_free(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if dh == ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ _errno = ffi.errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if _errno != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise OSError(_errno, '')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if lib.SSL_CTX_set_tmp_dh(self.ctx, dh) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ raise ssl_error(None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib.DH_free(dh)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.DH_free(dh)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ffi.errno = prev_errno
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- def get_ca_certs(self, binary_form=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- binary_mode = bool(binary_form)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/_stdssl/errorcodes.py lib_pypy/_cffi_ssl/_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,395 +1,1722 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# File generated by tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Generated on 2016-11-10T17:38:59.402032
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+# File generated by lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+# Generated on 2021-11-07T08:11:00.061651
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+from _pypy_openssl import ffi, lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+_lib_codes = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASN1", lib.ERR_LIB_ASN1),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASYNC", lib.ERR_LIB_ASYNC),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BIO", lib.ERR_LIB_BIO),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN", lib.ERR_LIB_BN),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BUF", lib.ERR_LIB_BUF),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CMP", lib.ERR_LIB_CMP),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CMS", lib.ERR_LIB_CMS),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMP", lib.ERR_LIB_COMP),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONF", lib.ERR_LIB_CONF),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CRMF", lib.ERR_LIB_CRMF),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CRYPTO", lib.ERR_LIB_CRYPTO),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CT", lib.ERR_LIB_CT),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DH", lib.ERR_LIB_DH),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DSA", lib.ERR_LIB_DSA),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DSO", lib.ERR_LIB_DSO),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EC", lib.ERR_LIB_EC),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ECDH", lib.ERR_LIB_ECDH),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ECDSA", lib.ERR_LIB_ECDSA),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENGINE", lib.ERR_LIB_ENGINE),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS", lib.ERR_LIB_ESS),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EVP", lib.ERR_LIB_EVP),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIPS", lib.ERR_LIB_FIPS),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HMAC", lib.ERR_LIB_HMAC),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HTTP", lib.ERR_LIB_HTTP),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KDF", lib.ERR_LIB_KDF),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MASK", lib.ERR_LIB_MASK),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NONE", lib.ERR_LIB_NONE),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OBJ", lib.ERR_LIB_OBJ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OCSP", lib.ERR_LIB_OCSP),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OFFSET", lib.ERR_LIB_OFFSET),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OSSL_DECODER", lib.ERR_LIB_OSSL_DECODER),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OSSL_ENCODER", lib.ERR_LIB_OSSL_ENCODER),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OSSL_STORE", lib.ERR_LIB_OSSL_STORE),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEM", lib.ERR_LIB_PEM),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS12", lib.ERR_LIB_PKCS12),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7", lib.ERR_LIB_PKCS7),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROP", lib.ERR_LIB_PROP),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROV", lib.ERR_LIB_PROV),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RAND", lib.ERR_LIB_RAND),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RSA", lib.ERR_LIB_RSA),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SM2", lib.ERR_LIB_SM2),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL", lib.ERR_LIB_SSL),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SYS", lib.ERR_LIB_SYS),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TS", lib.ERR_LIB_TS),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UI", lib.ERR_LIB_UI),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("USER", lib.ERR_LIB_USER),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("X509", lib.ERR_LIB_X509),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("X509V3", lib.ERR_LIB_X509V3),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from _pypy_openssl import ffi, lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_lib_codes = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_lib_codes.append(("PEM", lib.ERR_LIB_PEM))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_lib_codes.append(("SSL", lib.ERR_LIB_SSL))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_lib_codes.append(("X509", lib.ERR_LIB_X509))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_BASE64_DECODE", lib.ERR_LIB_PEM, 100))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DECRYPT", lib.ERR_LIB_PEM, 101))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_END_LINE", lib.ERR_LIB_PEM, 102))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_IV_CHARS", lib.ERR_LIB_PEM, 103))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_MAGIC_NUMBER", lib.ERR_LIB_PEM, 116))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_PASSWORD_READ", lib.ERR_LIB_PEM, 104))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_VERSION_NUMBER", lib.ERR_LIB_PEM, 117))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BIO_WRITE_FAILURE", lib.ERR_LIB_PEM, 118))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CIPHER_IS_NULL", lib.ERR_LIB_PEM, 127))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ERROR_CONVERTING_PRIVATE_KEY", lib.ERR_LIB_PEM, 115))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("EXPECTING_PRIVATE_KEY_BLOB", lib.ERR_LIB_PEM, 119))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("EXPECTING_PUBLIC_KEY_BLOB", lib.ERR_LIB_PEM, 120))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INCONSISTENT_HEADER", lib.ERR_LIB_PEM, 121))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KEYBLOB_HEADER_PARSE_ERROR", lib.ERR_LIB_PEM, 122))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KEYBLOB_TOO_SHORT", lib.ERR_LIB_PEM, 123))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NOT_DEK_INFO", lib.ERR_LIB_PEM, 105))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NOT_ENCRYPTED", lib.ERR_LIB_PEM, 106))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NOT_PROC_TYPE", lib.ERR_LIB_PEM, 107))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_START_LINE", lib.ERR_LIB_PEM, 108))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PROBLEMS_GETTING_PASSWORD", lib.ERR_LIB_PEM, 109))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PUBLIC_KEY_NO_RSA", lib.ERR_LIB_PEM, 110))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PVK_DATA_TOO_SHORT", lib.ERR_LIB_PEM, 124))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PVK_TOO_SHORT", lib.ERR_LIB_PEM, 125))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("READ_KEY", lib.ERR_LIB_PEM, 111))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SHORT_HEADER", lib.ERR_LIB_PEM, 112))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_ENCRYPTION", lib.ERR_LIB_PEM, 114))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_KEY_COMPONENTS", lib.ERR_LIB_PEM, 126))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("APP_DATA_IN_HANDSHAKE", lib.ERR_LIB_SSL, 100))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", lib.ERR_LIB_SSL, 272))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_ALERT_RECORD", lib.ERR_LIB_SSL, 101))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_AUTHENTICATION_TYPE", lib.ERR_LIB_SSL, 102))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_CHANGE_CIPHER_SPEC", lib.ERR_LIB_SSL, 103))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_CHECKSUM", lib.ERR_LIB_SSL, 104))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DATA", lib.ERR_LIB_SSL, 390))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DATA_RETURNED_BY_CALLBACK", lib.ERR_LIB_SSL, 106))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DECOMPRESSION", lib.ERR_LIB_SSL, 107))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DH_G_LENGTH", lib.ERR_LIB_SSL, 108))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DH_PUB_KEY_LENGTH", lib.ERR_LIB_SSL, 109))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DH_P_LENGTH", lib.ERR_LIB_SSL, 110))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DIGEST_LENGTH", lib.ERR_LIB_SSL, 111))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_DSA_SIGNATURE", lib.ERR_LIB_SSL, 112))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_ECC_CERT", lib.ERR_LIB_SSL, 304))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_ECDSA_SIGNATURE", lib.ERR_LIB_SSL, 305))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_ECPOINT", lib.ERR_LIB_SSL, 306))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_HANDSHAKE_LENGTH", lib.ERR_LIB_SSL, 332))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_HELLO_REQUEST", lib.ERR_LIB_SSL, 105))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_LENGTH", lib.ERR_LIB_SSL, 271))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_MAC_DECODE", lib.ERR_LIB_SSL, 113))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_MAC_LENGTH", lib.ERR_LIB_SSL, 333))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_MESSAGE_TYPE", lib.ERR_LIB_SSL, 114))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_PACKET_LENGTH", lib.ERR_LIB_SSL, 115))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_PROTOCOL_VERSION_NUMBER", lib.ERR_LIB_SSL, 116))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_PSK_IDENTITY_HINT_LENGTH", lib.ERR_LIB_SSL, 316))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_RESPONSE_ARGUMENT", lib.ERR_LIB_SSL, 117))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_RSA_DECRYPT", lib.ERR_LIB_SSL, 118))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_RSA_ENCRYPT", lib.ERR_LIB_SSL, 119))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_RSA_E_LENGTH", lib.ERR_LIB_SSL, 120))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_RSA_MODULUS_LENGTH", lib.ERR_LIB_SSL, 121))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_RSA_SIGNATURE", lib.ERR_LIB_SSL, 122))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SIGNATURE", lib.ERR_LIB_SSL, 123))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRP_A_LENGTH", lib.ERR_LIB_SSL, 347))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRP_B_LENGTH", lib.ERR_LIB_SSL, 348))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRP_G_LENGTH", lib.ERR_LIB_SSL, 349))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRP_N_LENGTH", lib.ERR_LIB_SSL, 350))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRP_PARAMETERS", lib.ERR_LIB_SSL, 371))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRP_S_LENGTH", lib.ERR_LIB_SSL, 351))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRTP_MKI_VALUE", lib.ERR_LIB_SSL, 352))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 353))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SSL_FILETYPE", lib.ERR_LIB_SSL, 124))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_SSL_SESSION_ID_LENGTH", lib.ERR_LIB_SSL, 125))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_STATE", lib.ERR_LIB_SSL, 126))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_VALUE", lib.ERR_LIB_SSL, 384))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_WRITE_RETRY", lib.ERR_LIB_SSL, 127))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BIO_NOT_SET", lib.ERR_LIB_SSL, 128))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BLOCK_CIPHER_PAD_IS_WRONG", lib.ERR_LIB_SSL, 129))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BN_LIB", lib.ERR_LIB_SSL, 130))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CA_DN_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 131))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CA_DN_TOO_LONG", lib.ERR_LIB_SSL, 132))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CERTIFICATE_VERIFY_FAILED", lib.ERR_LIB_SSL, 134))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CA_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 397))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CA_MD_TOO_WEAK", lib.ERR_LIB_SSL, 398))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CCS_RECEIVED_EARLY", lib.ERR_LIB_SSL, 133))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CERTIFICATE_VERIFY_FAILED", lib.ERR_LIB_SSL, 134))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CERT_CB_ERROR", lib.ERR_LIB_SSL, 377))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CERT_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 135))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CHALLENGE_IS_DIFFERENT", lib.ERR_LIB_SSL, 136))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CIPHER_CODE_WRONG_LENGTH", lib.ERR_LIB_SSL, 137))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CIPHER_OR_HASH_UNAVAILABLE", lib.ERR_LIB_SSL, 138))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CIPHER_TABLE_SRC_ERROR", lib.ERR_LIB_SSL, 139))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CLIENTHELLO_TLSEXT", lib.ERR_LIB_SSL, 226))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("COMPRESSED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 140))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("COMPRESSION_DISABLED", lib.ERR_LIB_SSL, 343))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("COMPRESSION_FAILURE", lib.ERR_LIB_SSL, 141))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", lib.ERR_LIB_SSL, 307))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("COMPRESSION_LIBRARY_ERROR", lib.ERR_LIB_SSL, 142))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CONNECTION_ID_IS_DIFFERENT", lib.ERR_LIB_SSL, 143))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CONNECTION_TYPE_NOT_SET", lib.ERR_LIB_SSL, 144))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("COOKIE_MISMATCH", lib.ERR_LIB_SSL, 308))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DATA_BETWEEN_CCS_AND_FINISHED", lib.ERR_LIB_SSL, 145))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DATA_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 146))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DECRYPTION_FAILED", lib.ERR_LIB_SSL, 147))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DECRYPTION_FAILED_OR_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 281))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DH_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 372))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DH_PUBLIC_VALUE_LENGTH_IS_WRONG", lib.ERR_LIB_SSL, 148))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DIGEST_CHECK_FAILED", lib.ERR_LIB_SSL, 149))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DTLS_MESSAGE_TOO_BIG", lib.ERR_LIB_SSL, 334))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("DUPLICATE_COMPRESSION_ID", lib.ERR_LIB_SSL, 309))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ECC_CERT_NOT_FOR_KEY_AGREEMENT", lib.ERR_LIB_SSL, 317))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ECC_CERT_NOT_FOR_SIGNING", lib.ERR_LIB_SSL, 318))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ECC_CERT_SHOULD_HAVE_RSA_SIGNATURE", lib.ERR_LIB_SSL, 322))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ECC_CERT_SHOULD_HAVE_SHA1_SIGNATURE", lib.ERR_LIB_SSL, 323))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ECDH_REQUIRED_FOR_SUITEB_MODE", lib.ERR_LIB_SSL, 374))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ECGROUP_TOO_LARGE_FOR_CIPHER", lib.ERR_LIB_SSL, 310))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("EE_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 399))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("EMPTY_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 354))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ENCRYPTED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 150))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ERROR_GENERATING_TMP_RSA_KEY", lib.ERR_LIB_SSL, 282))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ERROR_IN_RECEIVED_CIPHER_LIST", lib.ERR_LIB_SSL, 151))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("EXCESSIVE_MESSAGE_SIZE", lib.ERR_LIB_SSL, 152))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("EXTRA_DATA_IN_MESSAGE", lib.ERR_LIB_SSL, 153))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("GOT_A_FIN_BEFORE_A_CCS", lib.ERR_LIB_SSL, 154))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("GOT_NEXT_PROTO_BEFORE_A_CCS", lib.ERR_LIB_SSL, 355))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("GOT_NEXT_PROTO_WITHOUT_EXTENSION", lib.ERR_LIB_SSL, 356))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("HTTPS_PROXY_REQUEST", lib.ERR_LIB_SSL, 155))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("HTTP_REQUEST", lib.ERR_LIB_SSL, 156))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ILLEGAL_PADDING", lib.ERR_LIB_SSL, 283))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ILLEGAL_SUITEB_DIGEST", lib.ERR_LIB_SSL, 380))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 373))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INCONSISTENT_COMPRESSION", lib.ERR_LIB_SSL, 340))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_CHALLENGE_LENGTH", lib.ERR_LIB_SSL, 158))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_COMMAND", lib.ERR_LIB_SSL, 280))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 341))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_NULL_CMD_NAME", lib.ERR_LIB_SSL, 385))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_PURPOSE", lib.ERR_LIB_SSL, 278))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_SERVERINFO_DATA", lib.ERR_LIB_SSL, 388))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_SRP_USERNAME", lib.ERR_LIB_SSL, 357))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_STATUS_RESPONSE", lib.ERR_LIB_SSL, 328))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_TICKET_KEYS_LENGTH", lib.ERR_LIB_SSL, 325))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KEY_ARG_TOO_LONG", lib.ERR_LIB_SSL, 284))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5", lib.ERR_LIB_SSL, 285))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_C_CC_PRINC", lib.ERR_LIB_SSL, 286))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_C_GET_CRED", lib.ERR_LIB_SSL, 287))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_C_INIT", lib.ERR_LIB_SSL, 288))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_C_MK_REQ", lib.ERR_LIB_SSL, 289))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_S_BAD_TICKET", lib.ERR_LIB_SSL, 290))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_S_INIT", lib.ERR_LIB_SSL, 291))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_S_RD_REQ", lib.ERR_LIB_SSL, 292))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_S_TKT_EXPIRED", lib.ERR_LIB_SSL, 293))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_S_TKT_NYV", lib.ERR_LIB_SSL, 294))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KRB5_S_TKT_SKEW", lib.ERR_LIB_SSL, 295))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("LENGTH_MISMATCH", lib.ERR_LIB_SSL, 159))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("LENGTH_TOO_SHORT", lib.ERR_LIB_SSL, 160))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("LIBRARY_BUG", lib.ERR_LIB_SSL, 274))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 161))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MESSAGE_TOO_LONG", lib.ERR_LIB_SSL, 296))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_DH_DSA_CERT", lib.ERR_LIB_SSL, 162))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_DH_KEY", lib.ERR_LIB_SSL, 163))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_DH_RSA_CERT", lib.ERR_LIB_SSL, 164))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_DSA_SIGNING_CERT", lib.ERR_LIB_SSL, 165))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_ECDH_CERT", lib.ERR_LIB_SSL, 382))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_ECDSA_SIGNING_CERT", lib.ERR_LIB_SSL, 381))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_EXPORT_TMP_DH_KEY", lib.ERR_LIB_SSL, 166))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_EXPORT_TMP_RSA_KEY", lib.ERR_LIB_SSL, 167))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_RSA_CERTIFICATE", lib.ERR_LIB_SSL, 168))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_RSA_ENCRYPTING_CERT", lib.ERR_LIB_SSL, 169))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_RSA_SIGNING_CERT", lib.ERR_LIB_SSL, 170))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_SRP_PARAM", lib.ERR_LIB_SSL, 358))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_TMP_DH_KEY", lib.ERR_LIB_SSL, 171))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_TMP_ECDH_KEY", lib.ERR_LIB_SSL, 311))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_TMP_RSA_KEY", lib.ERR_LIB_SSL, 172))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_TMP_RSA_PKEY", lib.ERR_LIB_SSL, 173))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MISSING_VERIFY_MESSAGE", lib.ERR_LIB_SSL, 174))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("MULTIPLE_SGC_RESTARTS", lib.ERR_LIB_SSL, 346))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NON_SSLV2_INITIAL_PACKET", lib.ERR_LIB_SSL, 175))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CERTIFICATES_RETURNED", lib.ERR_LIB_SSL, 176))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CERTIFICATE_ASSIGNED", lib.ERR_LIB_SSL, 177))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CERTIFICATE_RETURNED", lib.ERR_LIB_SSL, 178))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CERTIFICATE_SET", lib.ERR_LIB_SSL, 179))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CERTIFICATE_SPECIFIED", lib.ERR_LIB_SSL, 180))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CIPHERS_AVAILABLE", lib.ERR_LIB_SSL, 181))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CIPHERS_PASSED", lib.ERR_LIB_SSL, 182))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CIPHERS_SPECIFIED", lib.ERR_LIB_SSL, 183))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CIPHER_LIST", lib.ERR_LIB_SSL, 184))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CIPHER_MATCH", lib.ERR_LIB_SSL, 185))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CLIENT_CERT_METHOD", lib.ERR_LIB_SSL, 331))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CLIENT_CERT_RECEIVED", lib.ERR_LIB_SSL, 186))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_COMPRESSION_SPECIFIED", lib.ERR_LIB_SSL, 187))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_GOST_CERTIFICATE_SENT_BY_PEER", lib.ERR_LIB_SSL, 330))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_METHOD_SPECIFIED", lib.ERR_LIB_SSL, 188))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_PEM_EXTENSIONS", lib.ERR_LIB_SSL, 389))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_PRIVATEKEY", lib.ERR_LIB_SSL, 189))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_PRIVATE_KEY_ASSIGNED", lib.ERR_LIB_SSL, 190))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_PROTOCOLS_AVAILABLE", lib.ERR_LIB_SSL, 191))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_PUBLICKEY", lib.ERR_LIB_SSL, 192))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_RENEGOTIATION", lib.ERR_LIB_SSL, 339))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_REQUIRED_DIGEST", lib.ERR_LIB_SSL, 324))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_SHARED_CIPHER", lib.ERR_LIB_SSL, 193))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_SHARED_SIGATURE_ALGORITHMS", lib.ERR_LIB_SSL, 376))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_SRTP_PROFILES", lib.ERR_LIB_SSL, 359))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_VERIFY_CALLBACK", lib.ERR_LIB_SSL, 194))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NULL_SSL_CTX", lib.ERR_LIB_SSL, 195))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NULL_SSL_METHOD_PASSED", lib.ERR_LIB_SSL, 196))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("OLD_SESSION_CIPHER_NOT_RETURNED", lib.ERR_LIB_SSL, 197))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", lib.ERR_LIB_SSL, 344))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ONLY_DTLS_1_2_ALLOWED_IN_SUITEB_MODE", lib.ERR_LIB_SSL, 387))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ONLY_TLS_1_2_ALLOWED_IN_SUITEB_MODE", lib.ERR_LIB_SSL, 379))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ONLY_TLS_ALLOWED_IN_FIPS_MODE", lib.ERR_LIB_SSL, 297))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("OPAQUE_PRF_INPUT_TOO_LONG", lib.ERR_LIB_SSL, 327))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PACKET_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 198))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PARSE_TLSEXT", lib.ERR_LIB_SSL, 227))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PATH_TOO_LONG", lib.ERR_LIB_SSL, 270))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEER_DID_NOT_RETURN_A_CERTIFICATE", lib.ERR_LIB_SSL, 199))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEER_ERROR", lib.ERR_LIB_SSL, 200))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEER_ERROR_CERTIFICATE", lib.ERR_LIB_SSL, 201))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEER_ERROR_NO_CERTIFICATE", lib.ERR_LIB_SSL, 202))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEER_ERROR_NO_CIPHER", lib.ERR_LIB_SSL, 203))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 204))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEM_NAME_BAD_PREFIX", lib.ERR_LIB_SSL, 391))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PEM_NAME_TOO_SHORT", lib.ERR_LIB_SSL, 392))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PRE_MAC_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 205))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PROBLEMS_MAPPING_CIPHER_FUNCTIONS", lib.ERR_LIB_SSL, 206))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PROTOCOL_IS_SHUTDOWN", lib.ERR_LIB_SSL, 207))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PSK_IDENTITY_NOT_FOUND", lib.ERR_LIB_SSL, 223))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PSK_NO_CLIENT_CB", lib.ERR_LIB_SSL, 224))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PSK_NO_SERVER_CB", lib.ERR_LIB_SSL, 225))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PUBLIC_KEY_ENCRYPT_ERROR", lib.ERR_LIB_SSL, 208))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PUBLIC_KEY_IS_NOT_RSA", lib.ERR_LIB_SSL, 209))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PUBLIC_KEY_NOT_RSA", lib.ERR_LIB_SSL, 210))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("READ_BIO_NOT_SET", lib.ERR_LIB_SSL, 211))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("READ_TIMEOUT_EXPIRED", lib.ERR_LIB_SSL, 312))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("READ_WRONG_PACKET_TYPE", lib.ERR_LIB_SSL, 212))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("RECORD_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 213))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("RECORD_TOO_LARGE", lib.ERR_LIB_SSL, 214))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("RECORD_TOO_SMALL", lib.ERR_LIB_SSL, 298))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("RENEGOTIATE_EXT_TOO_LONG", lib.ERR_LIB_SSL, 335))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("RENEGOTIATION_ENCODING_ERR", lib.ERR_LIB_SSL, 336))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("RENEGOTIATION_MISMATCH", lib.ERR_LIB_SSL, 337))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("REQUIRED_CIPHER_MISSING", lib.ERR_LIB_SSL, 215))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("REQUIRED_COMPRESSSION_ALGORITHM_MISSING", lib.ERR_LIB_SSL, 342))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("REUSE_CERT_LENGTH_NOT_ZERO", lib.ERR_LIB_SSL, 216))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("REUSE_CERT_TYPE_NOT_ZERO", lib.ERR_LIB_SSL, 217))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("REUSE_CIPHER_LIST_NOT_ZERO", lib.ERR_LIB_SSL, 218))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SCSV_RECEIVED_WHEN_RENEGOTIATING", lib.ERR_LIB_SSL, 345))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SERVERHELLO_TLSEXT", lib.ERR_LIB_SSL, 275))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SESSION_ID_CONTEXT_UNINITIALIZED", lib.ERR_LIB_SSL, 277))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SHORT_READ", lib.ERR_LIB_SSL, 219))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SIGNATURE_ALGORITHMS_ERROR", lib.ERR_LIB_SSL, 360))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", lib.ERR_LIB_SSL, 220))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SRP_A_CALC", lib.ERR_LIB_SSL, 361))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SRTP_COULD_NOT_ALLOCATE_PROFILES", lib.ERR_LIB_SSL, 362))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", lib.ERR_LIB_SSL, 363))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SRTP_UNKNOWN_PROTECTION_PROFILE", lib.ERR_LIB_SSL, 364))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL23_DOING_SESSION_ID_REUSE", lib.ERR_LIB_SSL, 221))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL2_CONNECTION_ID_TOO_LONG", lib.ERR_LIB_SSL, 299))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL3_EXT_INVALID_ECPOINTFORMAT", lib.ERR_LIB_SSL, 321))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL3_EXT_INVALID_SERVERNAME", lib.ERR_LIB_SSL, 319))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL3_EXT_INVALID_SERVERNAME_TYPE", lib.ERR_LIB_SSL, 320))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL3_SESSION_ID_TOO_LONG", lib.ERR_LIB_SSL, 300))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL3_SESSION_ID_TOO_SHORT", lib.ERR_LIB_SSL, 222))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_BAD_CERTIFICATE", lib.ERR_LIB_SSL, 1042))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 1020))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_CERTIFICATE_EXPIRED", lib.ERR_LIB_SSL, 1045))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_CERTIFICATE_REVOKED", lib.ERR_LIB_SSL, 1044))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_CERTIFICATE_UNKNOWN", lib.ERR_LIB_SSL, 1046))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_DECOMPRESSION_FAILURE", lib.ERR_LIB_SSL, 1030))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 1040))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_ILLEGAL_PARAMETER", lib.ERR_LIB_SSL, 1047))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_NO_CERTIFICATE", lib.ERR_LIB_SSL, 1041))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 1010))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", lib.ERR_LIB_SSL, 1043))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", lib.ERR_LIB_SSL, 228))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 229))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 230))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_NEGATIVE_LENGTH", lib.ERR_LIB_SSL, 372))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_SESSION_ID_CALLBACK_FAILED", lib.ERR_LIB_SSL, 301))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_SESSION_ID_CONFLICT", lib.ERR_LIB_SSL, 302))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_SESSION_ID_CONTEXT_TOO_LONG", lib.ERR_LIB_SSL, 273))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_SESSION_ID_HAS_BAD_LENGTH", lib.ERR_LIB_SSL, 303))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SSL_SESSION_ID_IS_DIFFERENT", lib.ERR_LIB_SSL, 231))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_ACCESS_DENIED", lib.ERR_LIB_SSL, 1049))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_DECODE_ERROR", lib.ERR_LIB_SSL, 1050))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_DECRYPTION_FAILED", lib.ERR_LIB_SSL, 1021))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_DECRYPT_ERROR", lib.ERR_LIB_SSL, 1051))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_EXPORT_RESTRICTION", lib.ERR_LIB_SSL, 1060))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 1086))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_INSUFFICIENT_SECURITY", lib.ERR_LIB_SSL, 1071))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_INTERNAL_ERROR", lib.ERR_LIB_SSL, 1080))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_NO_RENEGOTIATION", lib.ERR_LIB_SSL, 1100))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_PROTOCOL_VERSION", lib.ERR_LIB_SSL, 1070))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_RECORD_OVERFLOW", lib.ERR_LIB_SSL, 1022))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_UNKNOWN_CA", lib.ERR_LIB_SSL, 1048))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_ALERT_USER_CANCELLED", lib.ERR_LIB_SSL, 1090))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_BAD_CERTIFICATE_HASH_VALUE", lib.ERR_LIB_SSL, 1114))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", lib.ERR_LIB_SSL, 1113))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_CERTIFICATE_UNOBTAINABLE", lib.ERR_LIB_SSL, 1111))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_UNRECOGNIZED_NAME", lib.ERR_LIB_SSL, 1112))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLSV1_UNSUPPORTED_EXTENSION", lib.ERR_LIB_SSL, 1110))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER", lib.ERR_LIB_SSL, 232))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_HEARTBEAT_PEER_DOESNT_ACCEPT", lib.ERR_LIB_SSL, 365))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_HEARTBEAT_PENDING", lib.ERR_LIB_SSL, 366))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_ILLEGAL_EXPORTER_LABEL", lib.ERR_LIB_SSL, 367))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_INVALID_ECPOINTFORMAT_LIST", lib.ERR_LIB_SSL, 157))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST", lib.ERR_LIB_SSL, 233))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG", lib.ERR_LIB_SSL, 234))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("TRIED_TO_USE_UNSUPPORTED_CIPHER", lib.ERR_LIB_SSL, 235))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_DECODE_DH_CERTS", lib.ERR_LIB_SSL, 236))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_DECODE_ECDH_CERTS", lib.ERR_LIB_SSL, 313))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_EXTRACT_PUBLIC_KEY", lib.ERR_LIB_SSL, 237))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_FIND_DH_PARAMETERS", lib.ERR_LIB_SSL, 238))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_FIND_ECDH_PARAMETERS", lib.ERR_LIB_SSL, 314))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", lib.ERR_LIB_SSL, 239))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_FIND_SSL_METHOD", lib.ERR_LIB_SSL, 240))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_LOAD_SSL2_MD5_ROUTINES", lib.ERR_LIB_SSL, 241))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", lib.ERR_LIB_SSL, 242))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", lib.ERR_LIB_SSL, 243))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 244))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNEXPECTED_RECORD", lib.ERR_LIB_SSL, 245))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNINITIALIZED", lib.ERR_LIB_SSL, 276))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_ALERT_TYPE", lib.ERR_LIB_SSL, 246))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 247))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_CIPHER_RETURNED", lib.ERR_LIB_SSL, 248))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_CIPHER_TYPE", lib.ERR_LIB_SSL, 249))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_CMD_NAME", lib.ERR_LIB_SSL, 386))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_DIGEST", lib.ERR_LIB_SSL, 368))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_KEY_EXCHANGE_TYPE", lib.ERR_LIB_SSL, 250))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_PKEY_TYPE", lib.ERR_LIB_SSL, 251))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_PROTOCOL", lib.ERR_LIB_SSL, 252))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_REMOTE_ERROR_TYPE", lib.ERR_LIB_SSL, 253))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_SSL_VERSION", lib.ERR_LIB_SSL, 254))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_STATE", lib.ERR_LIB_SSL, 255))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSAFE_LEGACY_RENEGOTIATION_DISABLED", lib.ERR_LIB_SSL, 338))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_CIPHER", lib.ERR_LIB_SSL, 256))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 257))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_DIGEST_TYPE", lib.ERR_LIB_SSL, 326))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_ELLIPTIC_CURVE", lib.ERR_LIB_SSL, 315))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_PROTOCOL", lib.ERR_LIB_SSL, 258))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_SSL_VERSION", lib.ERR_LIB_SSL, 259))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_STATUS_TYPE", lib.ERR_LIB_SSL, 329))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("USE_SRTP_NOT_NEGOTIATED", lib.ERR_LIB_SSL, 369))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("VERSION_TOO_LOW", lib.ERR_LIB_SSL, 396))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRITE_BIO_NOT_SET", lib.ERR_LIB_SSL, 260))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 383))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_CIPHER_RETURNED", lib.ERR_LIB_SSL, 261))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_CURVE", lib.ERR_LIB_SSL, 378))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_MESSAGE_TYPE", lib.ERR_LIB_SSL, 262))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_NUMBER_OF_KEY_BITS", lib.ERR_LIB_SSL, 263))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_SIGNATURE_LENGTH", lib.ERR_LIB_SSL, 264))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_SIGNATURE_SIZE", lib.ERR_LIB_SSL, 265))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_SIGNATURE_TYPE", lib.ERR_LIB_SSL, 370))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_SSL_VERSION", lib.ERR_LIB_SSL, 266))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_VERSION_NUMBER", lib.ERR_LIB_SSL, 267))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("X509_LIB", lib.ERR_LIB_SSL, 268))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("X509_VERIFICATION_SETUP_PROBLEMS", lib.ERR_LIB_SSL, 269))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("AKID_MISMATCH", lib.ERR_LIB_X509, 110))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BAD_X509_FILETYPE", lib.ERR_LIB_X509, 100))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("BASE64_DECODE_ERROR", lib.ERR_LIB_X509, 118))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CANT_CHECK_DH_KEY", lib.ERR_LIB_X509, 114))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CERT_ALREADY_IN_HASH_TABLE", lib.ERR_LIB_X509, 101))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CRL_ALREADY_DELTA", lib.ERR_LIB_X509, 127))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("CRL_VERIFY_FAILURE", lib.ERR_LIB_X509, 131))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ERR_ASN1_LIB", lib.ERR_LIB_X509, 102))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("IDP_MISMATCH", lib.ERR_LIB_X509, 128))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_DIRECTORY", lib.ERR_LIB_X509, 113))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_FIELD_NAME", lib.ERR_LIB_X509, 119))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("INVALID_TRUST", lib.ERR_LIB_X509, 123))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("ISSUER_MISMATCH", lib.ERR_LIB_X509, 129))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KEY_TYPE_MISMATCH", lib.ERR_LIB_X509, 115))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("KEY_VALUES_MISMATCH", lib.ERR_LIB_X509, 116))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("LOADING_CERT_DIR", lib.ERR_LIB_X509, 103))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("LOADING_DEFAULTS", lib.ERR_LIB_X509, 104))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("METHOD_NOT_SUPPORTED", lib.ERR_LIB_X509, 124))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NEWER_CRL_NOT_NEWER", lib.ERR_LIB_X509, 132))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CERT_SET_FOR_US_TO_VERIFY", lib.ERR_LIB_X509, 105))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("NO_CRL_NUMBER", lib.ERR_LIB_X509, 130))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PUBLIC_KEY_DECODE_ERROR", lib.ERR_LIB_X509, 125))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("PUBLIC_KEY_ENCODE_ERROR", lib.ERR_LIB_X509, 126))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("SHOULD_RETRY", lib.ERR_LIB_X509, 106))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", lib.ERR_LIB_X509, 107))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNABLE_TO_GET_CERTS_PUBLIC_KEY", lib.ERR_LIB_X509, 108))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_KEY_TYPE", lib.ERR_LIB_X509, 117))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_NID", lib.ERR_LIB_X509, 109))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_PURPOSE_ID", lib.ERR_LIB_X509, 121))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNKNOWN_TRUST_ID", lib.ERR_LIB_X509, 120))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_X509, 111))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_LOOKUP_TYPE", lib.ERR_LIB_X509, 112))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_error_codes.append(("WRONG_TYPE", lib.ERR_LIB_X509, 122))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+_error_codes = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ADDING_OBJECT", lib.ERR_LIB_ASN1, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASN1_PARSE_ERROR", lib.ERR_LIB_ASN1, 203),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASN1_SIG_PARSE_ERROR", lib.ERR_LIB_ASN1, 204),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("AUX_ERROR", lib.ERR_LIB_ASN1, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_OBJECT_HEADER", lib.ERR_LIB_ASN1, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_TEMPLATE", lib.ERR_LIB_ASN1, 230),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BMPSTRING_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 214),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_LIB", lib.ERR_LIB_ASN1, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BOOLEAN_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BUFFER_TOO_SMALL", lib.ERR_LIB_ASN1, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_HAS_NO_OBJECT_IDENTIFIER", lib.ERR_LIB_ASN1, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTEXT_NOT_INITIALISED", lib.ERR_LIB_ASN1, 217),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_IS_WRONG", lib.ERR_LIB_ASN1, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_ASN1, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DEPTH_EXCEEDED", lib.ERR_LIB_ASN1, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_AND_KEY_TYPE_NOT_SUPPORTED", lib.ERR_LIB_ASN1, 198),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCODE_ERROR", lib.ERR_LIB_ASN1, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_GETTING_TIME", lib.ERR_LIB_ASN1, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_LOADING_SECTION", lib.ERR_LIB_ASN1, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_CIPHER_PARAMS", lib.ERR_LIB_ASN1, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_AN_INTEGER", lib.ERR_LIB_ASN1, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_AN_OBJECT", lib.ERR_LIB_ASN1, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPLICIT_LENGTH_MISMATCH", lib.ERR_LIB_ASN1, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPLICIT_TAG_NOT_CONSTRUCTED", lib.ERR_LIB_ASN1, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIELD_MISSING", lib.ERR_LIB_ASN1, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIRST_NUM_TOO_LARGE", lib.ERR_LIB_ASN1, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HEADER_TOO_LONG", lib.ERR_LIB_ASN1, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_BITSTRING_FORMAT", lib.ERR_LIB_ASN1, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_BOOLEAN", lib.ERR_LIB_ASN1, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_CHARACTERS", lib.ERR_LIB_ASN1, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_FORMAT", lib.ERR_LIB_ASN1, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_HEX", lib.ERR_LIB_ASN1, 178),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_IMPLICIT_TAG", lib.ERR_LIB_ASN1, 179),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_INTEGER", lib.ERR_LIB_ASN1, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_NEGATIVE_VALUE", lib.ERR_LIB_ASN1, 226),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_NESTED_TAGGING", lib.ERR_LIB_ASN1, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_NULL", lib.ERR_LIB_ASN1, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_NULL_VALUE", lib.ERR_LIB_ASN1, 182),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_OBJECT", lib.ERR_LIB_ASN1, 183),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_OPTIONAL_ANY", lib.ERR_LIB_ASN1, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_OPTIONS_ON_ITEM_TEMPLATE", lib.ERR_LIB_ASN1, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_PADDING", lib.ERR_LIB_ASN1, 221),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_TAGGED_ANY", lib.ERR_LIB_ASN1, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_TIME_VALUE", lib.ERR_LIB_ASN1, 184),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_ZERO_CONTENT", lib.ERR_LIB_ASN1, 222),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INTEGER_NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 185),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INTEGER_TOO_LARGE_FOR_LONG", lib.ERR_LIB_ASN1, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_BIT_STRING_BITS_LEFT", lib.ERR_LIB_ASN1, 220),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_BMPSTRING_LENGTH", lib.ERR_LIB_ASN1, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGIT", lib.ERR_LIB_ASN1, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MIME_TYPE", lib.ERR_LIB_ASN1, 205),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MODIFIER", lib.ERR_LIB_ASN1, 186),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NUMBER", lib.ERR_LIB_ASN1, 187),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OBJECT_ENCODING", lib.ERR_LIB_ASN1, 216),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SCRYPT_PARAMETERS", lib.ERR_LIB_ASN1, 227),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SEPARATOR", lib.ERR_LIB_ASN1, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_STRING_TABLE_VALUE", lib.ERR_LIB_ASN1, 218),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_UNIVERSALSTRING_LENGTH", lib.ERR_LIB_ASN1, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_UTF8STRING", lib.ERR_LIB_ASN1, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_VALUE", lib.ERR_LIB_ASN1, 219),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LENGTH_TOO_LONG", lib.ERR_LIB_ASN1, 231),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LIST_ERROR", lib.ERR_LIB_ASN1, 188),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MIME_NO_CONTENT_TYPE", lib.ERR_LIB_ASN1, 206),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MIME_PARSE_ERROR", lib.ERR_LIB_ASN1, 207),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MIME_SIG_PARSE_ERROR", lib.ERR_LIB_ASN1, 208),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_EOC", lib.ERR_LIB_ASN1, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SECOND_NUMBER", lib.ERR_LIB_ASN1, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_VALUE", lib.ERR_LIB_ASN1, 189),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MSTRING_NOT_UNIVERSAL", lib.ERR_LIB_ASN1, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MSTRING_WRONG_TAG", lib.ERR_LIB_ASN1, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NESTED_ASN1_STRING", lib.ERR_LIB_ASN1, 197),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NESTED_TOO_DEEP", lib.ERR_LIB_ASN1, 201),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NON_HEX_CHARACTERS", lib.ERR_LIB_ASN1, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 190),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_ENOUGH_DATA", lib.ERR_LIB_ASN1, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONTENT_TYPE", lib.ERR_LIB_ASN1, 209),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MATCHING_CHOICE_TYPE", lib.ERR_LIB_ASN1, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MULTIPART_BODY_FAILURE", lib.ERR_LIB_ASN1, 210),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MULTIPART_BOUNDARY", lib.ERR_LIB_ASN1, 211),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SIG_CONTENT_TYPE", lib.ERR_LIB_ASN1, 212),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OBJECT_NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 191),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ODD_NUMBER_OF_CHARS", lib.ERR_LIB_ASN1, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SECOND_NUMBER_TOO_LARGE", lib.ERR_LIB_ASN1, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEQUENCE_LENGTH_MISMATCH", lib.ERR_LIB_ASN1, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEQUENCE_NOT_CONSTRUCTED", lib.ERR_LIB_ASN1, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEQUENCE_OR_SET_NEEDS_CONFIG", lib.ERR_LIB_ASN1, 192),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHORT_LINE", lib.ERR_LIB_ASN1, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIG_INVALID_MIME_TYPE", lib.ERR_LIB_ASN1, 213),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STREAMING_NOT_SUPPORTED", lib.ERR_LIB_ASN1, 202),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STRING_TOO_LONG", lib.ERR_LIB_ASN1, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STRING_TOO_SHORT", lib.ERR_LIB_ASN1, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", lib.ERR_LIB_ASN1, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TIME_NOT_ASCII_FORMAT", lib.ERR_LIB_ASN1, 193),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_LARGE", lib.ERR_LIB_ASN1, 223),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_LONG", lib.ERR_LIB_ASN1, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_SMALL", lib.ERR_LIB_ASN1, 224),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_CONSTRUCTED", lib.ERR_LIB_ASN1, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_PRIMITIVE", lib.ERR_LIB_ASN1, 195),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_EOC", lib.ERR_LIB_ASN1, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNIVERSALSTRING_IS_WRONG_LENGTH", lib.ERR_LIB_ASN1, 215),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST", lib.ERR_LIB_ASN1, 229),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_FORMAT", lib.ERR_LIB_ASN1, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_MESSAGE_DIGEST_ALGORITHM", lib.ERR_LIB_ASN1, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_OBJECT_TYPE", lib.ERR_LIB_ASN1, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PUBLIC_KEY_TYPE", lib.ERR_LIB_ASN1, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_SIGNATURE_ALGORITHM", lib.ERR_LIB_ASN1, 199),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_TAG", lib.ERR_LIB_ASN1, 194),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ANY_DEFINED_BY_TYPE", lib.ERR_LIB_ASN1, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_ASN1, 228),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PUBLIC_KEY_TYPE", lib.ERR_LIB_ASN1, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_TYPE", lib.ERR_LIB_ASN1, 196),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_INTEGER_TYPE", lib.ERR_LIB_ASN1, 225),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_PUBLIC_KEY_TYPE", lib.ERR_LIB_ASN1, 200),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_TAG", lib.ERR_LIB_ASN1, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_SET_POOL", lib.ERR_LIB_ASYNC, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_SWAP_CONTEXT", lib.ERR_LIB_ASYNC, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INIT_FAILED", lib.ERR_LIB_ASYNC, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_POOL_SIZE", lib.ERR_LIB_ASYNC, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ACCEPT_ERROR", lib.ERR_LIB_BIO, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ADDRINFO_ADDR_IS_NOT_AF_INET", lib.ERR_LIB_BIO, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("AMBIGUOUS_HOST_OR_SERVICE", lib.ERR_LIB_BIO, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_FOPEN_MODE", lib.ERR_LIB_BIO, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BROKEN_PIPE", lib.ERR_LIB_BIO, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONNECT_ERROR", lib.ERR_LIB_BIO, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONNECT_TIMEOUT", lib.ERR_LIB_BIO, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GETHOSTBYNAME_ADDR_IS_NOT_AF_INET", lib.ERR_LIB_BIO, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GETSOCKNAME_ERROR", lib.ERR_LIB_BIO, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GETSOCKNAME_TRUNCATED_ADDRESS", lib.ERR_LIB_BIO, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GETTING_SOCKTYPE", lib.ERR_LIB_BIO, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ARGUMENT", lib.ERR_LIB_BIO, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SOCKET", lib.ERR_LIB_BIO, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IN_USE", lib.ERR_LIB_BIO, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LENGTH_TOO_LONG", lib.ERR_LIB_BIO, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LISTEN_V6_ONLY", lib.ERR_LIB_BIO, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOOKUP_RETURNED_NOTHING", lib.ERR_LIB_BIO, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MALFORMED_HOST_OR_SERVICE", lib.ERR_LIB_BIO, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NBIO_CONNECT_ERROR", lib.ERR_LIB_BIO, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_ACCEPT_ADDR_OR_SERVICE_SPECIFIED", lib.ERR_LIB_BIO, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_HOSTNAME_OR_SERVICE_SPECIFIED", lib.ERR_LIB_BIO, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PORT_DEFINED", lib.ERR_LIB_BIO, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUCH_FILE", lib.ERR_LIB_BIO, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TRANSFER_ERROR", lib.ERR_LIB_BIO, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TRANSFER_TIMEOUT", lib.ERR_LIB_BIO, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_BIND_SOCKET", lib.ERR_LIB_BIO, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_CREATE_SOCKET", lib.ERR_LIB_BIO, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_KEEPALIVE", lib.ERR_LIB_BIO, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LISTEN_SOCKET", lib.ERR_LIB_BIO, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_NODELAY", lib.ERR_LIB_BIO, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_REUSEADDR", lib.ERR_LIB_BIO, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNAVAILABLE_IP_FAMILY", lib.ERR_LIB_BIO, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNINITIALIZED", lib.ERR_LIB_BIO, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_INFO_TYPE", lib.ERR_LIB_BIO, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_IP_FAMILY", lib.ERR_LIB_BIO, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_METHOD", lib.ERR_LIB_BIO, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PROTOCOL_FAMILY", lib.ERR_LIB_BIO, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRITE_TO_READ_ONLY_BIO", lib.ERR_LIB_BIO, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WSASTARTUP", lib.ERR_LIB_BIO, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ARG2_LT_ARG3", lib.ERR_LIB_BN, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_RECIPROCAL", lib.ERR_LIB_BN, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BIGNUM_TOO_LONG", lib.ERR_LIB_BN, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BITS_TOO_SMALL", lib.ERR_LIB_BN, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CALLED_WITH_EVEN_MODULUS", lib.ERR_LIB_BN, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIV_BY_ZERO", lib.ERR_LIB_BN, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCODING_ERROR", lib.ERR_LIB_BN, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPAND_ON_STATIC_BIGNUM_DATA", lib.ERR_LIB_BN, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INPUT_NOT_REDUCED", lib.ERR_LIB_BN, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LENGTH", lib.ERR_LIB_BN, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_RANGE", lib.ERR_LIB_BN, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SHIFT", lib.ERR_LIB_BN, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_SQUARE", lib.ERR_LIB_BN, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_INITIALIZED", lib.ERR_LIB_BN, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_INVERSE", lib.ERR_LIB_BN, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SOLUTION", lib.ERR_LIB_BN, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUITABLE_DIGEST", lib.ERR_LIB_BN, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_TOO_LARGE", lib.ERR_LIB_BN, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("P_IS_NOT_PRIME", lib.ERR_LIB_BN, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_ITERATIONS", lib.ERR_LIB_BN, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_TEMPORARY_VARIABLES", lib.ERR_LIB_BN, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ALGORITHM_NOT_SUPPORTED", lib.ERR_LIB_CMP, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_CHECKAFTER_IN_POLLREP", lib.ERR_LIB_CMP, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_REQUEST_ID", lib.ERR_LIB_CMP, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTHASH_UNMATCHED", lib.ERR_LIB_CMP, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTID_NOT_FOUND", lib.ERR_LIB_CMP, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_NOT_ACCEPTED", lib.ERR_LIB_CMP, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_NOT_FOUND", lib.ERR_LIB_CMP, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTREQMSG_NOT_FOUND", lib.ERR_LIB_CMP, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTRESPONSE_NOT_FOUND", lib.ERR_LIB_CMP, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERT_AND_KEY_DO_NOT_MATCH", lib.ERR_LIB_CMP, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECKAFTER_OUT_OF_RANGE", lib.ERR_LIB_CMP, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCOUNTERED_KEYUPDATEWARNING", lib.ERR_LIB_CMP, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCOUNTERED_WAITING", lib.ERR_LIB_CMP, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CALCULATING_PROTECTION", lib.ERR_LIB_CMP, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_CERTCONF", lib.ERR_LIB_CMP, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_CERTREP", lib.ERR_LIB_CMP, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_CERTREQ", lib.ERR_LIB_CMP, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_ERROR", lib.ERR_LIB_CMP, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_GENM", lib.ERR_LIB_CMP, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_GENP", lib.ERR_LIB_CMP, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_PKICONF", lib.ERR_LIB_CMP, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_POLLREP", lib.ERR_LIB_CMP, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_POLLREQ", lib.ERR_LIB_CMP, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_RP", lib.ERR_LIB_CMP, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_RR", lib.ERR_LIB_CMP, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_PARSING_PKISTATUS", lib.ERR_LIB_CMP, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_PROCESSING_MESSAGE", lib.ERR_LIB_CMP, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_PROTECTING_MESSAGE", lib.ERR_LIB_CMP, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_CERTHASH", lib.ERR_LIB_CMP, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_UNEXPECTED_CERTCONF", lib.ERR_LIB_CMP, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_VALIDATING_PROTECTION", lib.ERR_LIB_CMP, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_VALIDATING_SIGNATURE", lib.ERR_LIB_CMP, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_BUILDING_OWN_CHAIN", lib.ERR_LIB_CMP, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_EXTRACTING_PUBKEY", lib.ERR_LIB_CMP, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILURE_OBTAINING_RANDOM", lib.ERR_LIB_CMP, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAIL_INFO_OUT_OF_RANGE", lib.ERR_LIB_CMP, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ARGS", lib.ERR_LIB_CMP, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OPTION", lib.ERR_LIB_CMP, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CERTID", lib.ERR_LIB_CMP, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_KEY_INPUT_FOR_CREATING_PROTECTION", lib.ERR_LIB_CMP, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_KEY_USAGE_DIGITALSIGNATURE", lib.ERR_LIB_CMP, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_P10CSR", lib.ERR_LIB_CMP, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PBM_SECRET", lib.ERR_LIB_CMP, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_CMP, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PROTECTION", lib.ERR_LIB_CMP, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_REFERENCE_CERT", lib.ERR_LIB_CMP, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SENDER_IDENTIFICATION", lib.ERR_LIB_CMP, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_TRUST_STORE", lib.ERR_LIB_CMP, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MULTIPLE_REQUESTS_NOT_SUPPORTED", lib.ERR_LIB_CMP, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MULTIPLE_RESPONSES_NOT_SUPPORTED", lib.ERR_LIB_CMP, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MULTIPLE_SAN_SOURCES", lib.ERR_LIB_CMP, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_STDIO", lib.ERR_LIB_CMP, 194),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUITABLE_SENDER_CERT", lib.ERR_LIB_CMP, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_ARGUMENT", lib.ERR_LIB_CMP, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKIBODY_ERROR", lib.ERR_LIB_CMP, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKISTATUSINFO_NOT_FOUND", lib.ERR_LIB_CMP, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POLLING_FAILED", lib.ERR_LIB_CMP, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POTENTIALLY_INVALID_CERTIFICATE", lib.ERR_LIB_CMP, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECEIVED_ERROR", lib.ERR_LIB_CMP, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECIPNONCE_UNMATCHED", lib.ERR_LIB_CMP, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_NOT_ACCEPTED", lib.ERR_LIB_CMP, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_REJECTED_BY_SERVER", lib.ERR_LIB_CMP, 182),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SENDER_GENERALNAME_TYPE_NOT_SUPPORTED", lib.ERR_LIB_CMP, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SRVCERT_DOES_NOT_VALIDATE_MSG", lib.ERR_LIB_CMP, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOTAL_TIMEOUT", lib.ERR_LIB_CMP, 184),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TRANSACTIONID_UNMATCHED", lib.ERR_LIB_CMP, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TRANSFER_ERROR", lib.ERR_LIB_CMP, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_PKIBODY", lib.ERR_LIB_CMP, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_PKISTATUS", lib.ERR_LIB_CMP, 185),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_PVNO", lib.ERR_LIB_CMP, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_ALGORITHM_ID", lib.ERR_LIB_CMP, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CERT_TYPE", lib.ERR_LIB_CMP, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PKISTATUS", lib.ERR_LIB_CMP, 186),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_CMP, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_TYPE", lib.ERR_LIB_CMP, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PROTECTION_ALG_DHBASEDMAC", lib.ERR_LIB_CMP, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VALUE_TOO_LARGE", lib.ERR_LIB_CMP, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VALUE_TOO_SMALL", lib.ERR_LIB_CMP, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_ALGORITHM_OID", lib.ERR_LIB_CMP, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CERTID", lib.ERR_LIB_CMP, 189),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CERTID_IN_RP", lib.ERR_LIB_CMP, 187),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_PBM_VALUE", lib.ERR_LIB_CMP, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_RP_COMPONENT_COUNT", lib.ERR_LIB_CMP, 188),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_SERIAL_IN_RP", lib.ERR_LIB_CMP, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ADD_SIGNER_ERROR", lib.ERR_LIB_CMS, 99),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ATTRIBUTE_ERROR", lib.ERR_LIB_CMS, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_ALREADY_PRESENT", lib.ERR_LIB_CMS, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_HAS_NO_KEYID", lib.ERR_LIB_CMS, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_CMS, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_AEAD_SET_TAG_ERROR", lib.ERR_LIB_CMS, 184),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_GET_TAG", lib.ERR_LIB_CMS, 185),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_INITIALISATION_ERROR", lib.ERR_LIB_CMS, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_PARAMETER_INITIALISATION_ERROR", lib.ERR_LIB_CMS, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CMS_DATAFINAL_ERROR", lib.ERR_LIB_CMS, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CMS_LIB", lib.ERR_LIB_CMS, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENTIDENTIFIER_MISMATCH", lib.ERR_LIB_CMS, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_NOT_FOUND", lib.ERR_LIB_CMS, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_TYPE_MISMATCH", lib.ERR_LIB_CMS, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_TYPE_NOT_COMPRESSED_DATA", lib.ERR_LIB_CMS, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_TYPE_NOT_ENVELOPED_DATA", lib.ERR_LIB_CMS, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_TYPE_NOT_SIGNED_DATA", lib.ERR_LIB_CMS, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_VERIFY_ERROR", lib.ERR_LIB_CMS, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_ERROR", lib.ERR_LIB_CMS, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_FAILURE", lib.ERR_LIB_CMS, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_CMS, 187),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECRYPT_ERROR", lib.ERR_LIB_CMS, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_GETTING_PUBLIC_KEY", lib.ERR_LIB_CMS, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_READING_MESSAGEDIGEST_ATTRIBUTE", lib.ERR_LIB_CMS, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_KEY", lib.ERR_LIB_CMS, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_RECIPIENTINFO", lib.ERR_LIB_CMS, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_SIGNING_CERTID_MISMATCH_ERROR", lib.ERR_LIB_CMS, 183),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ENCRYPTED_KEY_LENGTH", lib.ERR_LIB_CMS, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY_ENCRYPTION_PARAMETER", lib.ERR_LIB_CMS, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY_LENGTH", lib.ERR_LIB_CMS, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LABEL", lib.ERR_LIB_CMS, 190),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OAEP_PARAMETERS", lib.ERR_LIB_CMS, 191),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KDF_PARAMETER_ERROR", lib.ERR_LIB_CMS, 186),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MD_BIO_INIT_ERROR", lib.ERR_LIB_CMS, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MESSAGEDIGEST_ATTRIBUTE_WRONG_LENGTH", lib.ERR_LIB_CMS, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MESSAGEDIGEST_WRONG_LENGTH", lib.ERR_LIB_CMS, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MSGSIGDIGEST_ERROR", lib.ERR_LIB_CMS, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MSGSIGDIGEST_VERIFICATION_FAILURE", lib.ERR_LIB_CMS, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MSGSIGDIGEST_WRONG_LENGTH", lib.ERR_LIB_CMS, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NEED_ONE_SIGNER", lib.ERR_LIB_CMS, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_SIGNED_RECEIPT", lib.ERR_LIB_CMS, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_ENCRYPTED_DATA", lib.ERR_LIB_CMS, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_KEK", lib.ERR_LIB_CMS, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_KEY_AGREEMENT", lib.ERR_LIB_CMS, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_KEY_TRANSPORT", lib.ERR_LIB_CMS, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_PWRI", lib.ERR_LIB_CMS, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_SUPPORTED_FOR_THIS_KEY_TYPE", lib.ERR_LIB_CMS, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CIPHER", lib.ERR_LIB_CMS, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONTENT", lib.ERR_LIB_CMS, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONTENT_TYPE", lib.ERR_LIB_CMS, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_DEFAULT_DIGEST", lib.ERR_LIB_CMS, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_DIGEST_SET", lib.ERR_LIB_CMS, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_KEY", lib.ERR_LIB_CMS, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_KEY_OR_CERT", lib.ERR_LIB_CMS, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MATCHING_DIGEST", lib.ERR_LIB_CMS, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MATCHING_RECIPIENT", lib.ERR_LIB_CMS, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MATCHING_SIGNATURE", lib.ERR_LIB_CMS, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MSGSIGDIGEST", lib.ERR_LIB_CMS, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PASSWORD", lib.ERR_LIB_CMS, 178),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PRIVATE_KEY", lib.ERR_LIB_CMS, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PUBLIC_KEY", lib.ERR_LIB_CMS, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_RECEIPT_REQUEST", lib.ERR_LIB_CMS, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SIGNERS", lib.ERR_LIB_CMS, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEER_KEY_ERROR", lib.ERR_LIB_CMS, 188),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_CMS, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECEIPT_DECODE_ERROR", lib.ERR_LIB_CMS, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECIPIENT_ERROR", lib.ERR_LIB_CMS, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHARED_INFO_ERROR", lib.ERR_LIB_CMS, 189),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNER_CERTIFICATE_NOT_FOUND", lib.ERR_LIB_CMS, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNFINAL_ERROR", lib.ERR_LIB_CMS, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SMIME_TEXT_ERROR", lib.ERR_LIB_CMS, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STORE_INIT_ERROR", lib.ERR_LIB_CMS, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_COMPRESSED_DATA", lib.ERR_LIB_CMS, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_DATA", lib.ERR_LIB_CMS, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_DIGESTED_DATA", lib.ERR_LIB_CMS, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_ENCRYPTED_DATA", lib.ERR_LIB_CMS, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TYPE_NOT_ENVELOPED_DATA", lib.ERR_LIB_CMS, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FINALIZE_CONTEXT", lib.ERR_LIB_CMS, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CIPHER", lib.ERR_LIB_CMS, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST_ALGORITHM", lib.ERR_LIB_CMS, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_ID", lib.ERR_LIB_CMS, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_COMPRESSION_ALGORITHM", lib.ERR_LIB_CMS, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CONTENT_TYPE", lib.ERR_LIB_CMS, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ENCRYPTION_TYPE", lib.ERR_LIB_CMS, 192),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEK_ALGORITHM", lib.ERR_LIB_CMS, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_ENCRYPTION_ALGORITHM", lib.ERR_LIB_CMS, 179),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_LABEL_SOURCE", lib.ERR_LIB_CMS, 193),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_RECIPIENTINFO_TYPE", lib.ERR_LIB_CMS, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_RECIPIENT_TYPE", lib.ERR_LIB_CMS, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_TYPE", lib.ERR_LIB_CMS, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNWRAP_ERROR", lib.ERR_LIB_CMS, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNWRAP_FAILURE", lib.ERR_LIB_CMS, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VERIFICATION_FAILURE", lib.ERR_LIB_CMS, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRAP_ERROR", lib.ERR_LIB_CMS, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ZLIB_DEFLATE_ERROR", lib.ERR_LIB_COMP, 99),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ZLIB_INFLATE_ERROR", lib.ERR_LIB_COMP, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ZLIB_NOT_SUPPORTED", lib.ERR_LIB_COMP, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_LOADING_DSO", lib.ERR_LIB_CONF, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PRAGMA", lib.ERR_LIB_CONF, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LIST_CANNOT_BE_NULL", lib.ERR_LIB_CONF, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MANDATORY_BRACES_IN_VARIABLE_EXPANSION", lib.ERR_LIB_CONF, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CLOSE_SQUARE_BRACKET", lib.ERR_LIB_CONF, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_EQUAL_SIGN", lib.ERR_LIB_CONF, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_INIT_FUNCTION", lib.ERR_LIB_CONF, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MODULE_INITIALIZATION_ERROR", lib.ERR_LIB_CONF, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CLOSE_BRACE", lib.ERR_LIB_CONF, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONF", lib.ERR_LIB_CONF, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONF_OR_ENVIRONMENT_VARIABLE", lib.ERR_LIB_CONF, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SECTION", lib.ERR_LIB_CONF, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUCH_FILE", lib.ERR_LIB_CONF, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_VALUE", lib.ERR_LIB_CONF, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NUMBER_TOO_LARGE", lib.ERR_LIB_CONF, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPENSSL_CONF_REFERENCES_MISSING_SECTION", lib.ERR_LIB_CONF, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECURSIVE_DIRECTORY_INCLUDE", lib.ERR_LIB_CONF, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RELATIVE_PATH", lib.ERR_LIB_CONF, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_COMMAND_SECTION_EMPTY", lib.ERR_LIB_CONF, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_COMMAND_SECTION_NOT_FOUND", lib.ERR_LIB_CONF, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SECTION_EMPTY", lib.ERR_LIB_CONF, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SECTION_NOT_FOUND", lib.ERR_LIB_CONF, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_CREATE_NEW_SECTION", lib.ERR_LIB_CONF, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_MODULE_NAME", lib.ERR_LIB_CONF, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VARIABLE_EXPANSION_TOO_LONG", lib.ERR_LIB_CONF, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VARIABLE_HAS_NO_VALUE", lib.ERR_LIB_CONF, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PBM_ITERATIONCOUNT", lib.ERR_LIB_CRMF, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CRMFERROR", lib.ERR_LIB_CRMF, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR", lib.ERR_LIB_CRMF, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_DECODING_CERTIFICATE", lib.ERR_LIB_CRMF, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_DECRYPTING_CERTIFICATE", lib.ERR_LIB_CRMF, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_DECRYPTING_SYMMETRIC_KEY", lib.ERR_LIB_CRMF, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILURE_OBTAINING_RANDOM", lib.ERR_LIB_CRMF, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ITERATIONCOUNT_BELOW_100", lib.ERR_LIB_CRMF, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MALFORMED_IV", lib.ERR_LIB_CRMF, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_ARGUMENT", lib.ERR_LIB_CRMF, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POPOSKINPUT_NOT_SUPPORTED", lib.ERR_LIB_CRMF, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POPO_INCONSISTENT_PUBLIC_KEY", lib.ERR_LIB_CRMF, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POPO_MISSING", lib.ERR_LIB_CRMF, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POPO_MISSING_PUBLIC_KEY", lib.ERR_LIB_CRMF, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POPO_MISSING_SUBJECT", lib.ERR_LIB_CRMF, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POPO_RAVERIFIED_NOT_ACCEPTED", lib.ERR_LIB_CRMF, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SETTING_MAC_ALGOR_FAILURE", lib.ERR_LIB_CRMF, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SETTING_OWF_ALGOR_FAILURE", lib.ERR_LIB_CRMF, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_CRMF, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_CRMF, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_METHOD_FOR_CREATING_POPO", lib.ERR_LIB_CRMF, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_POPO_METHOD", lib.ERR_LIB_CRMF, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_ALGORITHM_NAME", lib.ERR_LIB_CRYPTO, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONFLICTING_NAMES", lib.ERR_LIB_CRYPTO, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HEX_STRING_TOO_SHORT", lib.ERR_LIB_CRYPTO, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_HEX_DIGIT", lib.ERR_LIB_CRYPTO, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INSUFFICIENT_DATA_SPACE", lib.ERR_LIB_CRYPTO, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INSUFFICIENT_PARAM_SIZE", lib.ERR_LIB_CRYPTO, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INSUFFICIENT_SECURE_DATA_SPACE", lib.ERR_LIB_CRYPTO, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_ARGUMENT", lib.ERR_LIB_CRYPTO, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OSSL_PARAM_TYPE", lib.ERR_LIB_CRYPTO, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ODD_NUMBER_OF_DIGITS", lib.ERR_LIB_CRYPTO, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROVIDER_ALREADY_EXISTS", lib.ERR_LIB_CRYPTO, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROVIDER_SECTION_ERROR", lib.ERR_LIB_CRYPTO, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RANDOM_SECTION_ERROR", lib.ERR_LIB_CRYPTO, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SECURE_MALLOC_FAILURE", lib.ERR_LIB_CRYPTO, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STRING_TOO_LONG", lib.ERR_LIB_CRYPTO, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_BYTES", lib.ERR_LIB_CRYPTO, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_RECORDS", lib.ERR_LIB_CRYPTO, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_SMALL_BUFFER", lib.ERR_LIB_CRYPTO, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_NAME_IN_RANDOM_SECTION", lib.ERR_LIB_CRYPTO, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ZERO_LENGTH_NUMBER", lib.ERR_LIB_CRYPTO, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BASE64_DECODE_ERROR", lib.ERR_LIB_CT, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LOG_ID_LENGTH", lib.ERR_LIB_CT, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOG_CONF_INVALID", lib.ERR_LIB_CT, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOG_CONF_INVALID_KEY", lib.ERR_LIB_CT, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOG_CONF_MISSING_DESCRIPTION", lib.ERR_LIB_CT, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOG_CONF_MISSING_KEY", lib.ERR_LIB_CT, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOG_KEY_INVALID", lib.ERR_LIB_CT, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_FUTURE_TIMESTAMP", lib.ERR_LIB_CT, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_INVALID", lib.ERR_LIB_CT, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_INVALID_SIGNATURE", lib.ERR_LIB_CT, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_LIST_INVALID", lib.ERR_LIB_CT, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_LOG_ID_MISMATCH", lib.ERR_LIB_CT, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_NOT_SET", lib.ERR_LIB_CT, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_UNSUPPORTED_VERSION", lib.ERR_LIB_CT, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNRECOGNIZED_SIGNATURE_NID", lib.ERR_LIB_CT, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ENTRY_TYPE", lib.ERR_LIB_CT, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_VERSION", lib.ERR_LIB_CT, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_FFC_PARAMETERS", lib.ERR_LIB_DH, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_GENERATOR", lib.ERR_LIB_DH, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_DECODE_ERROR", lib.ERR_LIB_DH, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_ERROR", lib.ERR_LIB_DH, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_INVALID_J_VALUE", lib.ERR_LIB_DH, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_INVALID_Q_VALUE", lib.ERR_LIB_DH, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_PUBKEY_INVALID", lib.ERR_LIB_DH, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_PUBKEY_TOO_LARGE", lib.ERR_LIB_DH, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_PUBKEY_TOO_SMALL", lib.ERR_LIB_DH, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_P_NOT_PRIME", lib.ERR_LIB_DH, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_P_NOT_SAFE_PRIME", lib.ERR_LIB_DH, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CHECK_Q_NOT_PRIME", lib.ERR_LIB_DH, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_DH, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PARAMETER_NAME", lib.ERR_LIB_DH, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PARAMETER_NID", lib.ERR_LIB_DH, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PUBKEY", lib.ERR_LIB_DH, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SECRET", lib.ERR_LIB_DH, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KDF_PARAMETER_ERROR", lib.ERR_LIB_DH, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEYS_NOT_SET", lib.ERR_LIB_DH, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PUBKEY", lib.ERR_LIB_DH, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MODULUS_TOO_LARGE", lib.ERR_LIB_DH, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MODULUS_TOO_SMALL", lib.ERR_LIB_DH, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_SUITABLE_GENERATOR", lib.ERR_LIB_DH, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PARAMETERS_SET", lib.ERR_LIB_DH, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PRIVATE_VALUE", lib.ERR_LIB_DH, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARAMETER_ENCODING_ERROR", lib.ERR_LIB_DH, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEER_KEY_ERROR", lib.ERR_LIB_DH, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHARED_INFO_ERROR", lib.ERR_LIB_DH, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_CHECK_GENERATOR", lib.ERR_LIB_DH, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_FFC_PARAMETERS", lib.ERR_LIB_DSA, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_Q_VALUE", lib.ERR_LIB_DSA, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_DECODE_ERROR", lib.ERR_LIB_DSA, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_ERROR", lib.ERR_LIB_DSA, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_DSA, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST_TYPE", lib.ERR_LIB_DSA, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PARAMETERS", lib.ERR_LIB_DSA, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PARAMETERS", lib.ERR_LIB_DSA, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_DSA, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MODULUS_TOO_LARGE", lib.ERR_LIB_DSA, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PARAMETERS_SET", lib.ERR_LIB_DSA, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARAMETER_ENCODING_ERROR", lib.ERR_LIB_DSA, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("P_NOT_PRIME", lib.ERR_LIB_DSA, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("Q_NOT_PRIME", lib.ERR_LIB_DSA, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEED_LEN_SMALL", lib.ERR_LIB_DSA, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_FAILED", lib.ERR_LIB_DSO, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DSO_ALREADY_LOADED", lib.ERR_LIB_DSO, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EMPTY_FILE_STRUCTURE", lib.ERR_LIB_DSO, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILURE", lib.ERR_LIB_DSO, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FILENAME_TOO_BIG", lib.ERR_LIB_DSO, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FINISH_FAILED", lib.ERR_LIB_DSO, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCORRECT_FILE_SYNTAX", lib.ERR_LIB_DSO, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOAD_FAILED", lib.ERR_LIB_DSO, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NAME_TRANSLATION_FAILED", lib.ERR_LIB_DSO, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_FILENAME", lib.ERR_LIB_DSO, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_HANDLE", lib.ERR_LIB_DSO, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SET_FILENAME_FAILED", lib.ERR_LIB_DSO, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STACK_ERROR", lib.ERR_LIB_DSO, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SYM_FAILURE", lib.ERR_LIB_DSO, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNLOAD_FAILED", lib.ERR_LIB_DSO, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED", lib.ERR_LIB_DSO, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASN1_ERROR", lib.ERR_LIB_EC, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SIGNATURE", lib.ERR_LIB_EC, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BIGNUM_OUT_OF_RANGE", lib.ERR_LIB_EC, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BUFFER_TOO_SMALL", lib.ERR_LIB_EC, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_INVERT", lib.ERR_LIB_EC, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COORDINATES_OUT_OF_RANGE", lib.ERR_LIB_EC, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CURVE_DOES_NOT_SUPPORT_ECDH", lib.ERR_LIB_EC, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CURVE_DOES_NOT_SUPPORT_ECDSA", lib.ERR_LIB_EC, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CURVE_DOES_NOT_SUPPORT_SIGNING", lib.ERR_LIB_EC, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_EC, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DISCRIMINANT_IS_ZERO", lib.ERR_LIB_EC, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EC_GROUP_NEW_BY_NAME_FAILURE", lib.ERR_LIB_EC, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_MAKING_PUBLIC_KEY", lib.ERR_LIB_EC, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIELD_TOO_LARGE", lib.ERR_LIB_EC, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GF2M_NOT_SUPPORTED", lib.ERR_LIB_EC, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GROUP2PKPARAMETERS_FAILURE", lib.ERR_LIB_EC, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("I2D_ECPKPARAMETERS_FAILURE", lib.ERR_LIB_EC, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCOMPATIBLE_OBJECTS", lib.ERR_LIB_EC, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_A", lib.ERR_LIB_EC, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ARGUMENT", lib.ERR_LIB_EC, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_B", lib.ERR_LIB_EC, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_COFACTOR", lib.ERR_LIB_EC, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_COMPRESSED_POINT", lib.ERR_LIB_EC, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_COMPRESSION_BIT", lib.ERR_LIB_EC, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CURVE", lib.ERR_LIB_EC, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST", lib.ERR_LIB_EC, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST_TYPE", lib.ERR_LIB_EC, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ENCODING", lib.ERR_LIB_EC, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_FIELD", lib.ERR_LIB_EC, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_FORM", lib.ERR_LIB_EC, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_GENERATOR", lib.ERR_LIB_EC, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_GROUP_ORDER", lib.ERR_LIB_EC, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY", lib.ERR_LIB_EC, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LENGTH", lib.ERR_LIB_EC, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NAMED_GROUP_CONVERSION", lib.ERR_LIB_EC, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OUTPUT_LENGTH", lib.ERR_LIB_EC, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_P", lib.ERR_LIB_EC, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PEER_KEY", lib.ERR_LIB_EC, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PENTANOMIAL_BASIS", lib.ERR_LIB_EC, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PRIVATE_KEY", lib.ERR_LIB_EC, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SEED", lib.ERR_LIB_EC, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TRINOMIAL_BASIS", lib.ERR_LIB_EC, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KDF_PARAMETER_ERROR", lib.ERR_LIB_EC, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEYS_NOT_SET", lib.ERR_LIB_EC, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LADDER_POST_FAILURE", lib.ERR_LIB_EC, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LADDER_PRE_FAILURE", lib.ERR_LIB_EC, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LADDER_STEP_FAILURE", lib.ERR_LIB_EC, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_OID", lib.ERR_LIB_EC, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PARAMETERS", lib.ERR_LIB_EC, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_EC, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NEED_NEW_SETUP_VALUES", lib.ERR_LIB_EC, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_NIST_PRIME", lib.ERR_LIB_EC, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_IMPLEMENTED", lib.ERR_LIB_EC, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_INITIALIZED", lib.ERR_LIB_EC, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PARAMETERS_SET", lib.ERR_LIB_EC, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PRIVATE_VALUE", lib.ERR_LIB_EC, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_SUPPORTED", lib.ERR_LIB_EC, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PASSED_NULL_PARAMETER", lib.ERR_LIB_EC, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEER_KEY_ERROR", lib.ERR_LIB_EC, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POINT_ARITHMETIC_FAILURE", lib.ERR_LIB_EC, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POINT_AT_INFINITY", lib.ERR_LIB_EC, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POINT_COORDINATES_BLIND_FAILURE", lib.ERR_LIB_EC, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POINT_IS_NOT_ON_CURVE", lib.ERR_LIB_EC, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RANDOM_NUMBER_GENERATION_FAILED", lib.ERR_LIB_EC, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHARED_INFO_ERROR", lib.ERR_LIB_EC, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SLOT_FULL", lib.ERR_LIB_EC, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNDEFINED_GENERATOR", lib.ERR_LIB_EC, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNDEFINED_ORDER", lib.ERR_LIB_EC, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_COFACTOR", lib.ERR_LIB_EC, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_GROUP", lib.ERR_LIB_EC, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_ORDER", lib.ERR_LIB_EC, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_FIELD", lib.ERR_LIB_EC, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CURVE_PARAMETERS", lib.ERR_LIB_EC, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_ORDER", lib.ERR_LIB_EC, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ALREADY_LOADED", lib.ERR_LIB_ENGINE, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ARGUMENT_IS_NOT_A_NUMBER", lib.ERR_LIB_ENGINE, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CMD_NOT_EXECUTABLE", lib.ERR_LIB_ENGINE, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMMAND_TAKES_INPUT", lib.ERR_LIB_ENGINE, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMMAND_TAKES_NO_INPUT", lib.ERR_LIB_ENGINE, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONFLICTING_ENGINE_ID", lib.ERR_LIB_ENGINE, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_COMMAND_NOT_IMPLEMENTED", lib.ERR_LIB_ENGINE, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DSO_FAILURE", lib.ERR_LIB_ENGINE, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DSO_NOT_FOUND", lib.ERR_LIB_ENGINE, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENGINES_SECTION_ERROR", lib.ERR_LIB_ENGINE, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENGINE_CONFIGURATION_ERROR", lib.ERR_LIB_ENGINE, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENGINE_IS_NOT_IN_LIST", lib.ERR_LIB_ENGINE, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENGINE_SECTION_ERROR", lib.ERR_LIB_ENGINE, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_LOADING_PRIVATE_KEY", lib.ERR_LIB_ENGINE, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_LOADING_PUBLIC_KEY", lib.ERR_LIB_ENGINE, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FINISH_FAILED", lib.ERR_LIB_ENGINE, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ID_OR_NAME_MISSING", lib.ERR_LIB_ENGINE, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INIT_FAILED", lib.ERR_LIB_ENGINE, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INTERNAL_LIST_ERROR", lib.ERR_LIB_ENGINE, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ARGUMENT", lib.ERR_LIB_ENGINE, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CMD_NAME", lib.ERR_LIB_ENGINE, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CMD_NUMBER", lib.ERR_LIB_ENGINE, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_INIT_VALUE", lib.ERR_LIB_ENGINE, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_STRING", lib.ERR_LIB_ENGINE, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_INITIALISED", lib.ERR_LIB_ENGINE, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_LOADED", lib.ERR_LIB_ENGINE, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONTROL_FUNCTION", lib.ERR_LIB_ENGINE, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_INDEX", lib.ERR_LIB_ENGINE, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_LOAD_FUNCTION", lib.ERR_LIB_ENGINE, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_REFERENCE", lib.ERR_LIB_ENGINE, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUCH_ENGINE", lib.ERR_LIB_ENGINE, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNIMPLEMENTED_CIPHER", lib.ERR_LIB_ENGINE, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNIMPLEMENTED_DIGEST", lib.ERR_LIB_ENGINE, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNIMPLEMENTED_PUBLIC_KEY_METHOD", lib.ERR_LIB_ENGINE, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VERSION_INCOMPATIBILITY", lib.ERR_LIB_ENGINE, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EMPTY_ESS_CERT_ID_LIST", lib.ERR_LIB_ESS, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_CERT_DIGEST_ERROR", lib.ERR_LIB_ESS, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_CERT_ID_NOT_FOUND", lib.ERR_LIB_ESS, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_CERT_ID_WRONG_ORDER", lib.ERR_LIB_ESS, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_DIGEST_ALG_UNKNOWN", lib.ERR_LIB_ESS, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_SIGNING_CERTIFICATE_ERROR", lib.ERR_LIB_ESS, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_SIGNING_CERT_ADD_ERROR", lib.ERR_LIB_ESS, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_SIGNING_CERT_V2_ADD_ERROR", lib.ERR_LIB_ESS, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SIGNING_CERTIFICATE_ATTRIBUTE", lib.ERR_LIB_ESS, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("AES_KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ARIA_KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_ALGORITHM_NAME", lib.ERR_LIB_EVP, 200),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DECRYPT", lib.ERR_LIB_EVP, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_KEY_LENGTH", lib.ERR_LIB_EVP, 195),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BUFFER_TOO_SMALL", lib.ERR_LIB_EVP, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CACHE_CONSTANTS_FAILED", lib.ERR_LIB_EVP, 225),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CAMELLIA_KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_GET_PARAMETERS", lib.ERR_LIB_EVP, 197),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_SET_PARAMETERS", lib.ERR_LIB_EVP, 198),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_NOT_GCM_MODE", lib.ERR_LIB_EVP, 184),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_PARAMETER_ERROR", lib.ERR_LIB_EVP, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMMAND_NOT_SUPPORTED", lib.ERR_LIB_EVP, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONFLICTING_ALGORITHM_NAME", lib.ERR_LIB_EVP, 201),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COPY_ERROR", lib.ERR_LIB_EVP, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_NOT_IMPLEMENTED", lib.ERR_LIB_EVP, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_OPERATION_NOT_IMPLEMENTED", lib.ERR_LIB_EVP, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH", lib.ERR_LIB_EVP, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_EVP, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DEFAULT_QUERY_PARSE_ERROR", lib.ERR_LIB_EVP, 210),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIFFERENT_KEY_TYPES", lib.ERR_LIB_EVP, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIFFERENT_PARAMETERS", lib.ERR_LIB_EVP, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_LOADING_SECTION", lib.ERR_LIB_EVP, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_AN_HMAC_KEY", lib.ERR_LIB_EVP, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_AN_RSA_KEY", lib.ERR_LIB_EVP, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_A_DH_KEY", lib.ERR_LIB_EVP, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_A_DSA_KEY", lib.ERR_LIB_EVP, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_A_ECX_KEY", lib.ERR_LIB_EVP, 219),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_A_EC_KEY", lib.ERR_LIB_EVP, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_A_POLY1305_KEY", lib.ERR_LIB_EVP, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_A_SIPHASH_KEY", lib.ERR_LIB_EVP, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FINAL_ERROR", lib.ERR_LIB_EVP, 188),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GENERATE_ERROR", lib.ERR_LIB_EVP, 214),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GET_RAW_KEY_FAILED", lib.ERR_LIB_EVP, 182),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_SCRYPT_PARAMETERS", lib.ERR_LIB_EVP, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INACCESSIBLE_DOMAIN_PARAMETERS", lib.ERR_LIB_EVP, 204),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INACCESSIBLE_KEY", lib.ERR_LIB_EVP, 203),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INITIALIZATION_ERROR", lib.ERR_LIB_EVP, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INPUT_NOT_INITIALIZED", lib.ERR_LIB_EVP, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CUSTOM_LENGTH", lib.ERR_LIB_EVP, 185),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST", lib.ERR_LIB_EVP, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_IV_LENGTH", lib.ERR_LIB_EVP, 194),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY", lib.ERR_LIB_EVP, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY_LENGTH", lib.ERR_LIB_EVP, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LENGTH", lib.ERR_LIB_EVP, 221),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_ALGORITHM", lib.ERR_LIB_EVP, 218),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OPERATION", lib.ERR_LIB_EVP, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PROVIDER_FUNCTIONS", lib.ERR_LIB_EVP, 193),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SALT_LENGTH", lib.ERR_LIB_EVP, 186),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SECRET_LENGTH", lib.ERR_LIB_EVP, 223),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SEED_LENGTH", lib.ERR_LIB_EVP, 220),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_VALUE", lib.ERR_LIB_EVP, 222),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEYMGMT_EXPORT_FAILURE", lib.ERR_LIB_EVP, 205),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_SETUP_FAILED", lib.ERR_LIB_EVP, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOCKING_NOT_SUPPORTED", lib.ERR_LIB_EVP, 213),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MEMORY_LIMIT_EXCEEDED", lib.ERR_LIB_EVP, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MESSAGE_DIGEST_IS_NULL", lib.ERR_LIB_EVP, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("METHOD_NOT_SUPPORTED", lib.ERR_LIB_EVP, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PARAMETERS", lib.ERR_LIB_EVP, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_ABLE_TO_COPY_CTX", lib.ERR_LIB_EVP, 190),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_XOF_OR_INVALID_LENGTH", lib.ERR_LIB_EVP, 178),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CIPHER_SET", lib.ERR_LIB_EVP, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_DEFAULT_DIGEST", lib.ERR_LIB_EVP, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_DIGEST_SET", lib.ERR_LIB_EVP, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_IMPORT_FUNCTION", lib.ERR_LIB_EVP, 206),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_KEYMGMT_AVAILABLE", lib.ERR_LIB_EVP, 199),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_KEYMGMT_PRESENT", lib.ERR_LIB_EVP, 196),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_KEY_SET", lib.ERR_LIB_EVP, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_OPERATION_SET", lib.ERR_LIB_EVP, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_MAC_PKEY_CTX", lib.ERR_LIB_EVP, 208),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ONLY_ONESHOT_SUPPORTED", lib.ERR_LIB_EVP, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_INITIALIZED", lib.ERR_LIB_EVP, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", lib.ERR_LIB_EVP, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OUTPUT_WOULD_OVERFLOW", lib.ERR_LIB_EVP, 202),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARAMETER_TOO_LARGE", lib.ERR_LIB_EVP, 187),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARTIALLY_OVERLAPPING", lib.ERR_LIB_EVP, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PBKDF2_ERROR", lib.ERR_LIB_EVP, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKEY_APPLICATION_ASN1_METHOD_ALREADY_REGISTERED", lib.ERR_LIB_EVP, 179),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_DECODE_ERROR", lib.ERR_LIB_EVP, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_ENCODE_ERROR", lib.ERR_LIB_EVP, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PUBLIC_KEY_NOT_RSA", lib.ERR_LIB_EVP, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SETTING_XOF_FAILED", lib.ERR_LIB_EVP, 227),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SET_DEFAULT_PROPERTY_FAILURE", lib.ERR_LIB_EVP, 209),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_RECORDS", lib.ERR_LIB_EVP, 183),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_ENABLE_LOCKING", lib.ERR_LIB_EVP, 212),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_MAXIMUM_REQUEST_SIZE", lib.ERR_LIB_EVP, 215),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_RANDOM_STRENGTH", lib.ERR_LIB_EVP, 216),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LOCK_CONTEXT", lib.ERR_LIB_EVP, 211),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_SET_CALLBACKS", lib.ERR_LIB_EVP, 217),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CIPHER", lib.ERR_LIB_EVP, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST", lib.ERR_LIB_EVP, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_KEY_TYPE", lib.ERR_LIB_EVP, 207),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_OPTION", lib.ERR_LIB_EVP, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PBE_ALGORITHM", lib.ERR_LIB_EVP, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_EVP, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_EVP, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEYLENGTH", lib.ERR_LIB_EVP, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_DERIVATION_FUNCTION", lib.ERR_LIB_EVP, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_SIZE", lib.ERR_LIB_EVP, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_TYPE", lib.ERR_LIB_EVP, 224),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_NUMBER_OF_ROUNDS", lib.ERR_LIB_EVP, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PRF", lib.ERR_LIB_EVP, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PRIVATE_KEY_ALGORITHM", lib.ERR_LIB_EVP, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_SALT_TYPE", lib.ERR_LIB_EVP, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UPDATE_ERROR", lib.ERR_LIB_EVP, 189),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRAP_MODE_NOT_ALLOWED", lib.ERR_LIB_EVP, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_FINAL_BLOCK_LENGTH", lib.ERR_LIB_EVP, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("XTS_DATA_UNIT_IS_TOO_LARGE", lib.ERR_LIB_EVP, 191),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("XTS_DUPLICATED_KEYS", lib.ERR_LIB_EVP, 192),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASN1_LEN_EXCEEDS_MAX_RESP_LEN", lib.ERR_LIB_HTTP, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONNECT_FAILURE", lib.ERR_LIB_HTTP, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_PARSING_ASN1_LENGTH", lib.ERR_LIB_HTTP, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_PARSING_CONTENT_LENGTH", lib.ERR_LIB_HTTP, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_PARSING_URL", lib.ERR_LIB_HTTP, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_RECEIVING", lib.ERR_LIB_HTTP, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SENDING", lib.ERR_LIB_HTTP, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_READING_DATA", lib.ERR_LIB_HTTP, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HEADER_PARSE_ERROR", lib.ERR_LIB_HTTP, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCONSISTENT_CONTENT_LENGTH", lib.ERR_LIB_HTTP, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PORT_NUMBER", lib.ERR_LIB_HTTP, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_URL_PATH", lib.ERR_LIB_HTTP, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_URL_SCHEME", lib.ERR_LIB_HTTP, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MAX_RESP_LEN_EXCEEDED", lib.ERR_LIB_HTTP, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_ASN1_ENCODING", lib.ERR_LIB_HTTP, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CONTENT_TYPE", lib.ERR_LIB_HTTP, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_REDIRECT_LOCATION", lib.ERR_LIB_HTTP, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECEIVED_ERROR", lib.ERR_LIB_HTTP, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECEIVED_WRONG_HTTP_VERSION", lib.ERR_LIB_HTTP, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REDIRECTION_FROM_HTTPS_TO_HTTP", lib.ERR_LIB_HTTP, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REDIRECTION_NOT_ENABLED", lib.ERR_LIB_HTTP, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESPONSE_LINE_TOO_LONG", lib.ERR_LIB_HTTP, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESPONSE_PARSE_ERROR", lib.ERR_LIB_HTTP, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SERVER_CANCELED_CONNECTION", lib.ERR_LIB_HTTP, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SOCK_NOT_SUPPORTED", lib.ERR_LIB_HTTP, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STATUS_CODE_UNSUPPORTED", lib.ERR_LIB_HTTP, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLS_NOT_ENABLED", lib.ERR_LIB_HTTP, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_REDIRECTIONS", lib.ERR_LIB_HTTP, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_CONTENT_TYPE", lib.ERR_LIB_HTTP, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OID_EXISTS", lib.ERR_LIB_OBJ, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_NID", lib.ERR_LIB_OBJ, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_OBJECT_NAME", lib.ERR_LIB_OBJ, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_OCSP, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_ERR", lib.ERR_LIB_OCSP, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_NAME_ERR", lib.ERR_LIB_OCSP, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_SIZE_ERR", lib.ERR_LIB_OCSP, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_IN_NEXTUPDATE_FIELD", lib.ERR_LIB_OCSP, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_IN_THISUPDATE_FIELD", lib.ERR_LIB_OCSP, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_OCSPSIGNING_USAGE", lib.ERR_LIB_OCSP, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NEXTUPDATE_BEFORE_THISUPDATE", lib.ERR_LIB_OCSP, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_BASIC_RESPONSE", lib.ERR_LIB_OCSP, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERTIFICATES_IN_CHAIN", lib.ERR_LIB_OCSP, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_RESPONSE_DATA", lib.ERR_LIB_OCSP, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_REVOKED_TIME", lib.ERR_LIB_OCSP, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SIGNER_KEY", lib.ERR_LIB_OCSP, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_OCSP, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_NOT_SIGNED", lib.ERR_LIB_OCSP, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESPONSE_CONTAINS_NO_REVOCATION_DATA", lib.ERR_LIB_OCSP, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ROOT_CA_NOT_TRUSTED", lib.ERR_LIB_OCSP, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNATURE_FAILURE", lib.ERR_LIB_OCSP, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNER_CERTIFICATE_NOT_FOUND", lib.ERR_LIB_OCSP, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STATUS_EXPIRED", lib.ERR_LIB_OCSP, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STATUS_NOT_YET_VALID", lib.ERR_LIB_OCSP, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STATUS_TOO_OLD", lib.ERR_LIB_OCSP, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_MESSAGE_DIGEST", lib.ERR_LIB_OCSP, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_NID", lib.ERR_LIB_OCSP, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_REQUESTORNAME_TYPE", lib.ERR_LIB_OCSP, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COULD_NOT_DECODE_OBJECT", lib.ERR_LIB_OSSL_DECODER, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODER_NOT_FOUND", lib.ERR_LIB_OSSL_DECODER, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_GET_PARAMS", lib.ERR_LIB_OSSL_DECODER, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCODER_NOT_FOUND", lib.ERR_LIB_OSSL_ENCODER, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCORRECT_PROPERTY_QUERY", lib.ERR_LIB_OSSL_ENCODER, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_GET_PARAMS", lib.ERR_LIB_OSSL_ENCODER, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("AMBIGUOUS_CONTENT_TYPE", lib.ERR_LIB_OSSL_STORE, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PASSWORD_READ", lib.ERR_LIB_OSSL_STORE, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_VERIFYING_PKCS12_MAC", lib.ERR_LIB_OSSL_STORE, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST", lib.ERR_LIB_OSSL_STORE, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SCHEME", lib.ERR_LIB_OSSL_STORE, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IS_NOT_A", lib.ERR_LIB_OSSL_STORE, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOADER_INCOMPLETE", lib.ERR_LIB_OSSL_STORE, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOADING_STARTED", lib.ERR_LIB_OSSL_STORE, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_CERTIFICATE", lib.ERR_LIB_OSSL_STORE, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_CRL", lib.ERR_LIB_OSSL_STORE, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_NAME", lib.ERR_LIB_OSSL_STORE, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_PRIVATE_KEY", lib.ERR_LIB_OSSL_STORE, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_PUBLIC_KEY", lib.ERR_LIB_OSSL_STORE, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_PARAMETERS", lib.ERR_LIB_OSSL_STORE, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_LOADERS_FOUND", lib.ERR_LIB_OSSL_STORE, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PASSPHRASE_CALLBACK_ERROR", lib.ERR_LIB_OSSL_STORE, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PATH_MUST_BE_ABSOLUTE", lib.ERR_LIB_OSSL_STORE, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", lib.ERR_LIB_OSSL_STORE, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UI_PROCESS_INTERRUPTED_OR_CANCELLED", lib.ERR_LIB_OSSL_STORE, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNREGISTERED_SCHEME", lib.ERR_LIB_OSSL_STORE, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CONTENT_TYPE", lib.ERR_LIB_OSSL_STORE, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_OPERATION", lib.ERR_LIB_OSSL_STORE, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_SEARCH_TYPE", lib.ERR_LIB_OSSL_STORE, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("URI_AUTHORITY_UNSUPPORTED", lib.ERR_LIB_OSSL_STORE, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_BASE64_DECODE", lib.ERR_LIB_PEM, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DECRYPT", lib.ERR_LIB_PEM, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_END_LINE", lib.ERR_LIB_PEM, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_IV_CHARS", lib.ERR_LIB_PEM, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_MAGIC_NUMBER", lib.ERR_LIB_PEM, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PASSWORD_READ", lib.ERR_LIB_PEM, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_VERSION_NUMBER", lib.ERR_LIB_PEM, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BIO_WRITE_FAILURE", lib.ERR_LIB_PEM, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_IS_NULL", lib.ERR_LIB_PEM, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CONVERTING_PRIVATE_KEY", lib.ERR_LIB_PEM, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_DSS_KEY_BLOB", lib.ERR_LIB_PEM, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_PRIVATE_KEY_BLOB", lib.ERR_LIB_PEM, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_PUBLIC_KEY_BLOB", lib.ERR_LIB_PEM, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTING_RSA_KEY_BLOB", lib.ERR_LIB_PEM, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HEADER_TOO_LONG", lib.ERR_LIB_PEM, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCONSISTENT_HEADER", lib.ERR_LIB_PEM, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEYBLOB_HEADER_PARSE_ERROR", lib.ERR_LIB_PEM, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEYBLOB_TOO_SHORT", lib.ERR_LIB_PEM, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_DEK_IV", lib.ERR_LIB_PEM, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_DEK_INFO", lib.ERR_LIB_PEM, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_ENCRYPTED", lib.ERR_LIB_PEM, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_PROC_TYPE", lib.ERR_LIB_PEM, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_START_LINE", lib.ERR_LIB_PEM, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROBLEMS_GETTING_PASSWORD", lib.ERR_LIB_PEM, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PVK_DATA_TOO_SHORT", lib.ERR_LIB_PEM, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PVK_TOO_SHORT", lib.ERR_LIB_PEM, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("READ_KEY", lib.ERR_LIB_PEM, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHORT_HEADER", lib.ERR_LIB_PEM, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_DEK_IV", lib.ERR_LIB_PEM, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CIPHER", lib.ERR_LIB_PEM, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ENCRYPTION", lib.ERR_LIB_PEM, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_COMPONENTS", lib.ERR_LIB_PEM, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PUBLIC_KEY_TYPE", lib.ERR_LIB_PEM, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANT_PACK_STRUCTURE", lib.ERR_LIB_PKCS12, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_TYPE_NOT_DATA", lib.ERR_LIB_PKCS12, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECODE_ERROR", lib.ERR_LIB_PKCS12, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCODE_ERROR", lib.ERR_LIB_PKCS12, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCRYPT_ERROR", lib.ERR_LIB_PKCS12, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_ENCRYPTED_DATA_TYPE", lib.ERR_LIB_PKCS12, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_ARGUMENT", lib.ERR_LIB_PKCS12, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_PKCS12_POINTER", lib.ERR_LIB_PKCS12, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TYPE", lib.ERR_LIB_PKCS12, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IV_GEN_ERROR", lib.ERR_LIB_PKCS12, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_GEN_ERROR", lib.ERR_LIB_PKCS12, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MAC_ABSENT", lib.ERR_LIB_PKCS12, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MAC_GENERATION_ERROR", lib.ERR_LIB_PKCS12, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MAC_SETUP_ERROR", lib.ERR_LIB_PKCS12, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MAC_STRING_SET_ERROR", lib.ERR_LIB_PKCS12, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MAC_VERIFY_FAILURE", lib.ERR_LIB_PKCS12, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARSE_ERROR", lib.ERR_LIB_PKCS12, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS12_CIPHERFINAL_ERROR", lib.ERR_LIB_PKCS12, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST_ALGORITHM", lib.ERR_LIB_PKCS12, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PKCS12_MODE", lib.ERR_LIB_PKCS12, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_PKCS7, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_HAS_NO_OBJECT_IDENTIFIER", lib.ERR_LIB_PKCS7, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_NOT_INITIALIZED", lib.ERR_LIB_PKCS7, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTENT_AND_DATA_PRESENT", lib.ERR_LIB_PKCS7, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CTRL_ERROR", lib.ERR_LIB_PKCS7, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECRYPT_ERROR", lib.ERR_LIB_PKCS7, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_FAILURE", lib.ERR_LIB_PKCS7, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCRYPTION_CTRL_FAILURE", lib.ERR_LIB_PKCS7, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", lib.ERR_LIB_PKCS7, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_ADDING_RECIPIENT", lib.ERR_LIB_PKCS7, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_CIPHER", lib.ERR_LIB_PKCS7, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_POINTER", lib.ERR_LIB_PKCS7, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SIGNED_DATA_TYPE", lib.ERR_LIB_PKCS7, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONTENT", lib.ERR_LIB_PKCS7, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_DEFAULT_DIGEST", lib.ERR_LIB_PKCS7, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MATCHING_DIGEST_TYPE_FOUND", lib.ERR_LIB_PKCS7, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_RECIPIENT_MATCHES_CERTIFICATE", lib.ERR_LIB_PKCS7, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SIGNATURES_ON_DATA", lib.ERR_LIB_PKCS7, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SIGNERS", lib.ERR_LIB_PKCS7, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_SUPPORTED_ON_THIS_TYPE", lib.ERR_LIB_PKCS7, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7_ADD_SIGNATURE_ERROR", lib.ERR_LIB_PKCS7, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7_ADD_SIGNER_ERROR", lib.ERR_LIB_PKCS7, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7_DATASIGN", lib.ERR_LIB_PKCS7, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_PKCS7, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNATURE_FAILURE", lib.ERR_LIB_PKCS7, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNER_CERTIFICATE_NOT_FOUND", lib.ERR_LIB_PKCS7, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNING_CTRL_FAILURE", lib.ERR_LIB_PKCS7, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE", lib.ERR_LIB_PKCS7, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SMIME_TEXT_ERROR", lib.ERR_LIB_PKCS7, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_CERTIFICATE", lib.ERR_LIB_PKCS7, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_MEM_BIO", lib.ERR_LIB_PKCS7, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_MESSAGE_DIGEST", lib.ERR_LIB_PKCS7, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST_TYPE", lib.ERR_LIB_PKCS7, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_OPERATION", lib.ERR_LIB_PKCS7, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CIPHER_TYPE", lib.ERR_LIB_PKCS7, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CONTENT_TYPE", lib.ERR_LIB_PKCS7, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CONTENT_TYPE", lib.ERR_LIB_PKCS7, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_PKCS7_TYPE", lib.ERR_LIB_PKCS7, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NAME_TOO_LONG", lib.ERR_LIB_PROP, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_AN_ASCII_CHARACTER", lib.ERR_LIB_PROP, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_AN_HEXADECIMAL_DIGIT", lib.ERR_LIB_PROP, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_AN_IDENTIFIER", lib.ERR_LIB_PROP, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_AN_OCTAL_DIGIT", lib.ERR_LIB_PROP, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_DECIMAL_DIGIT", lib.ERR_LIB_PROP, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_MATCHING_STRING_DELIMITER", lib.ERR_LIB_PROP, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_VALUE", lib.ERR_LIB_PROP, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARSE_FAILED", lib.ERR_LIB_PROP, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STRING_TOO_LONG", lib.ERR_LIB_PROP, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TRAILING_CHARACTERS", lib.ERR_LIB_PROP, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ADDITIONAL_INPUT_TOO_LONG", lib.ERR_LIB_PROV, 184),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ALGORITHM_MISMATCH", lib.ERR_LIB_PROV, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ALREADY_INSTANTIATED", lib.ERR_LIB_PROV, 185),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DECRYPT", lib.ERR_LIB_PROV, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_ENCODING", lib.ERR_LIB_PROV, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_LENGTH", lib.ERR_LIB_PROV, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_TLS_CLIENT_VERSION", lib.ERR_LIB_PROV, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_ERROR", lib.ERR_LIB_PROV, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_OPERATION_FAILED", lib.ERR_LIB_PROV, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DERIVATION_FUNCTION_INIT_FAILED", lib.ERR_LIB_PROV, 205),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_NOT_ALLOWED", lib.ERR_LIB_PROV, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENTROPY_SOURCE_STRENGTH_TOO_WEAK", lib.ERR_LIB_PROV, 186),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_INSTANTIATING_DRBG", lib.ERR_LIB_PROV, 188),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_RETRIEVING_ENTROPY", lib.ERR_LIB_PROV, 189),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_RETRIEVING_NONCE", lib.ERR_LIB_PROV, 190),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_DURING_DERIVATION", lib.ERR_LIB_PROV, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_CREATE_LOCK", lib.ERR_LIB_PROV, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_DECRYPT", lib.ERR_LIB_PROV, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_GENERATE_KEY", lib.ERR_LIB_PROV, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_GET_PARAMETER", lib.ERR_LIB_PROV, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_SET_PARAMETER", lib.ERR_LIB_PROV, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_SIGN", lib.ERR_LIB_PROV, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIPS_MODULE_CONDITIONAL_ERROR", lib.ERR_LIB_PROV, 227),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIPS_MODULE_ENTERING_ERROR_STATE", lib.ERR_LIB_PROV, 224),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIPS_MODULE_IN_ERROR_STATE", lib.ERR_LIB_PROV, 225),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GENERATE_ERROR", lib.ERR_LIB_PROV, 191),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", lib.ERR_LIB_PROV, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INDICATOR_INTEGRITY_FAILURE", lib.ERR_LIB_PROV, 210),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INSUFFICIENT_DRBG_STRENGTH", lib.ERR_LIB_PROV, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_AAD", lib.ERR_LIB_PROV, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CONFIG_DATA", lib.ERR_LIB_PROV, 211),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CONSTANT_LENGTH", lib.ERR_LIB_PROV, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CURVE", lib.ERR_LIB_PROV, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CUSTOM_LENGTH", lib.ERR_LIB_PROV, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DATA", lib.ERR_LIB_PROV, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST", lib.ERR_LIB_PROV, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST_LENGTH", lib.ERR_LIB_PROV, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST_SIZE", lib.ERR_LIB_PROV, 218),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_INPUT_LENGTH", lib.ERR_LIB_PROV, 230),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ITERATION_COUNT", lib.ERR_LIB_PROV, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_IV_LENGTH", lib.ERR_LIB_PROV, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY", lib.ERR_LIB_PROV, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY_LENGTH", lib.ERR_LIB_PROV, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MAC", lib.ERR_LIB_PROV, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MGF1_MD", lib.ERR_LIB_PROV, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MODE", lib.ERR_LIB_PROV, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OUTPUT_LENGTH", lib.ERR_LIB_PROV, 217),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PADDING_MODE", lib.ERR_LIB_PROV, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PUBINFO", lib.ERR_LIB_PROV, 198),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SALT_LENGTH", lib.ERR_LIB_PROV, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SEED_LENGTH", lib.ERR_LIB_PROV, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SIGNATURE_SIZE", lib.ERR_LIB_PROV, 179),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_STATE", lib.ERR_LIB_PROV, 212),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TAG", lib.ERR_LIB_PROV, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TAG_LENGTH", lib.ERR_LIB_PROV, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_UKM_LENGTH", lib.ERR_LIB_PROV, 200),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_X931_DIGEST", lib.ERR_LIB_PROV, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IN_ERROR_STATE", lib.ERR_LIB_PROV, 192),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_SETUP_FAILED", lib.ERR_LIB_PROV, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_SIZE_TOO_SMALL", lib.ERR_LIB_PROV, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LENGTH_TOO_LARGE", lib.ERR_LIB_PROV, 202),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISMATCHING_DOMAIN_PARAMETERS", lib.ERR_LIB_PROV, 203),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CEK_ALG", lib.ERR_LIB_PROV, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CIPHER", lib.ERR_LIB_PROV, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CONFIG_DATA", lib.ERR_LIB_PROV, 213),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_CONSTANT", lib.ERR_LIB_PROV, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_KEY", lib.ERR_LIB_PROV, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_MAC", lib.ERR_LIB_PROV, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_MESSAGE_DIGEST", lib.ERR_LIB_PROV, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_OID", lib.ERR_LIB_PROV, 209),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PASS", lib.ERR_LIB_PROV, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SALT", lib.ERR_LIB_PROV, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SECRET", lib.ERR_LIB_PROV, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SEED", lib.ERR_LIB_PROV, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SESSION_ID", lib.ERR_LIB_PROV, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_TYPE", lib.ERR_LIB_PROV, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_XCGHASH", lib.ERR_LIB_PROV, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MODULE_INTEGRITY_FAILURE", lib.ERR_LIB_PROV, 214),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_PRIVATE_KEY", lib.ERR_LIB_PROV, 221),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_PUBLIC_KEY", lib.ERR_LIB_PROV, 220),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_INSTANTIATED", lib.ERR_LIB_PROV, 193),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_PARAMETERS", lib.ERR_LIB_PROV, 226),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_SUPPORTED", lib.ERR_LIB_PROV, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_XOF_OR_INVALID_LENGTH", lib.ERR_LIB_PROV, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_KEY_SET", lib.ERR_LIB_PROV, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PARAMETERS_SET", lib.ERR_LIB_PROV, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", lib.ERR_LIB_PROV, 178),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OUTPUT_BUFFER_TOO_SMALL", lib.ERR_LIB_PROV, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARENT_CANNOT_GENERATE_RANDOM_NUMBERS", lib.ERR_LIB_PROV, 228),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARENT_CANNOT_SUPPLY_ENTROPY_SEED", lib.ERR_LIB_PROV, 187),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARENT_LOCKING_NOT_ENABLED", lib.ERR_LIB_PROV, 182),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARENT_STRENGTH_TOO_WEAK", lib.ERR_LIB_PROV, 194),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PATH_MUST_BE_ABSOLUTE", lib.ERR_LIB_PROV, 219),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PERSONALISATION_STRING_TOO_LONG", lib.ERR_LIB_PROV, 195),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PSS_SALTLEN_TOO_SMALL", lib.ERR_LIB_PROV, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_TOO_LARGE_FOR_DRBG", lib.ERR_LIB_PROV, 196),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUIRE_CTR_MODE_CIPHER", lib.ERR_LIB_PROV, 206),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESEED_ERROR", lib.ERR_LIB_PROV, 197),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES", lib.ERR_LIB_PROV, 222),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SEED_SOURCES_MUST_NOT_HAVE_A_PARENT", lib.ERR_LIB_PROV, 229),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SELF_TEST_KAT_FAILURE", lib.ERR_LIB_PROV, 215),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SELF_TEST_POST_FAILURE", lib.ERR_LIB_PROV, 216),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TAG_NOT_NEEDED", lib.ERR_LIB_PROV, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TAG_NOT_SET", lib.ERR_LIB_PROV, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_RECORDS", lib.ERR_LIB_PROV, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_CIPHERS", lib.ERR_LIB_PROV, 207),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_PARENT_STRENGTH", lib.ERR_LIB_PROV, 199),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_PASSPHRASE", lib.ERR_LIB_PROV, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_INITIALISE_CIPHERS", lib.ERR_LIB_PROV, 208),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LOAD_SHA256", lib.ERR_LIB_PROV, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LOCK_PARENT", lib.ERR_LIB_PROV, 201),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_RESEED", lib.ERR_LIB_PROV, 204),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_CEK_ALG", lib.ERR_LIB_PROV, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_KEY_SIZE", lib.ERR_LIB_PROV, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_MAC_TYPE", lib.ERR_LIB_PROV, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_NUMBER_OF_ROUNDS", lib.ERR_LIB_PROV, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("URI_AUTHORITY_UNSUPPORTED", lib.ERR_LIB_PROV, 223),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VALUE_ERROR", lib.ERR_LIB_PROV, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_FINAL_BLOCK_LENGTH", lib.ERR_LIB_PROV, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_OUTPUT_BUFFER_SIZE", lib.ERR_LIB_PROV, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("XOF_DIGESTS_NOT_ALLOWED", lib.ERR_LIB_PROV, 183),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("XTS_DATA_UNIT_IS_TOO_LARGE", lib.ERR_LIB_PROV, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("XTS_DUPLICATED_KEYS", lib.ERR_LIB_PROV, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ADDITIONAL_INPUT_TOO_LONG", lib.ERR_LIB_RAND, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ALREADY_INSTANTIATED", lib.ERR_LIB_RAND, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ARGUMENT_OUT_OF_RANGE", lib.ERR_LIB_RAND, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_OPEN_FILE", lib.ERR_LIB_RAND, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DRBG_ALREADY_INITIALIZED", lib.ERR_LIB_RAND, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DRBG_NOT_INITIALISED", lib.ERR_LIB_RAND, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENTROPY_INPUT_TOO_LONG", lib.ERR_LIB_RAND, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENTROPY_OUT_OF_RANGE", lib.ERR_LIB_RAND, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_ENTROPY_POOL_WAS_IGNORED", lib.ERR_LIB_RAND, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_INITIALISING_DRBG", lib.ERR_LIB_RAND, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_INSTANTIATING_DRBG", lib.ERR_LIB_RAND, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_RETRIEVING_ADDITIONAL_INPUT", lib.ERR_LIB_RAND, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_RETRIEVING_ENTROPY", lib.ERR_LIB_RAND, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_RETRIEVING_NONCE", lib.ERR_LIB_RAND, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_CREATE_LOCK", lib.ERR_LIB_RAND, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FUNC_NOT_IMPLEMENTED", lib.ERR_LIB_RAND, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FWRITE_ERROR", lib.ERR_LIB_RAND, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GENERATE_ERROR", lib.ERR_LIB_RAND, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INSUFFICIENT_DRBG_STRENGTH", lib.ERR_LIB_RAND, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INTERNAL_ERROR", lib.ERR_LIB_RAND, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IN_ERROR_STATE", lib.ERR_LIB_RAND, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_A_REGULAR_FILE", lib.ERR_LIB_RAND, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_INSTANTIATED", lib.ERR_LIB_RAND, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_DRBG_IMPLEMENTATION_SELECTED", lib.ERR_LIB_RAND, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARENT_LOCKING_NOT_ENABLED", lib.ERR_LIB_RAND, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARENT_STRENGTH_TOO_WEAK", lib.ERR_LIB_RAND, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PERSONALISATION_STRING_TOO_LONG", lib.ERR_LIB_RAND, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PREDICTION_RESISTANCE_NOT_SUPPORTED", lib.ERR_LIB_RAND, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRNG_NOT_SEEDED", lib.ERR_LIB_RAND, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RANDOM_POOL_OVERFLOW", lib.ERR_LIB_RAND, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RANDOM_POOL_UNDERFLOW", lib.ERR_LIB_RAND, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_TOO_LARGE_FOR_DRBG", lib.ERR_LIB_RAND, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESEED_ERROR", lib.ERR_LIB_RAND, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SELFTEST_FAILURE", lib.ERR_LIB_RAND, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_LITTLE_NONCE_REQUESTED", lib.ERR_LIB_RAND, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MUCH_NONCE_REQUESTED", lib.ERR_LIB_RAND, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_CREATE_DRBG", lib.ERR_LIB_RAND, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FETCH_DRBG", lib.ERR_LIB_RAND, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_PARENT_RESEED_PROP_COUNTER", lib.ERR_LIB_RAND, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_PARENT_STRENGTH", lib.ERR_LIB_RAND, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LOCK_PARENT", lib.ERR_LIB_RAND, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_DRBG_FLAGS", lib.ERR_LIB_RAND, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_DRBG_TYPE", lib.ERR_LIB_RAND, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ALGORITHM_MISMATCH", lib.ERR_LIB_RSA, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_E_VALUE", lib.ERR_LIB_RSA, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_FIXED_HEADER_DECRYPT", lib.ERR_LIB_RSA, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PAD_BYTE_COUNT", lib.ERR_LIB_RSA, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SIGNATURE", lib.ERR_LIB_RSA, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BLOCK_TYPE_IS_NOT_01", lib.ERR_LIB_RSA, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BLOCK_TYPE_IS_NOT_02", lib.ERR_LIB_RSA, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_GREATER_THAN_MOD_LEN", lib.ERR_LIB_RSA, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_TOO_LARGE", lib.ERR_LIB_RSA, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_TOO_LARGE_FOR_KEY_SIZE", lib.ERR_LIB_RSA, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_TOO_LARGE_FOR_MODULUS", lib.ERR_LIB_RSA, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_TOO_SMALL", lib.ERR_LIB_RSA, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_TOO_SMALL_FOR_KEY_SIZE", lib.ERR_LIB_RSA, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_DOES_NOT_MATCH", lib.ERR_LIB_RSA, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_NOT_ALLOWED", lib.ERR_LIB_RSA, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_TOO_BIG_FOR_RSA_KEY", lib.ERR_LIB_RSA, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DMP1_NOT_CONGRUENT_TO_D", lib.ERR_LIB_RSA, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DMQ1_NOT_CONGRUENT_TO_D", lib.ERR_LIB_RSA, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("D_E_NOT_CONGRUENT_TO_1", lib.ERR_LIB_RSA, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FIRST_OCTET_INVALID", lib.ERR_LIB_RSA, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_OR_UNSUPPORTED_PADDING_MODE", lib.ERR_LIB_RSA, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST", lib.ERR_LIB_RSA, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST_LENGTH", lib.ERR_LIB_RSA, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_HEADER", lib.ERR_LIB_RSA, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEYPAIR", lib.ERR_LIB_RSA, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY_LENGTH", lib.ERR_LIB_RSA, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LABEL", lib.ERR_LIB_RSA, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_LENGTH", lib.ERR_LIB_RSA, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MESSAGE_LENGTH", lib.ERR_LIB_RSA, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MGF1_MD", lib.ERR_LIB_RSA, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MODULUS", lib.ERR_LIB_RSA, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MULTI_PRIME_KEY", lib.ERR_LIB_RSA, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OAEP_PARAMETERS", lib.ERR_LIB_RSA, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PADDING", lib.ERR_LIB_RSA, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PADDING_MODE", lib.ERR_LIB_RSA, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PSS_PARAMETERS", lib.ERR_LIB_RSA, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PSS_SALTLEN", lib.ERR_LIB_RSA, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_REQUEST", lib.ERR_LIB_RSA, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SALT_LENGTH", lib.ERR_LIB_RSA, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_STRENGTH", lib.ERR_LIB_RSA, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TRAILER", lib.ERR_LIB_RSA, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_X931_DIGEST", lib.ERR_LIB_RSA, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IQMP_NOT_INVERSE_OF_Q", lib.ERR_LIB_RSA, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_PRIME_NUM_INVALID", lib.ERR_LIB_RSA, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_SIZE_TOO_SMALL", lib.ERR_LIB_RSA, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LAST_OCTET_INVALID", lib.ERR_LIB_RSA, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MGF1_DIGEST_NOT_ALLOWED", lib.ERR_LIB_RSA, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PRIVATE_KEY", lib.ERR_LIB_RSA, 179),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MODULUS_TOO_LARGE", lib.ERR_LIB_RSA, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MP_COEFFICIENT_NOT_INVERSE_OF_R", lib.ERR_LIB_RSA, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MP_EXPONENT_NOT_CONGRUENT_TO_D", lib.ERR_LIB_RSA, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MP_R_NOT_PRIME", lib.ERR_LIB_RSA, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PUBLIC_EXPONENT", lib.ERR_LIB_RSA, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_BEFORE_BLOCK_MISSING", lib.ERR_LIB_RSA, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("N_DOES_NOT_EQUAL_PRODUCT_OF_PRIMES", lib.ERR_LIB_RSA, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("N_DOES_NOT_EQUAL_P_Q", lib.ERR_LIB_RSA, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OAEP_DECODING_ERROR", lib.ERR_LIB_RSA, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE", lib.ERR_LIB_RSA, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PADDING_CHECK_FAILED", lib.ERR_LIB_RSA, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PAIRWISE_TEST_FAILURE", lib.ERR_LIB_RSA, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS_DECODING_ERROR", lib.ERR_LIB_RSA, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PSS_SALTLEN_TOO_SMALL", lib.ERR_LIB_RSA, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PUB_EXPONENT_OUT_OF_RANGE", lib.ERR_LIB_RSA, 178),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("P_NOT_PRIME", lib.ERR_LIB_RSA, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("Q_NOT_PRIME", lib.ERR_LIB_RSA, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RANDOMNESS_SOURCE_STRENGTH_INSUFFICIENT", lib.ERR_LIB_RSA, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RSA_OPERATIONS_NOT_SUPPORTED", lib.ERR_LIB_RSA, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SLEN_CHECK_FAILED", lib.ERR_LIB_RSA, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SLEN_RECOVERY_FAILED", lib.ERR_LIB_RSA, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ROLLBACK_ATTACK", lib.ERR_LIB_RSA, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD", lib.ERR_LIB_RSA, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_ALGORITHM_TYPE", lib.ERR_LIB_RSA, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST", lib.ERR_LIB_RSA, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_MASK_DIGEST", lib.ERR_LIB_RSA, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PADDING_TYPE", lib.ERR_LIB_RSA, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ENCRYPTION_TYPE", lib.ERR_LIB_RSA, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_LABEL_SOURCE", lib.ERR_LIB_RSA, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_MASK_ALGORITHM", lib.ERR_LIB_RSA, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_MASK_PARAMETER", lib.ERR_LIB_RSA, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_SIGNATURE_TYPE", lib.ERR_LIB_RSA, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VALUE_MISSING", lib.ERR_LIB_RSA, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_SIGNATURE_LENGTH", lib.ERR_LIB_RSA, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ASN1_ERROR", lib.ERR_LIB_SM2, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SIGNATURE", lib.ERR_LIB_SM2, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BUFFER_TOO_SMALL", lib.ERR_LIB_SM2, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIST_ID_TOO_LARGE", lib.ERR_LIB_SM2, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ID_NOT_SET", lib.ERR_LIB_SM2, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ID_TOO_LARGE", lib.ERR_LIB_SM2, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CURVE", lib.ERR_LIB_SM2, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST", lib.ERR_LIB_SM2, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIGEST_TYPE", lib.ERR_LIB_SM2, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ENCODING", lib.ERR_LIB_SM2, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_FIELD", lib.ERR_LIB_SM2, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PRIVATE_KEY", lib.ERR_LIB_SM2, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PARAMETERS_SET", lib.ERR_LIB_SM2, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("USER_ID_TOO_LARGE", lib.ERR_LIB_SM2, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("APPLICATION_DATA_AFTER_CLOSE_NOTIFY", lib.ERR_LIB_SSL, 291),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("APP_DATA_IN_HANDSHAKE", lib.ERR_LIB_SSL, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ATTEMPT_TO_REUSE_SESSION_IN_DIFFERENT_CONTEXT", lib.ERR_LIB_SSL, 272),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("AT_LEAST_TLS_1_2_NEEDED_IN_SUITEB_MODE", lib.ERR_LIB_SSL, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_CHANGE_CIPHER_SPEC", lib.ERR_LIB_SSL, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_CIPHER", lib.ERR_LIB_SSL, 186),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DATA", lib.ERR_LIB_SSL, 390),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DATA_RETURNED_BY_CALLBACK", lib.ERR_LIB_SSL, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DECOMPRESSION", lib.ERR_LIB_SSL, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DH_VALUE", lib.ERR_LIB_SSL, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_DIGEST_LENGTH", lib.ERR_LIB_SSL, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_EARLY_DATA", lib.ERR_LIB_SSL, 233),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_ECC_CERT", lib.ERR_LIB_SSL, 304),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_ECPOINT", lib.ERR_LIB_SSL, 306),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_EXTENSION", lib.ERR_LIB_SSL, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_HANDSHAKE_LENGTH", lib.ERR_LIB_SSL, 332),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_HANDSHAKE_STATE", lib.ERR_LIB_SSL, 236),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_HELLO_REQUEST", lib.ERR_LIB_SSL, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_HRR_VERSION", lib.ERR_LIB_SSL, 263),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_KEY_SHARE", lib.ERR_LIB_SSL, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_KEY_UPDATE", lib.ERR_LIB_SSL, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_LEGACY_VERSION", lib.ERR_LIB_SSL, 292),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_LENGTH", lib.ERR_LIB_SSL, 271),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PACKET", lib.ERR_LIB_SSL, 240),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PACKET_LENGTH", lib.ERR_LIB_SSL, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PROTOCOL_VERSION_NUMBER", lib.ERR_LIB_SSL, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PSK", lib.ERR_LIB_SSL, 219),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PSK_IDENTITY", lib.ERR_LIB_SSL, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_RECORD_TYPE", lib.ERR_LIB_SSL, 443),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_RSA_ENCRYPT", lib.ERR_LIB_SSL, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SIGNATURE", lib.ERR_LIB_SSL, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SRP_A_LENGTH", lib.ERR_LIB_SSL, 347),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SRP_PARAMETERS", lib.ERR_LIB_SSL, 371),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SRTP_MKI_VALUE", lib.ERR_LIB_SSL, 352),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 353),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SSL_FILETYPE", lib.ERR_LIB_SSL, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_VALUE", lib.ERR_LIB_SSL, 384),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_WRITE_RETRY", lib.ERR_LIB_SSL, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BINDER_DOES_NOT_VERIFY", lib.ERR_LIB_SSL, 253),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BIO_NOT_SET", lib.ERR_LIB_SSL, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BLOCK_CIPHER_PAD_IS_WRONG", lib.ERR_LIB_SSL, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_LIB", lib.ERR_LIB_SSL, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CALLBACK_FAILED", lib.ERR_LIB_SSL, 234),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_CHANGE_CIPHER", lib.ERR_LIB_SSL, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_GET_GROUP_NAME", lib.ERR_LIB_SSL, 299),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CA_DN_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CA_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 397),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CA_MD_TOO_WEAK", lib.ERR_LIB_SSL, 398),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CCS_RECEIVED_EARLY", lib.ERR_LIB_SSL, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_VERIFY_FAILED", lib.ERR_LIB_SSL, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERT_CB_ERROR", lib.ERR_LIB_SSL, 377),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERT_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHERSUITE_DIGEST_HAS_CHANGED", lib.ERR_LIB_SSL, 218),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CIPHER_CODE_WRONG_LENGTH", lib.ERR_LIB_SSL, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CLIENTHELLO_TLSEXT", lib.ERR_LIB_SSL, 226),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMPRESSED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMPRESSION_DISABLED", lib.ERR_LIB_SSL, 343),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMPRESSION_FAILURE", lib.ERR_LIB_SSL, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMPRESSION_ID_NOT_WITHIN_PRIVATE_RANGE", lib.ERR_LIB_SSL, 307),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMPRESSION_LIBRARY_ERROR", lib.ERR_LIB_SSL, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONNECTION_TYPE_NOT_SET", lib.ERR_LIB_SSL, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CONTEXT_NOT_DANE_ENABLED", lib.ERR_LIB_SSL, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COOKIE_GEN_CALLBACK_FAILURE", lib.ERR_LIB_SSL, 400),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COOKIE_MISMATCH", lib.ERR_LIB_SSL, 308),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COPY_PARAMETERS_FAILED", lib.ERR_LIB_SSL, 296),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CUSTOM_EXT_HANDLER_ALREADY_INSTALLED", lib.ERR_LIB_SSL, 206),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_ALREADY_ENABLED", lib.ERR_LIB_SSL, 172),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_CANNOT_OVERRIDE_MTYPE_FULL", lib.ERR_LIB_SSL, 173),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_NOT_ENABLED", lib.ERR_LIB_SSL, 175),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_CERTIFICATE", lib.ERR_LIB_SSL, 180),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_CERTIFICATE_USAGE", lib.ERR_LIB_SSL, 184),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_DATA_LENGTH", lib.ERR_LIB_SSL, 189),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_DIGEST_LENGTH", lib.ERR_LIB_SSL, 192),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_MATCHING_TYPE", lib.ERR_LIB_SSL, 200),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_PUBLIC_KEY", lib.ERR_LIB_SSL, 201),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_BAD_SELECTOR", lib.ERR_LIB_SSL, 202),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DANE_TLSA_NULL_DATA", lib.ERR_LIB_SSL, 203),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_BETWEEN_CCS_AND_FINISHED", lib.ERR_LIB_SSL, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DATA_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECRYPTION_FAILED", lib.ERR_LIB_SSL, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DECRYPTION_FAILED_OR_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 281),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DH_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 394),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DH_PUBLIC_VALUE_LENGTH_IS_WRONG", lib.ERR_LIB_SSL, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIGEST_CHECK_FAILED", lib.ERR_LIB_SSL, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DTLS_MESSAGE_TOO_BIG", lib.ERR_LIB_SSL, 334),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DUPLICATE_COMPRESSION_ID", lib.ERR_LIB_SSL, 309),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ECC_CERT_NOT_FOR_SIGNING", lib.ERR_LIB_SSL, 318),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ECDH_REQUIRED_FOR_SUITEB_MODE", lib.ERR_LIB_SSL, 374),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EE_KEY_TOO_SMALL", lib.ERR_LIB_SSL, 399),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EMPTY_SRTP_PROTECTION_PROFILE_LIST", lib.ERR_LIB_SSL, 354),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ENCRYPTED_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_IN_RECEIVED_CIPHER_LIST", lib.ERR_LIB_SSL, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_SETTING_TLSA_BASE_DOMAIN", lib.ERR_LIB_SSL, 204),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXCEEDS_MAX_FRAGMENT_SIZE", lib.ERR_LIB_SSL, 194),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXCESSIVE_MESSAGE_SIZE", lib.ERR_LIB_SSL, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTENSION_NOT_RECEIVED", lib.ERR_LIB_SSL, 279),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTRA_DATA_IN_MESSAGE", lib.ERR_LIB_SSL, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXT_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FAILED_TO_INIT_ASYNC", lib.ERR_LIB_SSL, 405),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("FRAGMENTED_CLIENT_HELLO", lib.ERR_LIB_SSL, 401),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("GOT_A_FIN_BEFORE_A_CCS", lib.ERR_LIB_SSL, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HTTPS_PROXY_REQUEST", lib.ERR_LIB_SSL, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("HTTP_REQUEST", lib.ERR_LIB_SSL, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_POINT_COMPRESSION", lib.ERR_LIB_SSL, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_SUITEB_DIGEST", lib.ERR_LIB_SSL, 380),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 373),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCONSISTENT_COMPRESSION", lib.ERR_LIB_SSL, 340),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCONSISTENT_EARLY_DATA_ALPN", lib.ERR_LIB_SSL, 222),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCONSISTENT_EARLY_DATA_SNI", lib.ERR_LIB_SSL, 231),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCONSISTENT_EXTMS", lib.ERR_LIB_SSL, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INSUFFICIENT_SECURITY", lib.ERR_LIB_SSL, 241),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ALERT", lib.ERR_LIB_SSL, 205),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CCS_MESSAGE", lib.ERR_LIB_SSL, 260),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CERTIFICATE_OR_ALG", lib.ERR_LIB_SSL, 238),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_COMMAND", lib.ERR_LIB_SSL, 280),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 341),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CONFIG", lib.ERR_LIB_SSL, 283),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CONFIGURATION_NAME", lib.ERR_LIB_SSL, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CONTEXT", lib.ERR_LIB_SSL, 282),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CT_VALIDATION_TYPE", lib.ERR_LIB_SSL, 212),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_KEY_UPDATE_TYPE", lib.ERR_LIB_SSL, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MAX_EARLY_DATA", lib.ERR_LIB_SSL, 174),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_CMD_NAME", lib.ERR_LIB_SSL, 385),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SEQUENCE_NUMBER", lib.ERR_LIB_SSL, 402),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SERVERINFO_DATA", lib.ERR_LIB_SSL, 388),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SESSION_ID", lib.ERR_LIB_SSL, 999),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SRP_USERNAME", lib.ERR_LIB_SSL, 357),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_STATUS_RESPONSE", lib.ERR_LIB_SSL, 328),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TICKET_KEYS_LENGTH", lib.ERR_LIB_SSL, 325),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LENGTH_MISMATCH", lib.ERR_LIB_SSL, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 404),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LENGTH_TOO_SHORT", lib.ERR_LIB_SSL, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LIBRARY_BUG", lib.ERR_LIB_SSL, 274),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_DSA_SIGNING_CERT", lib.ERR_LIB_SSL, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_ECDSA_SIGNING_CERT", lib.ERR_LIB_SSL, 381),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_FATAL", lib.ERR_LIB_SSL, 256),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PARAMETERS", lib.ERR_LIB_SSL, 290),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_PSK_KEX_MODES_EXTENSION", lib.ERR_LIB_SSL, 310),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_RSA_CERTIFICATE", lib.ERR_LIB_SSL, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_RSA_ENCRYPTING_CERT", lib.ERR_LIB_SSL, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_RSA_SIGNING_CERT", lib.ERR_LIB_SSL, 170),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SIGALGS_EXTENSION", lib.ERR_LIB_SSL, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SIGNING_CERT", lib.ERR_LIB_SSL, 221),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SRP_PARAM", lib.ERR_LIB_SSL, 358),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_SUPPORTED_GROUPS_EXTENSION", lib.ERR_LIB_SSL, 209),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_TMP_DH_KEY", lib.ERR_LIB_SSL, 171),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_TMP_ECDH_KEY", lib.ERR_LIB_SSL, 311),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MIXED_HANDSHAKE_AND_NON_HANDSHAKE_DATA", lib.ERR_LIB_SSL, 293),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_ON_RECORD_BOUNDARY", lib.ERR_LIB_SSL, 182),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_REPLACING_CERTIFICATE", lib.ERR_LIB_SSL, 289),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NOT_SERVER", lib.ERR_LIB_SSL, 284),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_APPLICATION_PROTOCOL", lib.ERR_LIB_SSL, 235),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERTIFICATES_RETURNED", lib.ERR_LIB_SSL, 176),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERTIFICATE_ASSIGNED", lib.ERR_LIB_SSL, 177),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERTIFICATE_SET", lib.ERR_LIB_SSL, 179),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CHANGE_FOLLOWING_HRR", lib.ERR_LIB_SSL, 214),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CIPHERS_AVAILABLE", lib.ERR_LIB_SSL, 181),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CIPHERS_SPECIFIED", lib.ERR_LIB_SSL, 183),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CIPHER_MATCH", lib.ERR_LIB_SSL, 185),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CLIENT_CERT_METHOD", lib.ERR_LIB_SSL, 331),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_COMPRESSION_SPECIFIED", lib.ERR_LIB_SSL, 187),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_COOKIE_CALLBACK_SET", lib.ERR_LIB_SSL, 287),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_GOST_CERTIFICATE_SENT_BY_PEER", lib.ERR_LIB_SSL, 330),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_METHOD_SPECIFIED", lib.ERR_LIB_SSL, 188),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PEM_EXTENSIONS", lib.ERR_LIB_SSL, 389),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PRIVATE_KEY_ASSIGNED", lib.ERR_LIB_SSL, 190),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PROTOCOLS_AVAILABLE", lib.ERR_LIB_SSL, 191),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_RENEGOTIATION", lib.ERR_LIB_SSL, 339),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_REQUIRED_DIGEST", lib.ERR_LIB_SSL, 324),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SHARED_CIPHER", lib.ERR_LIB_SSL, 193),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SHARED_GROUPS", lib.ERR_LIB_SSL, 410),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SHARED_SIGNATURE_ALGORITHMS", lib.ERR_LIB_SSL, 376),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SRTP_PROFILES", lib.ERR_LIB_SSL, 359),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUITABLE_DIGEST_ALGORITHM", lib.ERR_LIB_SSL, 297),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUITABLE_GROUPS", lib.ERR_LIB_SSL, 295),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUITABLE_KEY_SHARE", lib.ERR_LIB_SSL, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUITABLE_SIGNATURE_ALGORITHM", lib.ERR_LIB_SSL, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_VALID_SCTS", lib.ERR_LIB_SSL, 216),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_VERIFY_COOKIE_CALLBACK", lib.ERR_LIB_SSL, 403),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_SSL_CTX", lib.ERR_LIB_SSL, 195),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NULL_SSL_METHOD_PASSED", lib.ERR_LIB_SSL, 196),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OCSP_CALLBACK_FAILURE", lib.ERR_LIB_SSL, 305),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OLD_SESSION_CIPHER_NOT_RETURNED", lib.ERR_LIB_SSL, 197),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OLD_SESSION_COMPRESSION_ALGORITHM_NOT_RETURNED", lib.ERR_LIB_SSL, 344),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OVERFLOW_ERROR", lib.ERR_LIB_SSL, 237),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PACKET_LENGTH_TOO_LONG", lib.ERR_LIB_SSL, 198),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PARSE_TLSEXT", lib.ERR_LIB_SSL, 227),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PATH_TOO_LONG", lib.ERR_LIB_SSL, 270),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEER_DID_NOT_RETURN_A_CERTIFICATE", lib.ERR_LIB_SSL, 199),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEM_NAME_BAD_PREFIX", lib.ERR_LIB_SSL, 391),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PEM_NAME_TOO_SHORT", lib.ERR_LIB_SSL, 392),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PIPELINE_FAILURE", lib.ERR_LIB_SSL, 406),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POST_HANDSHAKE_AUTH_ENCODING_ERR", lib.ERR_LIB_SSL, 278),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_MISMATCH", lib.ERR_LIB_SSL, 288),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROTOCOL_IS_SHUTDOWN", lib.ERR_LIB_SSL, 207),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PSK_IDENTITY_NOT_FOUND", lib.ERR_LIB_SSL, 223),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PSK_NO_CLIENT_CB", lib.ERR_LIB_SSL, 224),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PSK_NO_SERVER_CB", lib.ERR_LIB_SSL, 225),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("READ_BIO_NOT_SET", lib.ERR_LIB_SSL, 211),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("READ_TIMEOUT_EXPIRED", lib.ERR_LIB_SSL, 312),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECORD_LENGTH_MISMATCH", lib.ERR_LIB_SSL, 213),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RECORD_TOO_SMALL", lib.ERR_LIB_SSL, 298),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RENEGOTIATE_EXT_TOO_LONG", lib.ERR_LIB_SSL, 335),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RENEGOTIATION_ENCODING_ERR", lib.ERR_LIB_SSL, 336),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RENEGOTIATION_MISMATCH", lib.ERR_LIB_SSL, 337),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_PENDING", lib.ERR_LIB_SSL, 285),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUEST_SENT", lib.ERR_LIB_SSL, 286),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUIRED_CIPHER_MISSING", lib.ERR_LIB_SSL, 215),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("REQUIRED_COMPRESSION_ALGORITHM_MISSING", lib.ERR_LIB_SSL, 342),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCSV_RECEIVED_WHEN_RENEGOTIATING", lib.ERR_LIB_SSL, 345),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SCT_VERIFICATION_FAILED", lib.ERR_LIB_SSL, 208),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SERVERHELLO_TLSEXT", lib.ERR_LIB_SSL, 275),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SESSION_ID_CONTEXT_UNINITIALIZED", lib.ERR_LIB_SSL, 277),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHUTDOWN_WHILE_IN_INIT", lib.ERR_LIB_SSL, 407),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNATURE_ALGORITHMS_ERROR", lib.ERR_LIB_SSL, 360),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNATURE_FOR_NON_SIGNING_CERTIFICATE", lib.ERR_LIB_SSL, 220),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SRP_A_CALC", lib.ERR_LIB_SSL, 361),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SRTP_COULD_NOT_ALLOCATE_PROFILES", lib.ERR_LIB_SSL, 362),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SRTP_PROTECTION_PROFILE_LIST_TOO_LONG", lib.ERR_LIB_SSL, 363),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SRTP_UNKNOWN_PROTECTION_PROFILE", lib.ERR_LIB_SSL, 364),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL3_EXT_INVALID_MAX_FRAGMENT_LENGTH", lib.ERR_LIB_SSL, 232),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL3_EXT_INVALID_SERVERNAME", lib.ERR_LIB_SSL, 319),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL3_EXT_INVALID_SERVERNAME_TYPE", lib.ERR_LIB_SSL, 320),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL3_SESSION_ID_TOO_LONG", lib.ERR_LIB_SSL, 300),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_BAD_CERTIFICATE", lib.ERR_LIB_SSL, 1042),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_BAD_RECORD_MAC", lib.ERR_LIB_SSL, 1020),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_CERTIFICATE_EXPIRED", lib.ERR_LIB_SSL, 1045),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_CERTIFICATE_REVOKED", lib.ERR_LIB_SSL, 1044),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_CERTIFICATE_UNKNOWN", lib.ERR_LIB_SSL, 1046),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_DECOMPRESSION_FAILURE", lib.ERR_LIB_SSL, 1030),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 1040),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_ILLEGAL_PARAMETER", lib.ERR_LIB_SSL, 1047),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_NO_CERTIFICATE", lib.ERR_LIB_SSL, 1041),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 1010),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSLV3_ALERT_UNSUPPORTED_CERTIFICATE", lib.ERR_LIB_SSL, 1043),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_COMMAND_SECTION_EMPTY", lib.ERR_LIB_SSL, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_COMMAND_SECTION_NOT_FOUND", lib.ERR_LIB_SSL, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION", lib.ERR_LIB_SSL, 228),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_HANDSHAKE_FAILURE", lib.ERR_LIB_SSL, 229),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_LIBRARY_HAS_NO_CIPHERS", lib.ERR_LIB_SSL, 230),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_NEGATIVE_LENGTH", lib.ERR_LIB_SSL, 372),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SECTION_EMPTY", lib.ERR_LIB_SSL, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SECTION_NOT_FOUND", lib.ERR_LIB_SSL, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SESSION_ID_CALLBACK_FAILED", lib.ERR_LIB_SSL, 301),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SESSION_ID_CONFLICT", lib.ERR_LIB_SSL, 302),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SESSION_ID_CONTEXT_TOO_LONG", lib.ERR_LIB_SSL, 273),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SESSION_ID_HAS_BAD_LENGTH", lib.ERR_LIB_SSL, 303),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SESSION_ID_TOO_LONG", lib.ERR_LIB_SSL, 408),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SSL_SESSION_VERSION_MISMATCH", lib.ERR_LIB_SSL, 210),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("STILL_IN_INIT", lib.ERR_LIB_SSL, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV13_ALERT_CERTIFICATE_REQUIRED", lib.ERR_LIB_SSL, 1116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV13_ALERT_MISSING_EXTENSION", lib.ERR_LIB_SSL, 1109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_ACCESS_DENIED", lib.ERR_LIB_SSL, 1049),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_DECODE_ERROR", lib.ERR_LIB_SSL, 1050),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_DECRYPTION_FAILED", lib.ERR_LIB_SSL, 1021),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_DECRYPT_ERROR", lib.ERR_LIB_SSL, 1051),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_EXPORT_RESTRICTION", lib.ERR_LIB_SSL, 1060),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_INAPPROPRIATE_FALLBACK", lib.ERR_LIB_SSL, 1086),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_INSUFFICIENT_SECURITY", lib.ERR_LIB_SSL, 1071),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_INTERNAL_ERROR", lib.ERR_LIB_SSL, 1080),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_NO_RENEGOTIATION", lib.ERR_LIB_SSL, 1100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_PROTOCOL_VERSION", lib.ERR_LIB_SSL, 1070),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_RECORD_OVERFLOW", lib.ERR_LIB_SSL, 1022),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_UNKNOWN_CA", lib.ERR_LIB_SSL, 1048),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_ALERT_USER_CANCELLED", lib.ERR_LIB_SSL, 1090),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_BAD_CERTIFICATE_HASH_VALUE", lib.ERR_LIB_SSL, 1114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_BAD_CERTIFICATE_STATUS_RESPONSE", lib.ERR_LIB_SSL, 1113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_CERTIFICATE_UNOBTAINABLE", lib.ERR_LIB_SSL, 1111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_UNRECOGNIZED_NAME", lib.ERR_LIB_SSL, 1112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLSV1_UNSUPPORTED_EXTENSION", lib.ERR_LIB_SSL, 1110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLS_ILLEGAL_EXPORTER_LABEL", lib.ERR_LIB_SSL, 367),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TLS_INVALID_ECPOINTFORMAT_LIST", lib.ERR_LIB_SSL, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_KEY_UPDATES", lib.ERR_LIB_SSL, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MANY_WARN_ALERTS", lib.ERR_LIB_SSL, 409),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOO_MUCH_EARLY_DATA", lib.ERR_LIB_SSL, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_ECDH_PARAMETERS", lib.ERR_LIB_SSL, 314),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS", lib.ERR_LIB_SSL, 239),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LOAD_SSL3_MD5_ROUTINES", lib.ERR_LIB_SSL, 242),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_LOAD_SSL3_SHA1_ROUTINES", lib.ERR_LIB_SSL, 243),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_CCS_MESSAGE", lib.ERR_LIB_SSL, 262),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_END_OF_EARLY_DATA", lib.ERR_LIB_SSL, 178),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_EOF_WHILE_READING", lib.ERR_LIB_SSL, 294),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_MESSAGE", lib.ERR_LIB_SSL, 244),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNEXPECTED_RECORD", lib.ERR_LIB_SSL, 245),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNINITIALIZED", lib.ERR_LIB_SSL, 276),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_ALERT_TYPE", lib.ERR_LIB_SSL, 246),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 247),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CIPHER_RETURNED", lib.ERR_LIB_SSL, 248),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CIPHER_TYPE", lib.ERR_LIB_SSL, 249),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CMD_NAME", lib.ERR_LIB_SSL, 386),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_COMMAND", lib.ERR_LIB_SSL, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_DIGEST", lib.ERR_LIB_SSL, 368),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_KEY_EXCHANGE_TYPE", lib.ERR_LIB_SSL, 250),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PKEY_TYPE", lib.ERR_LIB_SSL, 251),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PROTOCOL", lib.ERR_LIB_SSL, 252),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_SSL_VERSION", lib.ERR_LIB_SSL, 254),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_STATE", lib.ERR_LIB_SSL, 255),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSAFE_LEGACY_RENEGOTIATION_DISABLED", lib.ERR_LIB_SSL, 338),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSOLICITED_EXTENSION", lib.ERR_LIB_SSL, 217),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_COMPRESSION_ALGORITHM", lib.ERR_LIB_SSL, 257),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ELLIPTIC_CURVE", lib.ERR_LIB_SSL, 315),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_PROTOCOL", lib.ERR_LIB_SSL, 258),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_SSL_VERSION", lib.ERR_LIB_SSL, 259),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_STATUS_TYPE", lib.ERR_LIB_SSL, 329),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("USE_SRTP_NOT_NEGOTIATED", lib.ERR_LIB_SSL, 369),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VERSION_TOO_HIGH", lib.ERR_LIB_SSL, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VERSION_TOO_LOW", lib.ERR_LIB_SSL, 396),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CERTIFICATE_TYPE", lib.ERR_LIB_SSL, 383),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CIPHER_RETURNED", lib.ERR_LIB_SSL, 261),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CURVE", lib.ERR_LIB_SSL, 378),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_SIGNATURE_LENGTH", lib.ERR_LIB_SSL, 264),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_SIGNATURE_SIZE", lib.ERR_LIB_SSL, 265),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_SIGNATURE_TYPE", lib.ERR_LIB_SSL, 370),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_SSL_VERSION", lib.ERR_LIB_SSL, 266),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_VERSION_NUMBER", lib.ERR_LIB_SSL, 267),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("X509_LIB", lib.ERR_LIB_SSL, 268),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("X509_VERIFICATION_SETUP_PROBLEMS", lib.ERR_LIB_SSL, 269),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_PKCS7_TYPE", lib.ERR_LIB_TS, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_TYPE", lib.ERR_LIB_TS, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_LOAD_CERT", lib.ERR_LIB_TS, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANNOT_LOAD_KEY", lib.ERR_LIB_TS, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_VERIFY_ERROR", lib.ERR_LIB_TS, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COULD_NOT_SET_ENGINE", lib.ERR_LIB_TS, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COULD_NOT_SET_TIME", lib.ERR_LIB_TS, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DETACHED_CONTENT", lib.ERR_LIB_TS, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_ADD_SIGNING_CERT_ERROR", lib.ERR_LIB_TS, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_ADD_SIGNING_CERT_V2_ERROR", lib.ERR_LIB_TS, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ESS_SIGNING_CERTIFICATE_ERROR", lib.ERR_LIB_TS, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_POINTER", lib.ERR_LIB_TS, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SIGNER_CERTIFICATE_PURPOSE", lib.ERR_LIB_TS, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MESSAGE_IMPRINT_MISMATCH", lib.ERR_LIB_TS, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NONCE_MISMATCH", lib.ERR_LIB_TS, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NONCE_NOT_RETURNED", lib.ERR_LIB_TS, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONTENT", lib.ERR_LIB_TS, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_TIME_STAMP_TOKEN", lib.ERR_LIB_TS, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7_ADD_SIGNATURE_ERROR", lib.ERR_LIB_TS, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7_ADD_SIGNED_ATTR_ERROR", lib.ERR_LIB_TS, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PKCS7_TO_TS_TST_INFO_FAILED", lib.ERR_LIB_TS, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POLICY_MISMATCH", lib.ERR_LIB_TS, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE", lib.ERR_LIB_TS, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESPONSE_SETUP_ERROR", lib.ERR_LIB_TS, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SIGNATURE_FAILURE", lib.ERR_LIB_TS, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("THERE_MUST_BE_ONE_SIGNER", lib.ERR_LIB_TS, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TIME_SYSCALL_ERROR", lib.ERR_LIB_TS, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOKEN_NOT_PRESENT", lib.ERR_LIB_TS, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TOKEN_PRESENT", lib.ERR_LIB_TS, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TSA_NAME_MISMATCH", lib.ERR_LIB_TS, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TSA_UNTRUSTED", lib.ERR_LIB_TS, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TST_INFO_SETUP_ERROR", lib.ERR_LIB_TS, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("TS_DATASIGN", lib.ERR_LIB_TS, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNACCEPTABLE_POLICY", lib.ERR_LIB_TS, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_MD_ALGORITHM", lib.ERR_LIB_TS, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_VERSION", lib.ERR_LIB_TS, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VAR_BAD_VALUE", lib.ERR_LIB_TS, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("VAR_LOOKUP_FAILURE", lib.ERR_LIB_TS, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_CONTENT_TYPE", lib.ERR_LIB_TS, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("COMMON_OK_AND_CANCEL_CHARACTERS", lib.ERR_LIB_UI, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INDEX_TOO_LARGE", lib.ERR_LIB_UI, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INDEX_TOO_SMALL", lib.ERR_LIB_UI, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_RESULT_BUFFER", lib.ERR_LIB_UI, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PROCESSING_ERROR", lib.ERR_LIB_UI, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESULT_TOO_LARGE", lib.ERR_LIB_UI, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("RESULT_TOO_SMALL", lib.ERR_LIB_UI, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SYSASSIGN_ERROR", lib.ERR_LIB_UI, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SYSDASSGN_ERROR", lib.ERR_LIB_UI, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SYSQIOW_ERROR", lib.ERR_LIB_UI, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_CONTROL_COMMAND", lib.ERR_LIB_UI, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_TTYGET_ERRNO_VALUE", lib.ERR_LIB_UI, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("USER_DATA_DUPLICATION_UNSUPPORTED", lib.ERR_LIB_UI, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_IP_ADDRESS", lib.ERR_LIB_X509V3, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_OBJECT", lib.ERR_LIB_X509V3, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_DEC2BN_ERROR", lib.ERR_LIB_X509V3, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BN_TO_ASN1_INTEGER_ERROR", lib.ERR_LIB_X509V3, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DIRNAME_ERROR", lib.ERR_LIB_X509V3, 149),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DISTPOINT_ALREADY_SET", lib.ERR_LIB_X509V3, 160),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("DUPLICATE_ZONE_ID", lib.ERR_LIB_X509V3, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EMPTY_KEY_USAGE", lib.ERR_LIB_X509V3, 169),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CONVERTING_ZONE", lib.ERR_LIB_X509V3, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_CREATING_EXTENSION", lib.ERR_LIB_X509V3, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_IN_EXTENSION", lib.ERR_LIB_X509V3, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXPECTED_A_SECTION_NAME", lib.ERR_LIB_X509V3, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTENSION_EXISTS", lib.ERR_LIB_X509V3, 145),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTENSION_NAME_ERROR", lib.ERR_LIB_X509V3, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTENSION_NOT_FOUND", lib.ERR_LIB_X509V3, 102),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTENSION_SETTING_NOT_SUPPORTED", lib.ERR_LIB_X509V3, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("EXTENSION_VALUE_ERROR", lib.ERR_LIB_X509V3, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ILLEGAL_EMPTY_EXTENSION", lib.ERR_LIB_X509V3, 151),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INCORRECT_POLICY_SYNTAX_TAG", lib.ERR_LIB_X509V3, 152),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ASNUMBER", lib.ERR_LIB_X509V3, 162),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ASRANGE", lib.ERR_LIB_X509V3, 163),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_BOOLEAN_STRING", lib.ERR_LIB_X509V3, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_CERTIFICATE", lib.ERR_LIB_X509V3, 158),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_EMPTY_NAME", lib.ERR_LIB_X509V3, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_EXTENSION_STRING", lib.ERR_LIB_X509V3, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_INHERITANCE", lib.ERR_LIB_X509V3, 165),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_IPADDRESS", lib.ERR_LIB_X509V3, 166),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_MULTIPLE_RDNS", lib.ERR_LIB_X509V3, 161),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NAME", lib.ERR_LIB_X509V3, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_ARGUMENT", lib.ERR_LIB_X509V3, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NULL_VALUE", lib.ERR_LIB_X509V3, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NUMBER", lib.ERR_LIB_X509V3, 140),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_NUMBERS", lib.ERR_LIB_X509V3, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OBJECT_IDENTIFIER", lib.ERR_LIB_X509V3, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_OPTION", lib.ERR_LIB_X509V3, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_POLICY_IDENTIFIER", lib.ERR_LIB_X509V3, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PROXY_POLICY_SETTING", lib.ERR_LIB_X509V3, 153),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_PURPOSE", lib.ERR_LIB_X509V3, 146),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SAFI", lib.ERR_LIB_X509V3, 164),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SECTION", lib.ERR_LIB_X509V3, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_SYNTAX", lib.ERR_LIB_X509V3, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ISSUER_DECODE_ERROR", lib.ERR_LIB_X509V3, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("MISSING_VALUE", lib.ERR_LIB_X509V3, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NEED_ORGANIZATION_AND_NUMBERS", lib.ERR_LIB_X509V3, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NEGATIVE_PATHLEN", lib.ERR_LIB_X509V3, 168),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CONFIG_DATABASE", lib.ERR_LIB_X509V3, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_ISSUER_CERTIFICATE", lib.ERR_LIB_X509V3, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_ISSUER_DETAILS", lib.ERR_LIB_X509V3, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_POLICY_IDENTIFIER", lib.ERR_LIB_X509V3, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PROXY_CERT_POLICY_LANGUAGE_DEFINED", lib.ERR_LIB_X509V3, 154),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_PUBLIC_KEY", lib.ERR_LIB_X509V3, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_SUBJECT_DETAILS", lib.ERR_LIB_X509V3, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OPERATION_NOT_DEFINED", lib.ERR_LIB_X509V3, 148),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("OTHERNAME_ERROR", lib.ERR_LIB_X509V3, 147),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POLICY_LANGUAGE_ALREADY_DEFINED", lib.ERR_LIB_X509V3, 155),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POLICY_PATH_LENGTH", lib.ERR_LIB_X509V3, 156),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POLICY_PATH_LENGTH_ALREADY_DEFINED", lib.ERR_LIB_X509V3, 157),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("POLICY_WHEN_PROXY_LANGUAGE_REQUIRES_NO_POLICY", lib.ERR_LIB_X509V3, 159),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SECTION_NOT_FOUND", lib.ERR_LIB_X509V3, 150),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_ISSUER_DETAILS", lib.ERR_LIB_X509V3, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_ISSUER_KEYID", lib.ERR_LIB_X509V3, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_BIT_STRING_ARGUMENT", lib.ERR_LIB_X509V3, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_EXTENSION", lib.ERR_LIB_X509V3, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_EXTENSION_NAME", lib.ERR_LIB_X509V3, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_OPTION", lib.ERR_LIB_X509V3, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_OPTION", lib.ERR_LIB_X509V3, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_TYPE", lib.ERR_LIB_X509V3, 167),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("USER_TOO_LONG", lib.ERR_LIB_X509V3, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("AKID_MISMATCH", lib.ERR_LIB_X509, 110),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_SELECTOR", lib.ERR_LIB_X509, 133),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BAD_X509_FILETYPE", lib.ERR_LIB_X509, 100),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("BASE64_DECODE_ERROR", lib.ERR_LIB_X509, 118),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CANT_CHECK_DH_KEY", lib.ERR_LIB_X509, 114),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERTIFICATE_VERIFICATION_FAILED", lib.ERR_LIB_X509, 139),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CERT_ALREADY_IN_HASH_TABLE", lib.ERR_LIB_X509, 101),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CRL_ALREADY_DELTA", lib.ERR_LIB_X509, 127),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("CRL_VERIFY_FAILURE", lib.ERR_LIB_X509, 131),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_GETTING_MD_BY_NID", lib.ERR_LIB_X509, 141),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ERROR_USING_SIGINF_SET", lib.ERR_LIB_X509, 142),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("IDP_MISMATCH", lib.ERR_LIB_X509, 128),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_ATTRIBUTES", lib.ERR_LIB_X509, 138),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DIRECTORY", lib.ERR_LIB_X509, 113),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_DISTPOINT", lib.ERR_LIB_X509, 143),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_FIELD_NAME", lib.ERR_LIB_X509, 119),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("INVALID_TRUST", lib.ERR_LIB_X509, 123),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("ISSUER_MISMATCH", lib.ERR_LIB_X509, 129),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_TYPE_MISMATCH", lib.ERR_LIB_X509, 115),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("KEY_VALUES_MISMATCH", lib.ERR_LIB_X509, 116),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOADING_CERT_DIR", lib.ERR_LIB_X509, 103),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("LOADING_DEFAULTS", lib.ERR_LIB_X509, 104),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("METHOD_NOT_SUPPORTED", lib.ERR_LIB_X509, 124),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NAME_TOO_LONG", lib.ERR_LIB_X509, 134),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NEWER_CRL_NOT_NEWER", lib.ERR_LIB_X509, 132),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERTIFICATE_FOUND", lib.ERR_LIB_X509, 135),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERTIFICATE_OR_CRL_FOUND", lib.ERR_LIB_X509, 136),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CERT_SET_FOR_US_TO_VERIFY", lib.ERR_LIB_X509, 105),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CRL_FOUND", lib.ERR_LIB_X509, 137),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("NO_CRL_NUMBER", lib.ERR_LIB_X509, 130),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PUBLIC_KEY_DECODE_ERROR", lib.ERR_LIB_X509, 125),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("PUBLIC_KEY_ENCODE_ERROR", lib.ERR_LIB_X509, 126),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("SHOULD_RETRY", lib.ERR_LIB_X509, 106),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_FIND_PARAMETERS_IN_CHAIN", lib.ERR_LIB_X509, 107),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNABLE_TO_GET_CERTS_PUBLIC_KEY", lib.ERR_LIB_X509, 108),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_KEY_TYPE", lib.ERR_LIB_X509, 117),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_NID", lib.ERR_LIB_X509, 109),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_PURPOSE_ID", lib.ERR_LIB_X509, 121),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_SIGID_ALGS", lib.ERR_LIB_X509, 144),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNKNOWN_TRUST_ID", lib.ERR_LIB_X509, 120),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("UNSUPPORTED_ALGORITHM", lib.ERR_LIB_X509, 111),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_LOOKUP_TYPE", lib.ERR_LIB_X509, 112),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ("WRONG_TYPE", lib.ERR_LIB_X509, 122),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/__init__.py lib_pypy/_cffi_ssl/cryptography/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,16 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.__about__ import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __author__, __copyright__, __email__, __license__, __summary__, __title__,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __uri__, __version__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--__all__ = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "__title__", "__summary__", "__uri__", "__version__", "__author__",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "__email__", "__license__", "__copyright__",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/exceptions.py lib_pypy/_cffi_ssl/cryptography/exceptions.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/exceptions.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,58 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Reasons(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BACKEND_MISSING_INTERFACE = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_HASH = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_CIPHER = 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_PADDING = 3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_MGF = 4
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_PUBLIC_KEY_ALGORITHM = 5
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_ELLIPTIC_CURVE = 6
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_SERIALIZATION = 7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_X509 = 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_EXCHANGE_ALGORITHM = 9
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_DIFFIE_HELLMAN = 10
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNSUPPORTED_MAC = 11
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class UnsupportedAlgorithm(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, message, reason=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- super(UnsupportedAlgorithm, self).__init__(message)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._reason = reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AlreadyFinalized(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AlreadyUpdated(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class NotYetFinalized(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidTag(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidSignature(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InternalError(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, msg, err_code):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- super(InternalError, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.err_code = err_code
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidKey(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/fernet.py lib_pypy/_cffi_ssl/cryptography/fernet.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/fernet.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,171 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import base64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import binascii
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends import default_backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes, padding
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.hmac import HMAC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidToken(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_MAX_CLOCK_SKEW = 60
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Fernet(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key, backend=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if backend is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend = default_backend()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = base64.urlsafe_b64decode(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) != 32:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Fernet key must be 32 url-safe base64-encoded bytes."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signing_key = key[:16]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._encryption_key = key[16:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_key(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return base64.urlsafe_b64encode(os.urandom(32))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- current_time = int(time.time())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv = os.urandom(16)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._encrypt_from_parts(data, current_time, iv)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _encrypt_from_parts(self, data, current_time, iv):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padder = padding.PKCS7(algorithms.AES.block_size).padder()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padded_data = padder.update(data) + padder.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryptor = Cipher(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithms.AES(self._encryption_key), modes.CBC(iv), self._backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).encryptor()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ciphertext = encryptor.update(padded_data) + encryptor.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic_parts = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b"\x80" + struct.pack(">Q", current_time) + iv + ciphertext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(basic_parts)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hmac = h.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return base64.urlsafe_b64encode(basic_parts + hmac)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, token, ttl=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- timestamp, data = Fernet._get_unverified_token_data(token)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._decrypt_data(data, timestamp, ttl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extract_timestamp(self, token):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- timestamp, data = Fernet._get_unverified_token_data(token)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Verify the token was not tampered with.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._verify_signature(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return timestamp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @staticmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _get_unverified_token_data(token):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("token", token)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = base64.urlsafe_b64decode(token)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except (TypeError, binascii.Error):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not data or six.indexbytes(data, 0) != 0x80:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- timestamp, = struct.unpack(">Q", data[1:9])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except struct.error:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return timestamp, data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _verify_signature(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = HMAC(self._signing_key, hashes.SHA256(), backend=self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(data[:-32])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.verify(data[-32:])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except InvalidSignature:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _decrypt_data(self, data, timestamp, ttl):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- current_time = int(time.time())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ttl is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if timestamp + ttl < current_time:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if current_time + _MAX_CLOCK_SKEW < timestamp:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._verify_signature(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv = data[9:25]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ciphertext = data[25:-32]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decryptor = Cipher(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithms.AES(self._encryption_key), modes.CBC(iv), self._backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).decryptor()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- plaintext_padded = decryptor.update(ciphertext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- plaintext_padded += decryptor.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except ValueError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unpadded = unpadder.update(plaintext_padded)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unpadded += unpadder.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except ValueError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return unpadded
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class MultiFernet(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, fernets):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fernets = list(fernets)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not fernets:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "MultiFernet requires at least one Fernet instance"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._fernets = fernets
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, msg):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._fernets[0].encrypt(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rotate(self, msg):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- timestamp, data = Fernet._get_unverified_token_data(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for f in self._fernets:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = f._decrypt_data(data, timestamp, None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- break
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except InvalidToken:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv = os.urandom(16)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._fernets[0]._encrypt_from_parts(p, timestamp, iv)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, msg, ttl=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for f in self._fernets:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return f.decrypt(msg, ttl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except InvalidToken:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,11 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--Hazardous Materials
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--This is a "Hazardous Materials" module. You should ONLY use it if you're
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--100% absolutely sure that you know what you're doing because this module
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--is full of land mines, dragons, and dinosaurs with laser guns.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/_oid.py lib_pypy/_cffi_ssl/cryptography/hazmat/_oid.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/_oid.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,67 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ObjectIdentifier(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, dotted_string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dotted_string = dotted_string
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nodes = self._dotted_string.split(".")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- intnodes = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # There must be at least 2 nodes, the first node must be 0..2, and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # if less than 2, the second node cannot have a value outside the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # range 0..39. All nodes must be integers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for node in nodes:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- intnodes.append(int(node, 0))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except ValueError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Malformed OID: %s (non-integer nodes)" % (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(nodes) < 2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Malformed OID: %s (insufficient number of nodes)" % (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if intnodes[0] > 2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Malformed OID: %s (first node outside valid range)" % (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if intnodes[0] < 2 and intnodes[1] >= 40:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Malformed OID: %s (second node outside valid range)" % (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dotted_string))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.dotted_string == other.dotted_string
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<ObjectIdentifier(oid={}, name={})>".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.dotted_string,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.dotted_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Lazy import to avoid an import cycle
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.x509.oid import _OID_NAMES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OID_NAMES.get(self, "Unknown OID")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dotted_string = utils.read_only_property("_dotted_string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,18 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_default_backend = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def default_backend():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- global _default_backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if _default_backend is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _default_backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _default_backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/interfaces.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/interfaces.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/interfaces.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,395 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CipherBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def cipher_supported(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return True if the given cipher and mode are supported.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_symmetric_encryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Get a CipherContext that can be used for encryption.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_symmetric_decryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Get a CipherContext that can be used for decryption.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HashBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return True if the hash algorithm is supported by this backend.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_hash_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create a HashContext for calculating a message digest.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HMACBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return True if the hash algorithm is supported for HMAC by this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_hmac_ctx(self, key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create a context for calculating a message authentication code.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CMACBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def cmac_algorithm_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns True if the block cipher is supported for CMAC by this backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_cmac_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create a context for calculating a message authentication code.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PBKDF2HMACBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def pbkdf2_hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return True if the hash algorithm is supported for PBKDF2 by this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return length bytes derived from provided PBKDF2 parameters.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RSABackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_rsa_private_key(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate an RSAPrivateKey instance with public_exponent and a modulus
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- of key_size bits.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rsa_padding_supported(self, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns True if the backend supports the given padding options.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_rsa_parameters_supported(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns True if the backend supports the given parameters for key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generation.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_rsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an RSAPrivateKey provider.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_rsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an RSAPublicKey provider.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSABackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dsa_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a DSAParameters instance with a modulus of key_size bits.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dsa_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a DSAPrivateKey instance with parameters as a DSAParameters
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dsa_private_key_and_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a DSAPrivateKey instance using key size only.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dsa_hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return True if the hash algorithm is supported by the backend for DSA.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dsa_parameters_supported(self, p, q, g):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return True if the parameters are supported by the backend for DSA.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DSAPrivateKey provider.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DSAPublicKey provider.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dsa_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DSAParameters provider.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurveBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def elliptic_curve_signature_algorithm_supported(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self, signature_algorithm, curve
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns True if the backend supports the named elliptic curve with the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- specified signature algorithm.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def elliptic_curve_supported(self, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns True if the backend supports the named elliptic curve.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_elliptic_curve_private_key(self, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return an object conforming to the EllipticCurvePrivateKey interface.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_elliptic_curve_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return an EllipticCurvePublicKey provider using the given numbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_elliptic_curve_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return an EllipticCurvePrivateKey provider using the given numbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns whether the exchange algorithm is supported by this backend.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive_elliptic_curve_private_key(self, private_value, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Compute the private key given the private value and curve.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PEMSerializationBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Loads a private key from PEM encoded data, using the provided password
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if the data is encrypted.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Loads a public key from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load encryption parameters from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DERSerializationBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Loads a private key from DER encoded data. Uses the provided password
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if the data is encrypted.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Loads a public key from DER encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load encryption parameters from DER encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class X509Backend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load an X.509 certificate from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load an X.509 certificate from DER encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load an X.509 CSR from DER encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load an X.509 CSR from PEM encoded data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_csr(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create and sign an X.509 CSR from a CSR builder object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_certificate(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create and sign an X.509 certificate from a CertificateBuilder object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_crl(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create and sign an X.509 CertificateRevocationList from a
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CertificateRevocationListBuilder object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_revoked_certificate(self, builder):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create a RevokedCertificate object from a RevokedCertificateBuilder
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x509_name_bytes(self, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Compute the DER encoded bytes of an X509 Name object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dh_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a DHParameters instance with a modulus of key_size bits.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Using the given generator. Often 2 or 5.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dh_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a DHPrivateKey instance with parameters as a DHParameters
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dh_private_key_and_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a DHPrivateKey instance using key size only.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Using the given generator. Often 2 or 5.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dh_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load a DHPrivateKey from DHPrivateNumbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dh_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load a DHPublicKey from DHPublicNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dh_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Load DHParameters from DHParameterNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dh_parameters_supported(self, p, g, q=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns whether the backend supports DH with these parameter values.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dh_x942_serialization_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns True if the backend supports the serialization of DH objects
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with subgroup order (q).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ScryptBackend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive_scrypt(self, key_material, salt, length, n, r, p):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return bytes derived from provided Scrypt parameters.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,10 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--__all__ = ["backend"]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/aead.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/aead.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/aead.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,161 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import InvalidTag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ENCRYPT = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_DECRYPT = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _aead_cipher_name(cipher):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.primitives.ciphers.aead import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AESCCM, AESGCM, ChaCha20Poly1305
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(cipher, ChaCha20Poly1305):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"chacha20-poly1305"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "aes-{}-ccm".format(len(cipher._key) * 8).encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert isinstance(cipher, AESGCM)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "aes-{}-gcm".format(len(cipher._key) * 8).encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _aead_setup(backend, cipher_name, key, nonce, tag, tag_len, operation):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher = backend._lib.EVP_get_cipherbyname(cipher_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(evp_cipher != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = backend._lib.EVP_CIPHER_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = backend._ffi.gc(ctx, backend._lib.EVP_CIPHER_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherInit_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, evp_cipher,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int(operation == _ENCRYPT)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CIPHER_CTX_set_key_length(ctx, len(key))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, backend._lib.EVP_CTRL_AEAD_SET_IVLEN, len(nonce),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if operation == _DECRYPT:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, backend._lib.EVP_CTRL_AEAD_SET_TAG, len(tag), tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, backend._lib.EVP_CTRL_AEAD_SET_TAG, tag_len, backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce_ptr = backend._ffi.from_buffer(nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_ptr = backend._ffi.from_buffer(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherInit_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_ptr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce_ptr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int(operation == _ENCRYPT)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _set_length(backend, ctx, data_len):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- intptr = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- intptr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_len
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _process_aad(backend, ctx, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, backend._ffi.NULL, outlen, associated_data, len(associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _process_data(backend, ctx, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char[]", len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherUpdate(ctx, buf, outlen, data, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf, outlen[0])[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encrypt(backend, cipher, nonce, data, associated_data, tag_length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.primitives.ciphers.aead import AESCCM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_name = _aead_cipher_name(cipher)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = _aead_setup(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, cipher_name, cipher._key, nonce, None, tag_length, _ENCRYPT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # CCM requires us to pass the length of the data before processing anything
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # However calling this with any other AEAD results in an error
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _set_length(backend, ctx, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _process_aad(backend, ctx, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- processed_data = _process_data(backend, ctx, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherFinal_ex(ctx, backend._ffi.NULL, outlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(outlen[0] == 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tag_buf = backend._ffi.new("unsigned char[]", tag_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, backend._lib.EVP_CTRL_AEAD_GET_TAG, tag_length, tag_buf
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tag = backend._ffi.buffer(tag_buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return processed_data + tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decrypt(backend, cipher, nonce, data, associated_data, tag_length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.primitives.ciphers.aead import AESCCM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) < tag_length:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tag = data[-tag_length:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = data[:-tag_length]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_name = _aead_cipher_name(cipher)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = _aead_setup(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, cipher_name, cipher._key, nonce, tag, tag_length, _DECRYPT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # CCM requires us to pass the length of the data before processing anything
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # However calling this with any other AEAD results in an error
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _set_length(backend, ctx, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _process_aad(backend, ctx, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # CCM has a different error path if the tag doesn't match. Errors are
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # raised in Update and Final is irrelevant.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(cipher, AESCCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char[]", len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherUpdate(ctx, buf, outlen, data, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- processed_data = backend._ffi.buffer(buf, outlen[0])[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- processed_data = _process_data(backend, ctx, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_CipherFinal_ex(ctx, backend._ffi.NULL, outlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return processed_data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/backend.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/backend.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/backend.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,2445 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import base64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import collections
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import contextlib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import itertools
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from contextlib import contextmanager
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import asn1crypto.core
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from six.moves import range
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CMACBackend, CipherBackend, DERSerializationBackend, DHBackend, DSABackend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PEMSerializationBackend, RSABackend, ScryptBackend, X509Backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl import aead
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.ciphers import _CipherContext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.cmac import _CMACContext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CRL_ENTRY_REASON_ENUM_TO_CODE, _Integers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.dh import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _DHParameters, _DHPrivateKey, _DHPublicKey, _dh_params_dup
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.dsa import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _DSAParameters, _DSAPrivateKey, _DSAPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.ec import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _EllipticCurvePrivateKey, _EllipticCurvePublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.ed25519 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Ed25519PrivateKey, _Ed25519PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.ed448 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _ED448_KEY_SIZE, _Ed448PrivateKey, _Ed448PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.encode_asn1 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CRL_ENTRY_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CRL_EXTENSION_ENCODE_HANDLERS, _EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _OCSP_BASICRESP_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _encode_asn1_int_gc, _encode_asn1_str_gc, _encode_name_gc, _txt2obj_gc,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.hashes import _HashContext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.hmac import _HMACContext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.ocsp import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _OCSPRequest, _OCSPResponse
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.poly1305 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _POLY1305_KEY_SIZE, _Poly1305Context
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.rsa import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _RSAPrivateKey, _RSAPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.x25519 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _X25519PrivateKey, _X25519PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.x448 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _X448PrivateKey, _X448PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.x509 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Certificate, _CertificateRevocationList,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CertificateSigningRequest, _RevokedCertificate
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.bindings.openssl import binding
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.padding import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- MGF1, OAEP, PKCS1v15, PSS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.algorithms import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AES, ARC4, Blowfish, CAST5, Camellia, ChaCha20, IDEA, SEED, TripleDES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.modes import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CBC, CFB, CFB8, CTR, ECB, GCM, OFB, XTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import scrypt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.serialization import ssh
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509 import ocsp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_MemoryBIO = collections.namedtuple("_MemoryBIO", ["bio", "char_ptr"])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CMACBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(DERSerializationBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(DHBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(DSABackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurveBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HMACBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(PBKDF2HMACBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(RSABackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(PEMSerializationBackend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(X509Backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface_if(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- binding.Binding().lib.Cryptography_HAS_SCRYPT, ScryptBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Backend(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OpenSSL API binding interfaces.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "openssl"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._binding = binding.Binding()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi = self._binding.ffi
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib = self._binding.lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cipher_registry = {}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._register_default_ciphers()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.activate_osrandom_engine()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_types = [self._lib.EVP_PKEY_DH]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_types.append(self._lib.EVP_PKEY_DHX)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def openssl_assert(self, ok):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return binding._openssl_assert(self._lib, ok)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def activate_builtin_random(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._lib.Cryptography_HAS_ENGINE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Obtain a new structural reference.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = self._lib.ENGINE_get_default_RAND()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if e != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ENGINE_unregister_RAND(e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Reset the RNG to use the new engine.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.RAND_cleanup()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # decrement the structural reference from get_default_RAND
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ENGINE_finish(e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @contextlib.contextmanager
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _get_osurandom_engine(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Fetches an engine by id and returns it. This creates a structural
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # reference.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = self._lib.ENGINE_by_id(self._lib.Cryptography_osrandom_engine_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(e != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Initialize the engine for use. This adds a functional reference.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ENGINE_init(e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield e
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Decrement the structural ref incremented by ENGINE_by_id.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ENGINE_free(e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Decrement the functional ref incremented by ENGINE_init.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ENGINE_finish(e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def activate_osrandom_engine(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._lib.Cryptography_HAS_ENGINE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Unregister and free the current engine.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.activate_builtin_random()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._get_osurandom_engine() as e:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the engine as the default RAND provider.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ENGINE_set_default_RAND(e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Reset the RNG to use the new engine.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.RAND_cleanup()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def osrandom_engine_implementation(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._ffi.new("char[]", 64)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._get_osurandom_engine() as e:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ENGINE_ctrl_cmd(e, b"get_implementation",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(buf), buf,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.string(buf).decode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def openssl_version_text(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Friendly string name of the loaded OpenSSL library. This is not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- necessarily the same version as it was compiled against.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Example: OpenSSL 1.0.1e 11 Feb 2013
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.string(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.OpenSSL_version(self._lib.OPENSSL_VERSION)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def openssl_version_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._lib.OpenSSL_version_num()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_hmac_ctx(self, key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _HMACContext(self, key, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _evp_md_from_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if algorithm.name == "blake2b" or algorithm.name == "blake2s":
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- alg = "{}{}".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm.name, algorithm.digest_size * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- alg = algorithm.name.encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._lib.EVP_get_digestbyname(alg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _evp_md_non_null_from_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_md != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_md != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.hash_supported(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_hash_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _HashContext(self, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def cipher_supported(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- adapter = self._cipher_registry[type(cipher), type(mode)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher = adapter(self, cipher, mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.NULL != evp_cipher
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def register_cipher_adapter(self, cipher_cls, mode_cls, adapter):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (cipher_cls, mode_cls) in self._cipher_registry:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Duplicate registration for: {} {}.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_cls, mode_cls)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cipher_registry[cipher_cls, mode_cls] = adapter
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _register_default_ciphers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for mode_cls in [CBC, CTR, ECB, OFB, CFB, CFB8, GCM]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("{cipher.name}-{cipher.key_size}-{mode.name}")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for mode_cls in [CBC, CTR, ECB, OFB, CFB]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Camellia,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("{cipher.name}-{cipher.key_size}-{mode.name}")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for mode_cls in [CBC, CFB, CFB8, OFB]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TripleDES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("des-ede3-{mode.name}")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TripleDES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ECB,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("des-ede3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for mode_cls in [CBC, CFB, OFB, ECB]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Blowfish,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("bf-{mode.name}")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for mode_cls in [CBC, CFB, OFB, ECB]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SEED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("seed-{mode.name}")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for cipher_cls, mode_cls in itertools.product(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- [CAST5, IDEA],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- [CBC, OFB, CFB, ECB],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode_cls,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("{cipher.name}-{mode.name}")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ARC4,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- type(None),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("rc4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ChaCha20,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- type(None),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GetCipherByName("chacha20")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.register_cipher_adapter(AES, XTS, _get_xts_cipher)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_symmetric_encryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CipherContext(self, cipher, mode, _CipherContext._ENCRYPT)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_symmetric_decryption_ctx(self, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CipherContext(self, cipher, mode, _CipherContext._DECRYPT)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def pbkdf2_hmac_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.hmac_supported(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._ffi.new("unsigned char[]", length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material_ptr = self._ffi.from_buffer(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.PKCS5_PBKDF2_HMAC(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material_ptr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(key_material),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- salt,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(salt),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iterations,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- length,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _consume_errors(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return binding._consume_errors(self._lib)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _bn_to_int(self, bn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert bn != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not six.PY2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Python 3 has constant time from_bytes, so use that.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_num_bytes = self._lib.BN_num_bytes(bn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bin_ptr = self._ffi.new("unsigned char[]", bn_num_bytes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bin_len = self._lib.BN_bn2bin(bn, bin_ptr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # A zero length means the BN has value 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bin_len >= 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = int.from_bytes(self._ffi.buffer(bin_ptr)[:bin_len], "big")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._lib.BN_is_negative(bn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = -val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Under Python 2 the best we can do is hex()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hex_cdata = self._lib.BN_bn2hex(bn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(hex_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hex_str = self._ffi.string(hex_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.OPENSSL_free(hex_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return int(hex_str, 16)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _int_to_bn(self, num, bn=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Converts a python integer to a BIGNUM. The returned BIGNUM will not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- be garbage collected (to support adding them to structs that take
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ownership of the object). Be sure to register it for GC if it will
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- be discarded after use.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert bn is None or bn != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if bn is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not six.PY2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Python 3 has constant time to_bytes, so use that.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- binary = num.to_bytes(int(num.bit_length() / 8.0 + 1), "big")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_ptr = self._lib.BN_bin2bn(binary, len(binary), bn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bn_ptr != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return bn_ptr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Under Python 2 the best we can do is hex(), [2:] removes the 0x
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # prefix.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hex_num = hex(num).rstrip("L")[2:].encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_ptr = self._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_ptr[0] = bn
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.BN_hex2bn(bn_ptr, hex_num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bn_ptr[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return bn_ptr[0]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_rsa_private_key(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa._verify_rsa_parameters(public_exponent, key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.RSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn = self._int_to_bn(public_exponent)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn = self._ffi.gc(bn, self._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.RSA_generate_key_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata, key_size, bn, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_rsa_parameters_supported(self, public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (public_exponent >= 3 and public_exponent & 1 != 0 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size >= 512)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_rsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa._check_private_key_components(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.p,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.q,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.d,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.dmp1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.dmq1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.iqmp,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.public_numbers.e,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- numbers.public_numbers.n
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.RSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- d = self._int_to_bn(numbers.d)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmp1 = self._int_to_bn(numbers.dmp1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmq1 = self._int_to_bn(numbers.dmq1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iqmp = self._int_to_bn(numbers.iqmp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = self._int_to_bn(numbers.public_numbers.e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self._int_to_bn(numbers.public_numbers.n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.RSA_set0_factors(rsa_cdata, p, q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.RSA_set0_key(rsa_cdata, n, e, d)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.RSA_set0_crt_params(rsa_cdata, dmp1, dmq1, iqmp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.RSA_blinding_on(rsa_cdata, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_rsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa._check_public_key_components(numbers.e, numbers.n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.RSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = self._int_to_bn(numbers.e)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self._int_to_bn(numbers.n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.RSA_set0_key(rsa_cdata, n, e, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_evp_pkey_gc(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _rsa_cdata_to_evp_pkey(self, rsa_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_set1_RSA(evp_pkey, rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _bytes_to_bio(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return a _MemoryBIO namedtuple of (BIO, char*).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The char* is the storage for the BIO and it must stay alive until the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BIO is finished with.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._lib.BIO_new_mem_buf(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bio != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _MemoryBIO(self._ffi.gc(bio, self._lib.BIO_free), data_ptr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_mem_bio_gc(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Creates an empty memory BIO.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio_method = self._lib.BIO_s_mem()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bio_method != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._lib.BIO_new(bio_method)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bio != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._ffi.gc(bio, self._lib.BIO_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _read_mem_bio(self, bio):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Reads a memory BIO. This only works on memory BIOs.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._ffi.new("char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf_len = self._lib.BIO_get_mem_data(bio, buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(buf_len > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(buf[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio_data = self._ffi.buffer(buf[0], buf_len)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return bio_data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _evp_pkey_to_private_key(self, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return the appropriate type of PrivateKey given an evp_pkey cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pointer.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_type = self._lib.EVP_PKEY_id(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPrivateKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == self._lib.EVP_PKEY_DSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._lib.EVP_PKEY_get1_DSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAPrivateKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == self._lib.EVP_PKEY_EC:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ec_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type in self._dh_types:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.EVP_PKEY_get1_DH(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHPrivateKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_ED25519", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_ED25519 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_X448", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_X448 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_X25519", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_X25519 is not present in OpenSSL < 1.1.0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_ED448", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_ED448 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm("Unsupported key type.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _evp_pkey_to_public_key(self, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return the appropriate type of PublicKey given an evp_pkey cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pointer.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_type = self._lib.EVP_PKEY_id(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(rsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == self._lib.EVP_PKEY_DSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._lib.EVP_PKEY_get1_DSA(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAPublicKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == self._lib.EVP_PKEY_EC:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ec_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type in self._dh_types:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.EVP_PKEY_get1_DH(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHPublicKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_ED25519", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_ED25519 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_X448", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_X448 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_X25519", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_X25519 is not present in OpenSSL < 1.1.0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == getattr(self._lib, "EVP_PKEY_ED448", None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # EVP_PKEY_X25519 is not present in OpenSSL < 1.1.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm("Unsupported key type.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _oaep_hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._lib.Cryptography_HAS_RSA_OAEP_MD:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm, (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA224,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA256,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA384,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA512,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return isinstance(algorithm, hashes.SHA1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rsa_padding_supported(self, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(padding, PKCS1v15):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(padding, PSS) and isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.hash_supported(padding._mgf._algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(padding, OAEP) and isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._oaep_hash_supported(padding._mgf._algorithm) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._oaep_hash_supported(padding._algorithm) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (padding._label is None or len(padding._label) == 0) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.Cryptography_HAS_RSA_OAEP_LABEL == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dsa_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_size not in (1024, 2048, 3072):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Key size must be 1024 or 2048 or 3072 bits.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._ffi.gc(ctx, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DSA_generate_parameters_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, key_size, self._ffi.NULL, 0,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAParameters(self, ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dsa_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._lib.DSAparams_dup(parameters._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._ffi.gc(ctx, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.DSA_generate_key(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._dsa_cdata_to_evp_pkey(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAPrivateKey(self, ctx, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dsa_private_key_and_parameters(self, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameters = self.generate_dsa_parameters(key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.generate_dsa_private_key(parameters)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _dsa_cdata_set_values(self, dsa_cdata, p, q, g, pub_key, priv_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DSA_set0_pqg(dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DSA_set0_key(dsa_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dsa_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa._check_dsa_private_numbers(numbers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = numbers.public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._int_to_bn(numbers.public_numbers.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- priv_key = self._int_to_bn(numbers.x)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata_set_values(dsa_cdata, p, q, g, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._dsa_cdata_to_evp_pkey(dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAPrivateKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dsa_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa._check_dsa_parameters(numbers.parameter_numbers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(numbers.parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(numbers.parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(numbers.parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._int_to_bn(numbers.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- priv_key = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata_set_values(dsa_cdata, p, q, g, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._dsa_cdata_to_evp_pkey(dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAPublicKey(self, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dsa_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa._check_dsa_parameters(numbers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._lib.DSA_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dsa_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(numbers.g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DSA_set0_pqg(dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAParameters(self, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _dsa_cdata_to_evp_pkey(self, dsa_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_set1_DSA(evp_pkey, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dsa_hash_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.hash_supported(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dsa_parameters_supported(self, p, q, g):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def cmac_algorithm_supported(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.cipher_supported(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm, CBC(b"\x00" * algorithm.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_cmac_ctx(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CMACContext(self, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_csr(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Algorithm must be a registered hash algorithm.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(algorithm, hashes.MD5) and not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(private_key, rsa.RSAPrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "MD5 is not a supported hash algorithm for EC/DSA CSRs"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Resolve the signature algorithm.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Create an empty request.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req = self._lib.X509_REQ_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(x509_req != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set x509 version.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REQ_set_version(x509_req, x509.Version.v1.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set subject name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REQ_set_subject_name(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req, _encode_name_gc(self, builder._subject_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set subject public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_key = private_key.public_key()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REQ_set_pubkey(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req, public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Add extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk_extension = self._lib.sk_X509_EXTENSION_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(sk_extension != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk_extension = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk_extension,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lambda x: self._lib.sk_X509_EXTENSION_pop_free(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x, self._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib._original_lib, "X509_EXTENSION_free"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Don't GC individual extensions because the memory is owned by
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # sk_extensions and will be freed along with it.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_obj=sk_extension,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func=self._lib.sk_X509_EXTENSION_insert,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gc=False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REQ_add_extensions(x509_req, sk_extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Sign the request using the requester's private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REQ_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req, private_key._evp_pkey, evp_md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_RSA,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Digest too big for RSA key")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CertificateSigningRequest(self, x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_certificate(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(builder, x509.CertificateBuilder):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Builder type mismatch.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Algorithm must be a registered hash algorithm.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(algorithm, hashes.MD5) and not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(private_key, rsa.RSAPrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "MD5 is not a supported hash algorithm for EC/DSA certificates"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Resolve the signature algorithm.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Create an empty certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_cert = self._lib.X509_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_cert = self._ffi.gc(x509_cert, backend._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the x509 version.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_set_version(x509_cert, builder._version.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the subject's name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_set_subject_name(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_cert, _encode_name_gc(self, builder._subject_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the subject's public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_set_pubkey(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_cert, builder._public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the certificate serial number.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serial_number = _encode_asn1_int_gc(self, builder._serial_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_set_serialNumber(x509_cert, serial_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the "not before" time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._set_asn1_time(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.X509_get_notBefore(x509_cert), builder._not_valid_before
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the "not after" time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._set_asn1_time(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.X509_get_notAfter(x509_cert), builder._not_valid_after
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Add extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_obj=x509_cert,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func=self._lib.X509_add_ext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gc=True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the issuer name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_set_issuer_name(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_cert, _encode_name_gc(self, builder._issuer_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Sign the certificate with the issuer's private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_cert, private_key._evp_pkey, evp_md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_RSA,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Digest too big for RSA key")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Certificate(self, x509_cert)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _set_asn1_time(self, asn1_time, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if time.year >= 2050:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_str = time.strftime('%Y%m%d%H%M%SZ').encode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_str = time.strftime('%y%m%d%H%M%SZ').encode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.ASN1_TIME_set_string(asn1_time, asn1_str)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_asn1_time(self, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._lib.ASN1_TIME_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(asn1_time != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._ffi.gc(asn1_time, self._lib.ASN1_TIME_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._set_asn1_time(asn1_time, time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return asn1_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_crl(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(builder, x509.CertificateRevocationListBuilder):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Builder type mismatch.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Algorithm must be a registered hash algorithm.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(algorithm, hashes.MD5) and not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(private_key, rsa.RSAPrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "MD5 is not a supported hash algorithm for EC/DSA CRLs"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Create an empty CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl = self._lib.X509_CRL_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl = self._ffi.gc(x509_crl, backend._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the x509 CRL version. We only support v2 (integer value 1).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_CRL_set_version(x509_crl, 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the issuer name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_CRL_set_issuer_name(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl, _encode_name_gc(self, builder._issuer_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the last update time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- last_update = self._create_asn1_time(builder._last_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_CRL_set_lastUpdate(x509_crl, last_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set the next update time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update = self._create_asn1_time(builder._next_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_CRL_set_nextUpdate(x509_crl, next_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Add extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_CRL_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_obj=x509_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func=self._lib.X509_CRL_add_ext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gc=True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # add revoked certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for revoked_cert in builder._revoked_certificates:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Duplicating because the X509_CRL takes ownership and will free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # this memory when X509_CRL_free is called.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked = self._lib.Cryptography_X509_REVOKED_dup(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked_cert._x509_revoked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(revoked != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_CRL_add0_revoked(x509_crl, revoked)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_CRL_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl, private_key._evp_pkey, evp_md
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_RSA,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Digest too big for RSA key")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CertificateRevocationList(self, x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_x509_extensions(self, extensions, handlers, x509_obj,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func, gc):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i, extension in enumerate(extensions):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_extension = self._create_x509_extension(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers, extension
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(x509_extension != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if gc:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_extension = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_extension, self._lib.X509_EXTENSION_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = add_func(x509_obj, x509_extension, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_raw_x509_extension(self, extension, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = _txt2obj_gc(self, extension.oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._lib.X509_EXTENSION_create_by_OBJ(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL, obj, 1 if extension.critical else 0, value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_x509_extension(self, handlers, extension):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(extension.value, x509.UnrecognizedExtension):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = _encode_asn1_str_gc(self, extension.value.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._create_raw_x509_extension(extension, value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(extension.value, x509.TLSFeature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1 = _Integers([x.value for x in extension.value]).dump()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = _encode_asn1_str_gc(self, asn1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._create_raw_x509_extension(extension, value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(extension.value, x509.PrecertPoison):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1 = asn1crypto.core.Null().dump()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = _encode_asn1_str_gc(self, asn1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._create_raw_x509_extension(extension, value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encode = handlers[extension.oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'Extension not supported: {}'.format(extension.oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_struct = encode(self, extension.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nid = self._lib.OBJ_txt2nid(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension.oid.dotted_string.encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(nid != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._lib.X509V3_EXT_i2d(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nid, 1 if extension.critical else 0, ext_struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_x509_revoked_certificate(self, builder):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(builder, x509.RevokedCertificateBuilder):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Builder type mismatch.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_revoked = self._lib.X509_REVOKED_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(x509_revoked != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_revoked = self._ffi.gc(x509_revoked, self._lib.X509_REVOKED_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serial_number = _encode_asn1_int_gc(self, builder._serial_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REVOKED_set_serialNumber(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_revoked, serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rev_date = self._create_asn1_time(builder._revocation_date)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.X509_REVOKED_set_revocationDate(x509_revoked, rev_date)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # add CRL entry extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_CRL_ENTRY_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_obj=x509_revoked,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func=self._lib.X509_REVOKED_add_ext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gc=True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RevokedCertificate(self, None, x509_revoked)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._load_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.PEM_read_bio_PrivateKey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey_to_private_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.PEM_read_bio_PUBKEY(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_pkey != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._evp_pkey_to_public_key(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # It's not a (RSA/DSA/ECDSA) subjectPublicKeyInfo, but we still
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # need to check to see if it is a pure PKCS1 RSA public key (not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # embedded in a subjectPublicKeyInfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.BIO_reset(mem_bio.bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.PEM_read_bio_RSAPublicKey(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rsa_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # only DH is supported currently
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.PEM_read_bio_DHparams(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dh_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_private_key(self, data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # OpenSSL has a function called d2i_AutoPrivateKey that in theory
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # handles this automatically, however it doesn't handle encrypted
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # private keys. Instead we try to load the key two different ways.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # First we'll try to load it as a traditional key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio_data = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = self._evp_pkey_from_der_traditional_key(bio_data, password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._evp_pkey_to_private_key(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Finally we try to load it with the method that handles encrypted
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # PKCS8 properly.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._load_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.d2i_PKCS8PrivateKey_bio,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey_to_private_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _evp_pkey_from_der_traditional_key(self, bio_data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = self._lib.d2i_PrivateKey_bio(bio_data.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = self._ffi.gc(key, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if password is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Password was given but private key is not encrypted."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_public_key(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.d2i_PUBKEY_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_pkey != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._evp_pkey_to_public_key(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # It's not a (RSA/DSA/ECDSA) subjectPublicKeyInfo, but we still
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # need to check to see if it is a pure PKCS1 RSA public key (not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # embedded in a subjectPublicKeyInfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.BIO_reset(mem_bio.bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._lib.d2i_RSAPublicKey_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rsa_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._rsa_cdata_to_evp_pkey(rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPublicKey(self, rsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_parameters(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.d2i_DHparams_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dh_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif self._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We check to see if the is dhx.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.BIO_reset(mem_bio.bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.Cryptography_d2i_DHxparams_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dh_cdata != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._lib.PEM_read_bio_X509(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509 == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Unable to load certificate. See https://cryptography.io/en/la"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "test/faq/#why-can-t-i-import-my-pem-file for more details."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._ffi.gc(x509, self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Certificate(self, x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_x509_certificate(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._lib.d2i_X509_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509 == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unable to load certificate")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._ffi.gc(x509, self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Certificate(self, x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_x509_crl(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl = self._lib.PEM_read_bio_X509_CRL(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509_crl == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Unable to load CRL. See https://cryptography.io/en/la"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "test/faq/#why-can-t-i-import-my-pem-file for more details."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl = self._ffi.gc(x509_crl, self._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CertificateRevocationList(self, x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_x509_crl(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl = self._lib.d2i_X509_CRL_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509_crl == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unable to load CRL")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_crl = self._ffi.gc(x509_crl, self._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CertificateRevocationList(self, x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_pem_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req = self._lib.PEM_read_bio_X509_REQ(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio, self._ffi.NULL, self._ffi.NULL, self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509_req == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Unable to load request. See https://cryptography.io/en/la"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "test/faq/#why-can-t-i-import-my-pem-file for more details."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CertificateSigningRequest(self, x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_x509_csr(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req = self._lib.d2i_X509_REQ_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509_req == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unable to load request")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_req = self._ffi.gc(x509_req, self._lib.X509_REQ_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CertificateSigningRequest(self, x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _load_key(self, openssl_read_func, convert_func, data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- userdata = self._ffi.new("CRYPTOGRAPHY_PASSWORD_DATA *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if password is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("password", password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password_ptr = self._ffi.from_buffer(password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- userdata.password = password_ptr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- userdata.length = len(password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = openssl_read_func(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio.bio,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib._original_lib, "Cryptography_pem_password_cb"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- userdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_pkey == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if userdata.error != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(errors)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if userdata.error == -1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Password was not given but private key is encrypted"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert userdata.error == -2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Passwords longer than {} bytes are not supported "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "by this backend.".format(userdata.maxsize - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._handle_key_loading_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if password is not None and userdata.called == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Password was given but private key is not encrypted.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (password is not None and userdata.called == 1) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password is None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return convert_func(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _handle_key_loading_error(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not errors:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Could not deserialize key data.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EVP, self._lib.EVP_R_BAD_DECRYPT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ) or errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_PKCS12,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.PKCS12_R_PKCS12_CIPHERFINAL_ERROR
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Bad decrypt. Incorrect password?")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EVP, self._lib.EVP_R_UNKNOWN_PBE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ) or errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_PEM, self._lib.PEM_R_UNSUPPORTED_ENCRYPTION
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "PEM data is encrypted with an unsupported cipher",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif any(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- error._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for error in errors
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unsupported public key algorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert errors[0].lib in (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_PEM,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_ASN1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Could not deserialize key data.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def elliptic_curve_supported(self, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_nid = self._elliptic_curve_to_nid(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except UnsupportedAlgorithm:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_nid = self._lib.NID_undef
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = self._lib.EC_GROUP_new_by_curve_name(curve_nid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if group == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_nid == self._lib.NID_undef or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EC,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.EC_R_UNKNOWN_GROUP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(curve_nid != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.EC_GROUP_free(group)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def elliptic_curve_signature_algorithm_supported(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self, signature_algorithm, curve
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We only support ECDSA right now.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(signature_algorithm, ec.ECDSA):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.elliptic_curve_supported(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_elliptic_curve_private_key(self, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generate a new private key on the named curve.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.elliptic_curve_supported(curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_new_by_curve(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_KEY_generate_key(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not support {}.".format(curve.name),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_elliptic_curve_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public = numbers.public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_new_by_curve(public.curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private_value = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._int_to_bn(numbers.private_value), self._lib.BN_clear_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_KEY_set_private_key(ec_cdata, private_value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_set_public_key_affine_coordinates(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata, public.x, public.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_elliptic_curve_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_new_by_curve(numbers.curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_set_public_key_affine_coordinates(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata, numbers.x, numbers.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_elliptic_curve_public_bytes(self, curve, point_bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_new_by_curve(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = self._lib.EC_KEY_get0_group(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(group != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._lib.EC_POINT_new(group)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(point != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._ffi.gc(point, self._lib.EC_POINT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_POINT_oct2point(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group, point, point_bytes, len(point_bytes), bn_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid public bytes for the given curve")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_KEY_set_public_key(ec_cdata, point)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive_elliptic_curve_private_key(self, private_value, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._ec_key_new_by_curve(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_func, group = self._ec_key_determine_group_get_func(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._lib.EC_POINT_new(group)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(point != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._ffi.gc(point, self._lib.EC_POINT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = self._int_to_bn(private_value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = self._ffi.gc(value, self._lib.BN_clear_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_POINT_mul(group, point, value, self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL, bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_x = self._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_y = self._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = get_func(group, point, bn_x, bn_y, bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_KEY_set_public_key(ec_cdata, point)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private = self._int_to_bn(private_value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private = self._ffi.gc(private, self._lib.BN_clear_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_KEY_set_private_key(ec_cdata, private)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _ec_key_new_by_curve(self, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_nid = self._elliptic_curve_to_nid(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata = self._lib.EC_KEY_new_by_curve_name(curve_nid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ec_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.gc(ec_cdata, self._lib.EC_KEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_ocsp_request(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- request = self._lib.d2i_OCSP_REQUEST_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if request == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unable to load OCSP request")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- request = self._ffi.gc(request, self._lib.OCSP_REQUEST_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OCSPRequest(self, request)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_der_ocsp_response(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mem_bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- response = self._lib.d2i_OCSP_RESPONSE_bio(mem_bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if response == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unable to load OCSP response")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- response = self._ffi.gc(response, self._lib.OCSP_RESPONSE_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OCSPResponse(self, response)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_ocsp_request(self, builder):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ocsp_req = self._lib.OCSP_REQUEST_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ocsp_req != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ocsp_req = self._ffi.gc(ocsp_req, self._lib.OCSP_REQUEST_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert, issuer, algorithm = builder._request
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certid = self._lib.OCSP_cert_to_id(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md, cert._x509, issuer._x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(certid != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- onereq = self._lib.OCSP_request_add0_id(ocsp_req, certid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(onereq != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_obj=ocsp_req,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func=self._lib.OCSP_REQUEST_add_ext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gc=True,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OCSPRequest(self, ocsp_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _create_ocsp_basic_response(self, builder, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic = self._lib.OCSP_BASICRESP_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(basic != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic = self._ffi.gc(basic, self._lib.OCSP_BASICRESP_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder._response._algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certid = self._lib.OCSP_cert_to_id(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md, builder._response._cert._x509,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder._response._issuer._x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(certid != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certid = self._ffi.gc(certid, self._lib.OCSP_CERTID_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if builder._response._revocation_reason is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason = -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason = _CRL_ENTRY_REASON_ENUM_TO_CODE[
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder._response._revocation_reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if builder._response._revocation_time is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rev_time = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rev_time = self._create_asn1_time(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder._response._revocation_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if builder._response._next_update is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update = self._create_asn1_time(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder._response._next_update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- this_update = self._create_asn1_time(builder._response._this_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.OCSP_basic_add1_status(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certid,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder._response._cert_status.value,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rev_time,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- this_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # okay, now sign the basic structure
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- responder_cert, responder_encoding = builder._responder_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- flags = self._lib.OCSP_NOCERTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if responder_encoding is ocsp.OCSPResponderEncoding.HASH:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- flags |= self._lib.OCSP_RESPID_KEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if builder._certs is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for cert in builder._certs:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.OCSP_basic_add1_cert(basic, cert._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._create_x509_extensions(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=builder._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_OCSP_BASICRESP_EXTENSION_ENCODE_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_obj=basic,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- add_func=self._lib.OCSP_BASICRESP_add_ext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gc=True,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.OCSP_basic_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic, responder_cert._x509, private_key._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md, self._ffi.NULL, flags
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_X509,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.X509_R_KEY_VALUES_MISMATCH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("responder_cert must be signed by private_key")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return basic
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_ocsp_response(self, response_status, builder, private_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if response_status is ocsp.OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic = self._create_ocsp_basic_response(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- builder, private_key, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ocsp_resp = self._lib.OCSP_response_create(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- response_status.value, basic
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ocsp_resp != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ocsp_resp = self._ffi.gc(ocsp_resp, self._lib.OCSP_RESPONSE_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OCSPResponse(self, ocsp_resp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.elliptic_curve_supported(curve) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(algorithm, ec.ECDH)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _ec_cdata_to_evp_pkey(self, ec_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_set1_EC_KEY(evp_pkey, ec_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _elliptic_curve_to_nid(self, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Get the NID for a curve name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_aliases = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp192r1": "prime192v1",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp256r1": "prime256v1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_name = curve_aliases.get(curve.name, curve.name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_nid = self._lib.OBJ_sn2nid(curve_name.encode())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if curve_nid == self._lib.NID_undef:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not a supported elliptic curve".format(curve.name),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return curve_nid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @contextmanager
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _tmp_bn_ctx(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_ctx = self._lib.BN_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(bn_ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_ctx = self._ffi.gc(bn_ctx, self._lib.BN_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.BN_CTX_start(bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield bn_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.BN_CTX_end(bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _ec_key_determine_group_get_func(self, ctx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Given an EC_KEY determine the group and what function is required to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get point coordinates.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nid_two_field = self._lib.OBJ_sn2nid(b"characteristic-two-field")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(nid_two_field != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = self._lib.EC_KEY_get0_group(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(group != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- method = self._lib.EC_GROUP_method_of(group)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(method != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nid = self._lib.EC_METHOD_get_field_type(method)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(nid != self._lib.NID_undef)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if nid == nid_two_field and self._lib.Cryptography_HAS_EC2M:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_func = self._lib.EC_POINT_get_affine_coordinates_GF2m
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_func = self._lib.EC_POINT_get_affine_coordinates_GFp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert get_func
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return get_func, group
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _ec_key_set_public_key_affine_coordinates(self, ctx, x, y):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the public key point in the EC_KEY context to the affine x and y
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- values.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x < 0 or y < 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Invalid EC key. Both x and y must be non-negative."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x = self._ffi.gc(self._int_to_bn(x), self._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y = self._ffi.gc(self._int_to_bn(y), self._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EC_KEY_set_public_key_affine_coordinates(ctx, x, y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid EC key.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _private_key_bytes(self, encoding, format, encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey, cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(format, serialization.PrivateFormat):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be an item from the PrivateFormat enum"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # X9.62 encoding is only valid for EC public keys
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.X962:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("X9.62 format is only valid for EC public keys")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Raw format and encoding are only valid for X25519, Ed25519, X448, and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Ed448 keys. We capture those cases before this method is called so if
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we see those enum values here it means the caller has passed them to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # a key that doesn't support raw type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PrivateFormat.Raw:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("raw format is invalid with this key or encoding")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.Raw:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("raw encoding is invalid with this key or format")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.KeySerializationEncryption):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Encryption algorithm must be a KeySerializationEncryption "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "instance"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(encryption_algorithm, serialization.NoEncryption):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- passlen = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.BestAvailableEncryption):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is a curated value that we will update over time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher = self._lib.EVP_get_cipherbyname(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b"aes-256-cbc"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password = encryption_algorithm.password
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- passlen = len(password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if passlen > 1023:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Passwords longer than 1023 bytes are not supported by "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "this backend"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unsupported encryption type")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_type = self._lib.EVP_PKEY_id(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PrivateFormat.PKCS8:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_PKCS8PrivateKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert format is serialization.PrivateFormat.TraditionalOpenSSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_RSAPrivateKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == self._lib.EVP_PKEY_DSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_DSAPrivateKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert key_type == self._lib.EVP_PKEY_EC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_ECPrivateKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PrivateFormat.TraditionalOpenSSL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryption_algorithm, serialization.NoEncryption
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Encryption is not supported for DER encoded "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "traditional OpenSSL keys"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._private_key_bytes_traditional_der(key_type, cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert format is serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_PKCS8PrivateKey_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("encoding must be Encoding.PEM or Encoding.DER")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = write_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- password,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- passlen,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _private_key_bytes_traditional_der(self, key_type, cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_type == self._lib.EVP_PKEY_RSA:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_RSAPrivateKey_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == self._lib.EVP_PKEY_EC:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_ECPrivateKey_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(key_type == self._lib.EVP_PKEY_DSA)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_DSAPrivateKey_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = write_bio(bio, cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _public_key_bytes(self, encoding, format, key, evp_pkey, cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(encoding, serialization.Encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Compressed/UncompressedPoint are only valid for EC keys and those
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # cases are handled by the ECPublicKey public_bytes method before this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # method is called
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format in (serialization.PublicFormat.UncompressedPoint,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.CompressedPoint):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Point formats are not valid for this key type")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Raw format and encoding are only valid for X25519, Ed25519, X448, and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Ed448 keys. We capture those cases before this method is called so if
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we see those enum values here it means the caller has passed them to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # a key that doesn't support raw type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PublicFormat.Raw:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("raw format is invalid with this key or encoding")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.Raw:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("raw encoding is invalid with this key or format")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.OpenSSH or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.OpenSSH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.OpenSSH or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.OpenSSH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OpenSSH format must be used with OpenSSH encoding"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._openssh_public_key_bytes(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif format is serialization.PublicFormat.SubjectPublicKeyInfo:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_PUBKEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert encoding is serialization.Encoding.DER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_PUBKEY_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif format is serialization.PublicFormat.PKCS1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Only RSA is supported here.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert self._lib.EVP_PKEY_id(evp_pkey) == self._lib.EVP_PKEY_RSA
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_RSAPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert encoding is serialization.Encoding.DER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_RSAPublicKey_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be an item from the PublicFormat enum"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = write_bio(bio, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _openssh_public_key_bytes(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(key, rsa.RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = key.public_numbers()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"ssh-rsa " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(b"ssh-rsa") +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_mpint(public_numbers.e) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_mpint(public_numbers.n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(key, dsa.DSAPublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = key.public_numbers()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"ssh-dss " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(b"ssh-dss") +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_mpint(parameter_numbers.p) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_mpint(parameter_numbers.q) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_mpint(parameter_numbers.g) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_mpint(public_numbers.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(key, ed25519.Ed25519PublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raw_bytes = key.public_bytes(serialization.Encoding.Raw,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.Raw)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"ssh-ed25519 " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(b"ssh-ed25519") +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(raw_bytes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(key, ec.EllipticCurvePublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = key.public_numbers()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_name = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec.SECP256R1: b"nistp256",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec.SECP384R1: b"nistp384",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec.SECP521R1: b"nistp521",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }[type(public_numbers.curve)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Only SECP256R1, SECP384R1, and SECP521R1 curves are "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "supported by the SSH public key format"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = key.public_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.Encoding.X962,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"ecdsa-sha2-" + curve_name + b" " + base64.b64encode(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(b"ecdsa-sha2-" + curve_name) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(curve_name) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ssh._ssh_write_string(point)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OpenSSH encoding is not supported for this key type"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _parameter_bytes(self, encoding, format, cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.OpenSSH:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OpenSSH encoding is not supported"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Only DH is supported here currently.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.DH_get0_pqg(cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_DHxparams
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.PEM_write_bio_DHparams
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.Cryptography_i2d_DHxparams_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- write_bio = self._lib.i2d_DHparams_bio
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = write_bio(bio, cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dh_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_size < 512:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("DH key_size must be at least 512 bits")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if generator not in (2, 5):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("DH generator must be 2 or 5")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_param_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_param_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_param_cdata = self._ffi.gc(dh_param_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_generate_parameters_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_param_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generator,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHParameters(self, dh_param_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _dh_cdata_to_evp_pkey(self, dh_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_set1_DH(evp_pkey, dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dh_private_key(self, parameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_key_cdata = _dh_params_dup(parameters._dh_cdata, self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_generate_key(dh_key_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._dh_cdata_to_evp_pkey(dh_key_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHPrivateKey(self, dh_key_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_dh_private_key_and_parameters(self, generator, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.generate_dh_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.generate_dh_parameters(generator, key_size))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dh_private_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = numbers.public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if parameter_numbers.q is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._int_to_bn(numbers.public_numbers.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- priv_key = self._int_to_bn(numbers.x)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_set0_key(dh_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes = self._ffi.new("int[]", 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.Cryptography_DH_check(dh_cdata, codes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # DH_check will return DH_NOT_SUITABLE_GENERATOR if p % 24 does not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # equal 11 when the generator is 2 (a quadratic nonresidue).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We want to ignore that error because p % 24 == 23 is also fine.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Specifically, g is then a quadratic residue. Within the context of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Diffie-Hellman this means it can only generate half the possible
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # values. That sounds bad, but quadratic nonresidues leak a bit of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # the key to the attacker in exchange for having the full key space
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # available. See: https://crypto.stackexchange.com/questions/12961
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if codes[0] != 0 and not (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers.g == 2 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes[0] ^ self._lib.DH_NOT_SUITABLE_GENERATOR == 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DH private numbers did not pass safety checks."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._dh_cdata_to_evp_pkey(dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHPrivateKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dh_public_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(parameter_numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(parameter_numbers.g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if parameter_numbers.q is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(parameter_numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._int_to_bn(numbers.y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_set0_key(dh_cdata, pub_key, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._dh_cdata_to_evp_pkey(dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHPublicKey(self, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_dh_parameter_numbers(self, numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(numbers.p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(numbers.g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if numbers.q is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(numbers.q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHParameters(self, dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dh_parameters_supported(self, p, g, q=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._lib.DH_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(dh_cdata != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = self._ffi.gc(dh_cdata, self._lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._int_to_bn(p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._int_to_bn(g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._int_to_bn(q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.DH_set0_pqg(dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes = self._ffi.new("int[]", 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.Cryptography_DH_check(dh_cdata, codes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return codes[0] == 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def dh_x942_serialization_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._lib.Cryptography_HAS_EVP_PKEY_DHX == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x509_name_bytes(self, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_name = _encode_name_gc(self, name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.i2d_X509_NAME(x509_name, pp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(pp[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp, lambda pointer: self._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x25519_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 we can
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # switch this to EVP_PKEY_new_raw_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != 32:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An X25519 public key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._create_evp_pkey_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_set_type(evp_pkey, self._lib.NID_X25519)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_set1_tls_encodedpoint(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey, data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x25519_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 we can
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # switch this to EVP_PKEY_new_raw_private_key and drop the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # zeroed_bytearray garbage.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # OpenSSL only has facilities for loading PKCS8 formatted private
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # keys using the algorithm identifiers specified in
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # https://tools.ietf.org/html/draft-ietf-curdle-pkix-09.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is the standard PKCS8 prefix for a 32 byte X25519 key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The form is:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 0:d=0 hl=2 l= 46 cons: SEQUENCE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 2:d=1 hl=2 l= 1 prim: INTEGER :00
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 5:d=1 hl=2 l= 5 cons: SEQUENCE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 7:d=2 hl=2 l= 3 prim: OBJECT :1.3.101.110
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 12:d=1 hl=2 l= 34 prim: OCTET STRING (the key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Of course there's a bit more complexity. In reality OCTET STRING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # contains an OCTET STRING of length 32! So the last two bytes here
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # are \x04\x20, which is an OCTET STRING of length 32.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != 32:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An X25519 private key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkcs8_prefix = b'0.\x02\x01\x000\x05\x06\x03+en\x04"\x04 '
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._zeroed_bytearray(48) as ba:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ba[0:16] = pkcs8_prefix
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ba[16:] = data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._bytes_to_bio(ba)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = backend._lib.d2i_PrivateKey_bio(bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.EVP_PKEY_id(evp_pkey) == self._lib.EVP_PKEY_X25519
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _evp_pkey_keygen_gc(self, nid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey_ctx = self._lib.EVP_PKEY_CTX_new_id(nid, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey_ctx != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey_ctx = self._ffi.gc(evp_pkey_ctx, self._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_keygen_init(evp_pkey_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_ppkey = self._ffi.new("EVP_PKEY **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PKEY_keygen(evp_pkey_ctx, evp_ppkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_ppkey[0] != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_ppkey[0], self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x25519_generate_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_X25519)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x25519_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._lib.CRYPTOGRAPHY_OPENSSL_110_OR_GREATER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x448_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != 56:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An X448 public key is 56 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.NID_X448, self._ffi.NULL, data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x448_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != 56:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An X448 private key is 56 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.NID_X448, self._ffi.NULL, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x448_generate_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_X448)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def x448_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed25519_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed25519_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != ed25519._ED25519_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An Ed25519 public key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.NID_ED25519, self._ffi.NULL, data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed25519PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed25519_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != ed25519._ED25519_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An Ed25519 private key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.NID_ED25519, self._ffi.NULL, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed25519_generate_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_ED25519)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed25519PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed448_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed448_load_public_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != _ED448_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An Ed448 public key is 57 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.NID_ED448, self._ffi.NULL, data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed448PublicKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed448_load_private_bytes(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != _ED448_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("An Ed448 private key is 57 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.NID_ED448, self._ffi.NULL, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(evp_pkey != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey, self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def ed448_generate_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._evp_pkey_keygen_gc(self._lib.NID_ED448)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Ed448PrivateKey(self, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive_scrypt(self, key_material, salt, length, n, r, p):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._ffi.new("unsigned char[]", length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material_ptr = self._ffi.from_buffer(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.EVP_PBE_scrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material_ptr, len(key_material), salt, len(salt), n, r, p,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- scrypt._MEM_LIMIT, buf, length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not self._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_111:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This error is only added to the stack in 1.1.1+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_R_MALLOC_FAILURE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.EVP_R_MEMORY_LIMIT_EXCEEDED
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # memory required formula explained here:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # https://blog.filippo.io/the-scrypt-parameters/
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- min_memory = 128 * n * r // (1024**2)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise MemoryError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Not enough memory to derive key. These parameters require"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " {} MB of memory.".format(min_memory)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def aead_cipher_supported(self, cipher):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_name = aead._aead_cipher_name(cipher)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib.EVP_get_cipherbyname(cipher_name) != self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @contextlib.contextmanager
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _zeroed_bytearray(self, length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- This method creates a bytearray, which we copy data into (hopefully
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- also from a mutable buffer that can be dynamically erased!), and then
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- zero when we're done.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ba = bytearray(length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield ba
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._zero_data(ba, length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _zero_data(self, data, length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We clear things this way because at the moment we're not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # sure of a better way that can guarantee it overwrites the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # memory of a bytearray and doesn't just replace the underlying char *.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data[i] = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @contextlib.contextmanager
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _zeroed_null_terminated_buf(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- This method takes bytes, which can be a bytestring or a mutable
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer like a bytearray, and yields a null-terminated version of that
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data. This is required because PKCS12_parse doesn't take a length with
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- its password char * and ffi.from_buffer doesn't provide null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- termination. So, to support zeroing the data via bytearray we
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- need to build this ridiculous construct that copies the memory, but
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- zeroes it after use.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield self._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_len = len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._ffi.new("char[]", data_len + 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ffi.memmove(buf, data, data_len)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield buf
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Cast to a uint8_t * so we can assign by integer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._zero_data(self._ffi.cast("uint8_t *", buf), data_len)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def load_key_and_certificates_from_pkcs12(self, data, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if password is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("password", password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._bytes_to_bio(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p12 = self._lib.d2i_PKCS12_bio(bio.bio, self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if p12 == self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Could not deserialize PKCS12 data")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p12 = self._ffi.gc(p12, self._lib.PKCS12_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey_ptr = self._ffi.new("EVP_PKEY **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_ptr = self._ffi.new("X509 **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk_x509_ptr = self._ffi.new("Cryptography_STACK_OF_X509 **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._zeroed_null_terminated_buf(password) as password_buf:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._lib.PKCS12_parse(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p12, password_buf, evp_pkey_ptr, x509_ptr, sk_x509_ptr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid password or PKCS12 data")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- additional_certificates = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_pkey_ptr[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._ffi.gc(evp_pkey_ptr[0], self._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = self._evp_pkey_to_private_key(evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509_ptr[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._ffi.gc(x509_ptr[0], self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert = _Certificate(self, x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if sk_x509_ptr[0] != self._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk_x509 = self._ffi.gc(sk_x509_ptr[0], self._lib.sk_X509_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = self._lib.sk_X509_num(sk_x509_ptr[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._lib.sk_X509_value(sk_x509, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._ffi.gc(x509, self._lib.X509_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.openssl_assert(x509 != self._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- additional_certificates.append(_Certificate(self, x509))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (key, cert, additional_certificates)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def poly1305_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._lib.Cryptography_HAS_POLY1305 == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def create_poly1305_ctx(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) != _POLY1305_KEY_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A poly1305 key is 32 bytes long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _Poly1305Context(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class GetCipherByName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, fmt):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._fmt = fmt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __call__(self, backend, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_name = self._fmt.format(cipher=cipher, mode=mode).lower()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._lib.EVP_get_cipherbyname(cipher_name.encode("ascii"))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _get_xts_cipher(backend, cipher, mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher_name = "aes-{}-xts".format(cipher.key_size // 2)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._lib.EVP_get_cipherbyname(cipher_name.encode("ascii"))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--backend = Backend()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ciphers.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ciphers.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ciphers.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,229 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import InvalidTag, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import ciphers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers import modes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ciphers.CipherContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ciphers.AEADCipherContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ciphers.AEADEncryptionContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ciphers.AEADDecryptionContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _CipherContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _ENCRYPT = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _DECRYPT = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, cipher, mode, operation):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cipher = cipher
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._mode = mode
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._operation = operation
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(self._cipher, ciphers.BlockCipherAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._block_size_bytes = self._cipher.block_size // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._block_size_bytes = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._lib.EVP_CIPHER_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._backend._lib.EVP_CIPHER_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- registry = self._backend._cipher_registry
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- adapter = registry[type(cipher), type(mode)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "cipher {} in {} mode is not supported "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "by this backend.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cipher.name, mode.name if mode else mode),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher = adapter(self._backend, cipher, mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_cipher == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- msg = "cipher {0.name} ".format(cipher)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if mode is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- msg += "in {0.name} mode ".format(mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- msg += (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "is not supported by this backend (Your version of OpenSSL "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "may be too old. Current version: {}.)"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).format(self._backend.openssl_version_text())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(msg, _Reasons.UNSUPPORTED_CIPHER)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(mode, modes.ModeWithInitializationVector):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv_nonce = self._backend._ffi.from_buffer(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode.initialization_vector
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(mode, modes.ModeWithTweak):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv_nonce = self._backend._ffi.from_buffer(mode.tweak)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(mode, modes.ModeWithNonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv_nonce = self._backend._ffi.from_buffer(mode.nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(cipher, modes.ModeWithNonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv_nonce = self._backend._ffi.from_buffer(cipher.nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv_nonce = self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # begin init with cipher and operation type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CipherInit_ex(ctx, evp_cipher,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- operation)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # set the key length to handle variable key ciphers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CIPHER_CTX_set_key_length(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, len(cipher.key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(mode, modes.GCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._backend._lib.EVP_CTRL_AEAD_SET_IVLEN,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(iv_nonce), self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if mode.tag is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(mode.tag), mode.tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = mode.tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._operation == self._DECRYPT and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not self._backend._lib.CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "delayed passing of GCM tag requires OpenSSL >= 1.0.2."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " To use this feature please update OpenSSL"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # pass key/iv
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CipherInit_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.from_buffer(cipher.key),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iv_nonce,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- operation
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We purposely disable padding here as it's handled higher up in the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # API.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.EVP_CIPHER_CTX_set_padding(ctx, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = bytearray(len(data) + self._block_size_bytes - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self.update_into(data, buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return bytes(buf[:n])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(buf) < (len(data) + self._block_size_bytes - 1):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "buffer must be at least {} bytes for this "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "payload".format(len(data) + self._block_size_bytes - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.cast(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "unsigned char *", self._backend._ffi.from_buffer(buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, buf, outlen,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.from_buffer(data), len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return outlen[0]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # OpenSSL 1.0.1 on Ubuntu 12.04 (and possibly other distributions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # appears to have a bug where you must make at least one call to update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # even if you are only using authenticate_additional_data or the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # GCM tag will be wrong. An (empty) call to update resolves this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # and is harmless for all other versions of OpenSSL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(self._mode, modes.GCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.update(b"")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._operation == self._DECRYPT and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(self._mode, modes.ModeWithAuthenticationTag) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.tag is None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Authentication tag must be provided when decrypting."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]", self._block_size_bytes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CipherFinal_ex(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not errors and isinstance(self._mode, modes.GCM):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidTag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.ERR_LIB_EVP,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The length of the provided data is not a multiple of "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "the block length."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (isinstance(self._mode, modes.GCM) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._operation == self._ENCRYPT):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tag_buf = self._backend._ffi.new(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "unsigned char[]", self._block_size_bytes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, self._backend._lib.EVP_CTRL_AEAD_GET_TAG,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._block_size_bytes, tag_buf
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = self._backend._ffi.buffer(tag_buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CIPHER_CTX_cleanup(self._ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize_with_tag(self, tag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not self._backend._lib.CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "finalize_with_tag requires OpenSSL >= 1.0.2. To use this "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "method please update OpenSSL"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(tag) < self._mode._min_tag_length:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Authentication tag must be {} bytes or longer.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._mode._min_tag_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CIPHER_CTX_ctrl(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(tag), tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def authenticate_additional_data(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_CipherUpdate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, self._backend._ffi.NULL, outlen,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.from_buffer(data), len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tag = utils.read_only_property("_tag")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/cmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/cmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/cmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,81 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.modes import CBC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _CMACContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, algorithm, ctx=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.cmac_algorithm_supported(algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm("This backend does not support CMAC.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_CIPHER)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = algorithm.key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._output_length = algorithm.block_size // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- registry = self._backend._cipher_registry
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- adapter = registry[type(algorithm), CBC]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher = adapter(self._backend, algorithm, CBC)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._lib.CMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._ffi.gc(ctx, self._backend._lib.CMAC_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_ptr = self._backend._ffi.from_buffer(self._key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.CMAC_Init(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, key_ptr, len(self._key),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_cipher, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.CMAC_Update(self._ctx, data, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]", self._output_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- length = self._backend._ffi.new("size_t *", self._output_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.CMAC_Final(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, buf, length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx = self._backend._lib.CMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx, self._backend._lib.CMAC_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.CMAC_CTX_copy(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx, self._ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CMACContext(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._algorithm, ctx=copied_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(digest, signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidSignature("Signature did not match digest.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/decode_asn1.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/decode_asn1.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/decode_asn1.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,899 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import datetime
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import ipaddress
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import asn1crypto.core
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.extensions import _TLS_FEATURE_TYPE_TO_ENUM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.name import _ASN1_TYPE_TO_ENUM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID, CertificatePoliciesOID, ExtensionOID,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPExtensionOID,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Integers(asn1crypto.core.SequenceOf):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _child_spec = asn1crypto.core.Integer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _obj2txt(backend, obj):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Set to 80 on the recommendation of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # https://www.openssl.org/docs/crypto/OBJ_nid2ln.html#return_values
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # But OIDs longer than this occur in real life (e.g. Active
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Directory makes some very long OIDs). So we need to detect
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # and properly handle the case where the default buffer is not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # big enough.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf_len = 80
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("char[]", buf_len)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 'res' is the number of bytes that *would* be written if the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # buffer is large enough. If 'res' > buf_len - 1, we need to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # alloc a big-enough buffer and go again.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.OBJ_obj2txt(buf, buf_len, obj, 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res > buf_len - 1: # account for terminating null byte
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf_len = res + 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("char[]", buf_len)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.OBJ_obj2txt(buf, buf_len, obj, 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf, res)[:].decode()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_x509_name_entry(backend, x509_name_entry):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = backend._lib.X509_NAME_ENTRY_get_object(x509_name_entry)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = backend._lib.X509_NAME_ENTRY_get_data(x509_name_entry)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(data != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = _asn1_string_to_utf8(backend, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(backend, obj)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- type = _ASN1_TYPE_TO_ENUM[data.type]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.NameAttribute(x509.ObjectIdentifier(oid), value, type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_x509_name(backend, x509_name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- count = backend._lib.X509_NAME_entry_count(x509_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- prev_set_id = -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for x in range(count):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- entry = backend._lib.X509_NAME_get_entry(x509_name, x)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attribute = _decode_x509_name_entry(backend, entry)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- set_id = backend._lib.Cryptography_X509_NAME_ENTRY_set(entry)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if set_id != prev_set_id:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes.append(set([attribute]))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # is in the same RDN a previous entry
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes[-1].add(attribute)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- prev_set_id = set_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.Name(x509.RelativeDistinguishedName(rdn) for rdn in attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_general_names(backend, gns):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_GENERAL_NAME_num(gns)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- names = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn = backend._lib.sk_GENERAL_NAME_value(gns, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- names.append(_decode_general_name(backend, gn))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_general_name(backend, gn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if gn.type == backend._lib.GEN_DNS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Convert to bytes and then decode to utf8. We don't use
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # asn1_string_to_utf8 here because it doesn't properly convert
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # utf8 from ia5strings.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = _asn1_string_to_bytes(backend, gn.d.dNSName).decode("utf8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We don't use the constructor for DNSName so we can bypass validation
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This allows us to create DNSName objects that have unicode chars
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # when a certificate (against the RFC) contains them.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.DNSName._init_without_validation(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif gn.type == backend._lib.GEN_URI:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Convert to bytes and then decode to utf8. We don't use
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # asn1_string_to_utf8 here because it doesn't properly convert
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # utf8 from ia5strings.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = _asn1_string_to_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, gn.d.uniformResourceIdentifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).decode("utf8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We don't use the constructor for URI so we can bypass validation
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This allows us to create URI objects that have unicode chars
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # when a certificate (against the RFC) contains them.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.UniformResourceIdentifier._init_without_validation(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif gn.type == backend._lib.GEN_RID:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(backend, gn.d.registeredID)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.RegisteredID(x509.ObjectIdentifier(oid))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif gn.type == backend._lib.GEN_IPADD:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = _asn1_string_to_bytes(backend, gn.d.iPAddress)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_len = len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if data_len == 8 or data_len == 32:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is an IPv4 or IPv6 Network and not a single IP. This
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # type of data appears in Name Constraints. Unfortunately,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ipaddress doesn't support packed bytes + netmask. Additionally,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # IPv6Network can only handle CIDR rather than the full 16 byte
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # netmask. To handle this we convert the netmask to integer, then
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # find the first 0 bit, which will be the prefix. If another 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # bit is present after that the netmask is invalid.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- base = ipaddress.ip_address(data[:data_len // 2])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- netmask = ipaddress.ip_address(data[data_len // 2:])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bits = bin(int(netmask))[2:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- prefix = bits.find('0')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # If no 0 bits are found it is a /32 or /128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if prefix == -1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- prefix = len(bits)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if "1" in bits[prefix:]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid netmask")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ip = ipaddress.ip_network(base.exploded + u"/{}".format(prefix))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ip = ipaddress.ip_address(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.IPAddress(ip)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif gn.type == backend._lib.GEN_DIRNAME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.DirectoryName(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _decode_x509_name(backend, gn.d.directoryName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif gn.type == backend._lib.GEN_EMAIL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Convert to bytes and then decode to utf8. We don't use
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # asn1_string_to_utf8 here because it doesn't properly convert
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # utf8 from ia5strings.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = _asn1_string_to_bytes(backend, gn.d.rfc822Name).decode("utf8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We don't use the constructor for RFC822Name so we can bypass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # validation. This allows us to create RFC822Name objects that have
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # unicode chars when a certificate (against the RFC) contains them.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.RFC822Name._init_without_validation(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif gn.type == backend._lib.GEN_OTHERNAME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- type_id = _obj2txt(backend, gn.d.otherName.type_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = _asn1_to_der(backend, gn.d.otherName.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.OtherName(x509.ObjectIdentifier(type_id), value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # x400Address or ediPartyName
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise x509.UnsupportedGeneralNameType(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not a supported type".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509._GENERAL_NAMES.get(gn.type, gn.type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_ocsp_no_check(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.OCSPNoCheck()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_crl_number(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._ffi.cast("ASN1_INTEGER *", ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.CRLNumber(_asn1_integer_to_int(backend, asn1_int))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_delta_crl_indicator(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._ffi.cast("ASN1_INTEGER *", ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.DeltaCRLIndicator(_asn1_integer_to_int(backend, asn1_int))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _X509ExtensionParser(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, ext_count, get_ext, handlers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.ext_count = ext_count
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.get_ext = get_ext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.handlers = handlers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parse(self, backend, x509_obj):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- seen_oids = set()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(self.ext_count(backend, x509_obj)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext = self.get_ext(backend, x509_obj, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(ext != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crit = backend._lib.X509_EXTENSION_get_critical(ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- critical = crit == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = x509.ObjectIdentifier(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _obj2txt(backend, backend._lib.X509_EXTENSION_get_object(ext))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if oid in seen_oids:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise x509.DuplicateExtension(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Duplicate {} extension found".format(oid), oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # These OIDs are only supported in OpenSSL 1.1.0+ but we want
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # to support them in all versions of OpenSSL so we decode them
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ourselves.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if oid == ExtensionOID.TLS_FEATURE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = backend._lib.X509_EXTENSION_get_data(ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed = _Integers.load(_asn1_string_to_bytes(backend, data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = x509.TLSFeature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- [_TLS_FEATURE_TYPE_TO_ENUM[x.native] for x in parsed]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions.append(x509.Extension(oid, critical, value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- seen_oids.add(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- continue
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif oid == ExtensionOID.PRECERT_POISON:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = backend._lib.X509_EXTENSION_get_data(ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed = asn1crypto.core.Null.load(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _asn1_string_to_bytes(backend, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert parsed == asn1crypto.core.Null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions.append(x509.Extension(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid, critical, x509.PrecertPoison()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- seen_oids.add(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- continue
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handler = self.handlers[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Dump the DER payload into an UnrecognizedExtension object
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = backend._lib.X509_EXTENSION_get_data(ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(data != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- der = backend._ffi.buffer(data.data, data.length)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unrecognized = x509.UnrecognizedExtension(oid, der)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions.append(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.Extension(oid, critical, unrecognized)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_data = backend._lib.X509V3_EXT_d2i(ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ext_data == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The {} extension is invalid and can't be "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "parsed".format(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = handler(backend, ext_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions.append(x509.Extension(oid, critical, value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- seen_oids.add(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.Extensions(extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_certificate_policies(backend, cp):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cp = backend._ffi.cast("Cryptography_STACK_OF_POLICYINFO *", cp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cp = backend._ffi.gc(cp, backend._lib.CERTIFICATEPOLICIES_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_POLICYINFO_num(cp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certificate_policies = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- qualifiers = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pi = backend._lib.sk_POLICYINFO_value(cp, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = x509.ObjectIdentifier(_obj2txt(backend, pi.policyid))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if pi.qualifiers != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- qnum = backend._lib.sk_POLICYQUALINFO_num(pi.qualifiers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- qualifiers = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for j in range(qnum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi = backend._lib.sk_POLICYQUALINFO_value(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pi.qualifiers, j
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqualid = x509.ObjectIdentifier(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _obj2txt(backend, pqi.pqualid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if pqualid == CertificatePoliciesOID.CPS_QUALIFIER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cpsuri = backend._ffi.buffer(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi.d.cpsuri.data, pqi.d.cpsuri.length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )[:].decode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- qualifiers.append(cpsuri)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert pqualid == CertificatePoliciesOID.CPS_USER_NOTICE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- user_notice = _decode_user_notice(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, pqi.d.usernotice
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- qualifiers.append(user_notice)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certificate_policies.append(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.PolicyInformation(oid, qualifiers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.CertificatePolicies(certificate_policies)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_user_notice(backend, un):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- explicit_text = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_reference = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if un.exptext != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- explicit_text = _asn1_string_to_utf8(backend, un.exptext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if un.noticeref != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- organization = _asn1_string_to_utf8(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, un.noticeref.organization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_ASN1_INTEGER_num(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- un.noticeref.noticenos
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_numbers = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._lib.sk_ASN1_INTEGER_value(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- un.noticeref.noticenos, i
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_num = _asn1_integer_to_int(backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_numbers.append(notice_num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_reference = x509.NoticeReference(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- organization, notice_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.UserNotice(notice_reference, explicit_text)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_basic_constraints(backend, bc_st):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic_constraints = backend._ffi.cast("BASIC_CONSTRAINTS *", bc_st)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic_constraints = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic_constraints, backend._lib.BASIC_CONSTRAINTS_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The byte representation of an ASN.1 boolean true is \xff. OpenSSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # chooses to just map this to its ordinal value, so true is 255 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # false is 0.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ca = basic_constraints.ca == 255
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- path_length = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, basic_constraints.pathlen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.BasicConstraints(ca, path_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_subject_key_identifier(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_string = backend._ffi.cast("ASN1_OCTET_STRING *", asn1_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_string = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_string, backend._lib.ASN1_OCTET_STRING_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.SubjectKeyIdentifier(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.buffer(asn1_string.data, asn1_string.length)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_authority_key_identifier(backend, akid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid = backend._ffi.cast("AUTHORITY_KEYID *", akid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid = backend._ffi.gc(akid, backend._lib.AUTHORITY_KEYID_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_identifier = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_issuer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if akid.keyid != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_identifier = backend._ffi.buffer(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid.keyid.data, akid.keyid.length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if akid.issuer != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_issuer = _decode_general_names(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, akid.issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, akid.serial
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.AuthorityKeyIdentifier(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_identifier, authority_cert_issuer, authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_authority_information_access(backend, aia):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aia = backend._ffi.cast("Cryptography_STACK_OF_ACCESS_DESCRIPTION *", aia)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aia = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aia,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lambda x: backend._lib.sk_ACCESS_DESCRIPTION_pop_free(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x, backend._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib._original_lib, "ACCESS_DESCRIPTION_free"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_ACCESS_DESCRIPTION_num(aia)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- access_descriptions = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ad = backend._lib.sk_ACCESS_DESCRIPTION_value(aia, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(ad.method != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = x509.ObjectIdentifier(_obj2txt(backend, ad.method))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(ad.location != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn = _decode_general_name(backend, ad.location)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- access_descriptions.append(x509.AccessDescription(oid, gn))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.AuthorityInformationAccess(access_descriptions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_key_usage(backend, bit_string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bit_string = backend._ffi.cast("ASN1_BIT_STRING *", bit_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bit_string = backend._ffi.gc(bit_string, backend._lib.ASN1_BIT_STRING_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_bit = backend._lib.ASN1_BIT_STRING_get_bit
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digital_signature = get_bit(bit_string, 0) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- content_commitment = get_bit(bit_string, 1) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_encipherment = get_bit(bit_string, 2) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_encipherment = get_bit(bit_string, 3) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_agreement = get_bit(bit_string, 4) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_cert_sign = get_bit(bit_string, 5) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_sign = get_bit(bit_string, 6) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encipher_only = get_bit(bit_string, 7) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decipher_only = get_bit(bit_string, 8) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.KeyUsage(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digital_signature,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- content_commitment,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_encipherment,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_encipherment,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_agreement,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_cert_sign,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_sign,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encipher_only,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_general_names_extension(backend, gns):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gns = backend._ffi.cast("GENERAL_NAMES *", gns)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gns = backend._ffi.gc(gns, backend._lib.GENERAL_NAMES_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names = _decode_general_names(backend, gns)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_subject_alt_name(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.SubjectAlternativeName(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _decode_general_names_extension(backend, ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_issuer_alt_name(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.IssuerAlternativeName(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _decode_general_names_extension(backend, ext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_name_constraints(backend, nc):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nc = backend._ffi.cast("NAME_CONSTRAINTS *", nc)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nc = backend._ffi.gc(nc, backend._lib.NAME_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- permitted = _decode_general_subtrees(backend, nc.permittedSubtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- excluded = _decode_general_subtrees(backend, nc.excludedSubtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.NameConstraints(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- permitted_subtrees=permitted, excluded_subtrees=excluded
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_general_subtrees(backend, stack_subtrees):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if stack_subtrees == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_GENERAL_SUBTREE_num(stack_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subtrees = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = backend._lib.sk_GENERAL_SUBTREE_value(stack_subtrees, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = _decode_general_name(backend, obj.base)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subtrees.append(name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_issuing_dist_point(backend, idp):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp = backend._ffi.cast("ISSUING_DIST_POINT *", idp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp = backend._ffi.gc(idp, backend._lib.ISSUING_DIST_POINT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if idp.distpoint != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name, relative_name = _decode_distpoint(backend, idp.distpoint)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- relative_name = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_user = idp.onlyuser == 255
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_ca = idp.onlyCA == 255
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- indirect_crl = idp.indirectCRL == 255
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_attr = idp.onlyattr == 255
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if idp.onlysomereasons != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_some_reasons = _decode_reasons(backend, idp.onlysomereasons)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_some_reasons = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.IssuingDistributionPoint(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name, relative_name, only_user, only_ca, only_some_reasons,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- indirect_crl, only_attr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_policy_constraints(backend, pc):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pc = backend._ffi.cast("POLICY_CONSTRAINTS *", pc)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pc = backend._ffi.gc(pc, backend._lib.POLICY_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- require_explicit_policy = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, pc.requireExplicitPolicy
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- inhibit_policy_mapping = _asn1_integer_to_int_or_none(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, pc.inhibitPolicyMapping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.PolicyConstraints(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- require_explicit_policy, inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_extended_key_usage(backend, sk):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk = backend._ffi.cast("Cryptography_STACK_OF_ASN1_OBJECT *", sk)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk = backend._ffi.gc(sk, backend._lib.sk_ASN1_OBJECT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_ASN1_OBJECT_num(sk)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ekus = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = backend._lib.sk_ASN1_OBJECT_value(sk, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = x509.ObjectIdentifier(_obj2txt(backend, obj))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ekus.append(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.ExtendedKeyUsage(ekus)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_DISTPOINT_TYPE_FULLNAME = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_DISTPOINT_TYPE_RELATIVENAME = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_dist_points(backend, cdps):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdps = backend._ffi.cast("Cryptography_STACK_OF_DIST_POINT *", cdps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdps = backend._ffi.gc(cdps, backend._lib.CRL_DIST_POINTS_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._lib.sk_DIST_POINT_num(cdps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dist_points = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- relative_name = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_issuer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reasons = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdp = backend._lib.sk_DIST_POINT_value(cdps, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cdp.reasons != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reasons = _decode_reasons(backend, cdp.reasons)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cdp.CRLissuer != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_issuer = _decode_general_names(backend, cdp.CRLissuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Certificates may have a crl_issuer/reasons and no distribution
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # point so make sure it's not null.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cdp.distpoint != backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name, relative_name = _decode_distpoint(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, cdp.distpoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dist_points.append(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.DistributionPoint(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name, relative_name, reasons, crl_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dist_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# ReasonFlags ::= BIT STRING {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# unused (0),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# keyCompromise (1),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# cACompromise (2),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# affiliationChanged (3),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# superseded (4),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# cessationOfOperation (5),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# certificateHold (6),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# privilegeWithdrawn (7),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# aACompromise (8) }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_REASON_BIT_MAPPING = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 1: x509.ReasonFlags.key_compromise,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 2: x509.ReasonFlags.ca_compromise,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 3: x509.ReasonFlags.affiliation_changed,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 4: x509.ReasonFlags.superseded,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 5: x509.ReasonFlags.cessation_of_operation,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 6: x509.ReasonFlags.certificate_hold,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 7: x509.ReasonFlags.privilege_withdrawn,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 8: x509.ReasonFlags.aa_compromise,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_reasons(backend, reasons):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We will check each bit from RFC 5280
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enum_reasons = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for bit_position, reason in six.iteritems(_REASON_BIT_MAPPING):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if backend._lib.ASN1_BIT_STRING_get_bit(reasons, bit_position):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enum_reasons.append(reason)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return frozenset(enum_reasons)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_distpoint(backend, distpoint):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if distpoint.type == _DISTPOINT_TYPE_FULLNAME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name = _decode_general_names(backend, distpoint.name.fullname)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return full_name, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # OpenSSL code doesn't test for a specific type for
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # relativename, everything that isn't fullname is considered
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # relativename. Per RFC 5280:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # DistributionPointName ::= CHOICE {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # fullName [0] GeneralNames,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # nameRelativeToCRLIssuer [1] RelativeDistinguishedName }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rns = distpoint.name.relativename
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rnum = backend._lib.sk_X509_NAME_ENTRY_num(rns)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes = set()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(rnum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rn = backend._lib.sk_X509_NAME_ENTRY_value(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rns, i
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(rn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes.add(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _decode_x509_name_entry(backend, rn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- relative_name = x509.RelativeDistinguishedName(attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None, relative_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_crl_distribution_points(backend, cdps):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dist_points = _decode_dist_points(backend, cdps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.CRLDistributionPoints(dist_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_freshest_crl(backend, cdps):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dist_points = _decode_dist_points(backend, cdps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.FreshestCRL(dist_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_inhibit_any_policy(backend, asn1_int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._ffi.cast("ASN1_INTEGER *", asn1_int)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = backend._ffi.gc(asn1_int, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- skip_certs = _asn1_integer_to_int(backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.InhibitAnyPolicy(skip_certs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_precert_signed_certificate_timestamps(backend, asn1_scts):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.x509 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _SignedCertificateTimestamp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_scts = backend._ffi.cast("Cryptography_STACK_OF_SCT *", asn1_scts)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_scts = backend._ffi.gc(asn1_scts, backend._lib.SCT_LIST_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- scts = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(backend._lib.sk_SCT_num(asn1_scts)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sct = backend._lib.sk_SCT_value(asn1_scts, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- scts.append(_SignedCertificateTimestamp(backend, asn1_scts, sct))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.PrecertificateSignedCertificateTimestamps(scts)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# CRLReason ::= ENUMERATED {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# unspecified (0),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# keyCompromise (1),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# cACompromise (2),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# affiliationChanged (3),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# superseded (4),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# cessationOfOperation (5),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# certificateHold (6),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# -- value 7 is not used
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# removeFromCRL (8),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# privilegeWithdrawn (9),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# aACompromise (10) }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRL_ENTRY_REASON_CODE_TO_ENUM = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0: x509.ReasonFlags.unspecified,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 1: x509.ReasonFlags.key_compromise,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 2: x509.ReasonFlags.ca_compromise,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 3: x509.ReasonFlags.affiliation_changed,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 4: x509.ReasonFlags.superseded,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 5: x509.ReasonFlags.cessation_of_operation,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 6: x509.ReasonFlags.certificate_hold,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 8: x509.ReasonFlags.remove_from_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 9: x509.ReasonFlags.privilege_withdrawn,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 10: x509.ReasonFlags.aa_compromise,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRL_ENTRY_REASON_ENUM_TO_CODE = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.unspecified: 0,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.key_compromise: 1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.ca_compromise: 2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.affiliation_changed: 3,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.superseded: 4,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.cessation_of_operation: 5,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.certificate_hold: 6,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.remove_from_crl: 8,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.privilege_withdrawn: 9,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.aa_compromise: 10
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_crl_reason(backend, enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enum = backend._ffi.cast("ASN1_ENUMERATED *", enum)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enum = backend._ffi.gc(enum, backend._lib.ASN1_ENUMERATED_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- code = backend._lib.ASN1_ENUMERATED_get(enum)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.CRLReason(_CRL_ENTRY_REASON_CODE_TO_ENUM[code])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unsupported reason code: {}".format(code))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_invalidity_date(backend, inv_date):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generalized_time = backend._ffi.cast(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ASN1_GENERALIZEDTIME *", inv_date
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generalized_time = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generalized_time, backend._lib.ASN1_GENERALIZEDTIME_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.InvalidityDate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _parse_asn1_generalized_time(backend, generalized_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_cert_issuer(backend, gns):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gns = backend._ffi.cast("GENERAL_NAMES *", gns)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gns = backend._ffi.gc(gns, backend._lib.GENERAL_NAMES_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names = _decode_general_names(backend, gns)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.CertificateIssuer(general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _asn1_to_der(backend, asn1_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.i2d_ASN1_TYPE(asn1_type, buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(buf[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf, lambda buffer: backend._lib.OPENSSL_free(buffer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _asn1_integer_to_int(backend, asn1_int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn = backend._lib.ASN1_INTEGER_to_BN(asn1_int, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(bn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn = backend._ffi.gc(bn, backend._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._bn_to_int(bn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _asn1_integer_to_int_or_none(backend, asn1_int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if asn1_int == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_integer_to_int(backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _asn1_string_to_bytes(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(asn1_string.data, asn1_string.length)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _asn1_string_to_ascii(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(backend, asn1_string).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _asn1_string_to_utf8(backend, asn1_string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ASN1_STRING_to_UTF8(buf, asn1_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == -1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Unsupported ASN1 string type. Type: {}".format(asn1_string.type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(buf[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf, lambda buffer: backend._lib.OPENSSL_free(buffer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf[0], res)[:].decode('utf8')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _parse_asn1_time(backend, asn1_time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(asn1_time != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generalized_time = backend._lib.ASN1_TIME_to_generalizedtime(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time, backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if generalized_time == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Couldn't parse ASN.1 time as generalizedtime {!r}".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _asn1_string_to_bytes(backend, asn1_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generalized_time = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- generalized_time, backend._lib.ASN1_GENERALIZEDTIME_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_generalized_time(backend, generalized_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _parse_asn1_generalized_time(backend, generalized_time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time = _asn1_string_to_ascii(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, backend._ffi.cast("ASN1_STRING *", generalized_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return datetime.datetime.strptime(time, "%Y%m%d%H%M%SZ")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _decode_nonce(backend, nonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce = backend._ffi.cast("ASN1_OCTET_STRING *", nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce = backend._ffi.gc(nonce, backend._lib.ASN1_OCTET_STRING_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.OCSPNonce(_asn1_string_to_bytes(backend, nonce))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_EXTENSION_HANDLERS_NO_SCT = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.BASIC_CONSTRAINTS: _decode_basic_constraints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_KEY_IDENTIFIER: _decode_subject_key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.KEY_USAGE: _decode_key_usage,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_ALTERNATIVE_NAME: _decode_subject_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.EXTENDED_KEY_USAGE: _decode_extended_key_usage,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _decode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _decode_authority_information_access
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CERTIFICATE_POLICIES: _decode_certificate_policies,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CRL_DISTRIBUTION_POINTS: _decode_crl_distribution_points,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.FRESHEST_CRL: _decode_freshest_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.OCSP_NO_CHECK: _decode_ocsp_no_check,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.INHIBIT_ANY_POLICY: _decode_inhibit_any_policy,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _decode_issuer_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.NAME_CONSTRAINTS: _decode_name_constraints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.POLICY_CONSTRAINTS: _decode_policy_constraints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_EXTENSION_HANDLERS = _EXTENSION_HANDLERS_NO_SCT.copy()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_EXTENSION_HANDLERS[
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--] = _decode_precert_signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_REVOKED_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.CRL_REASON: _decode_crl_reason,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.INVALIDITY_DATE: _decode_invalidity_date,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.CERTIFICATE_ISSUER: _decode_cert_issuer,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRL_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CRL_NUMBER: _decode_crl_number,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.DELTA_CRL_INDICATOR: _decode_delta_crl_indicator,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _decode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _decode_issuer_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _decode_authority_information_access
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUING_DISTRIBUTION_POINT: _decode_issuing_dist_point,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OCSP_REQ_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPExtensionOID.NONCE: _decode_nonce,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OCSP_BASICRESP_EXTENSION_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPExtensionOID.NONCE: _decode_nonce,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CERTIFICATE_EXTENSION_PARSER_NO_SCT = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.X509_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.X509_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_EXTENSION_HANDLERS_NO_SCT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CERTIFICATE_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.X509_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.X509_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_EXTENSION_HANDLERS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CSR_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.sk_X509_EXTENSION_num(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.sk_X509_EXTENSION_value(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_EXTENSION_HANDLERS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_REVOKED_CERTIFICATE_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.X509_REVOKED_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.X509_REVOKED_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_REVOKED_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRL_EXTENSION_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.X509_CRL_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.X509_CRL_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_CRL_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OCSP_REQ_EXT_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.OCSP_REQUEST_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.OCSP_REQUEST_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_OCSP_REQ_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OCSP_BASICRESP_EXT_PARSER = _X509ExtensionParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ext_count=lambda backend, x: backend._lib.OCSP_BASICRESP_get_ext_count(x),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_ext=lambda backend, x, i: backend._lib.OCSP_BASICRESP_get_ext(x, i),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- handlers=_OCSP_BASICRESP_EXTENSION_HANDLERS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dh.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dh.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dh.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,280 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import dh
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _dh_params_dup(dh_cdata, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib = backend._lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ffi = backend._ffi
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- param_cdata = lib.DHparams_dup(dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(param_cdata != ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- param_cdata = ffi.gc(param_cdata, lib.DH_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # In OpenSSL versions < 1.0.2 or libressl DHparams_dup don't copy q
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.DH_get0_pqg(dh_cdata, ffi.NULL, q, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_dup = lib.BN_dup(q[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = lib.DH_set0_pqg(param_cdata, ffi.NULL, q_dup, ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return param_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _dh_cdata_to_parameters(dh_cdata, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- param_cdata = _dh_params_dup(dh_cdata, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHParameters(backend, param_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(dh.DHParametersWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DHParameters(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, dh_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_cdata = dh_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_pqg(self._dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_val = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_val = self._backend._bn_to_int(q[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dh.DHParameterNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g=self._backend._bn_to_int(g[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=q_val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.generate_dh_private_key(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameter_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is not serialization.ParameterFormat.PKCS3:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Only PKCS3 serialization is supported"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not self._backend._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_pqg(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DH X9.42 serialization is not supported",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_SERIALIZATION)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._parameter_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _handle_dh_compute_key_error(errors, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib = backend._lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0]._lib_reason_match(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.ERR_LIB_DH, lib.DH_R_INVALID_PUBKEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Public key value is invalid for this exchange.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _get_dh_num_bits(backend, dh_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.DH_get0_pqg(dh_cdata, p,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(p[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._lib.BN_num_bits(p[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(dh.DHPrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DHPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, dh_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_cdata = dh_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_size_bytes = self._backend._lib.DH_size(dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _get_dh_num_bits(self._backend, self._dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_pqg(self._dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_val = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_val = self._backend._bn_to_int(q[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- priv_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_key(self._dh_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(priv_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dh.DHPrivateNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers=dh.DHPublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers=dh.DHParameterNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g=self._backend._bn_to_int(g[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=q_val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x=self._backend._bn_to_int(priv_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]", self._key_size_bytes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_key(peer_public_key._dh_cdata, pub_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.DH_compute_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key[0],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == -1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _handle_dh_compute_key_error(errors, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = self._backend._ffi.buffer(buf)[:res]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pad = self._key_size_bytes - len(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if pad > 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = (b"\x00" * pad) + key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dh_cdata = _dh_params_dup(self._dh_cdata, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_key(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key, self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key_dup = self._backend._lib.BN_dup(pub_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key_dup != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.DH_set0_key(dh_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key_dup,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._dh_cdata_to_evp_pkey(dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DHPublicKey(self._backend, dh_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _dh_cdata_to_parameters(self._dh_cdata, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is not serialization.PrivateFormat.PKCS8:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DH private keys support only PKCS8 serialization"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not self._backend._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_pqg(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DH X9.42 serialization is not supported",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_SERIALIZATION)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(dh.DHPublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DHPublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, dh_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dh_cdata = dh_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_size_bits = _get_dh_num_bits(self._backend, self._dh_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._key_size_bits
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_pqg(self._dh_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_val = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q_val = self._backend._bn_to_int(q[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_key(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key, self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dh.DHPublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers=dh.DHParameterNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g=self._backend._bn_to_int(g[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=q_val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _dh_cdata_to_parameters(self._dh_cdata, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is not serialization.PublicFormat.SubjectPublicKeyInfo:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DH public keys support only "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SubjectPublicKeyInfo serialization"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not self._backend._lib.Cryptography_HAS_EVP_PKEY_DHX:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DH_get0_pqg(self._dh_cdata,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DH X9.42 serialization is not supported",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_SERIALIZATION)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/dsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,268 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.utils import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _calculate_digest_and_algorithm, _check_not_prehashed,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AsymmetricSignatureContext, AsymmetricVerificationContext, dsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _dsa_sig_sign(backend, private_key, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig_buf_len = backend._lib.DSA_size(private_key._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig_buf = backend._ffi.new("unsigned char[]", sig_buf_len)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = backend._ffi.new("unsigned int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The first parameter passed to DSA_sign is unused by OpenSSL but
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # must be an integer.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.DSA_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0, data, len(data), sig_buf, buflen, private_key._dsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(buflen[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(sig_buf)[:buflen[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _dsa_sig_verify(backend, public_key, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The first parameter passed to DSA_verify is unused by OpenSSL but
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # must be an integer.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.DSA_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0, data, len(data), signature, len(signature), public_key._dsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricVerificationContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DSAVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, public_key, signature, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signature = signature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_to_verify = self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _dsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._public_key, self._signature, data_to_verify
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricSignatureContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DSASignatureContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._private_key = private_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_to_sign = self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _dsa_sig_sign(self._backend, self._private_key, data_to_sign)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(dsa.DSAParametersWithNumbers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DSAParameters(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, dsa_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata = dsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dsa.DSAParameterNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g=self._backend._bn_to_int(g[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.generate_dsa_private_key(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(dsa.DSAPrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, dsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata = dsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_pqg(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata, p, self._backend._ffi.NULL, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_size = self._backend._lib.BN_num_bits(p[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_not_prehashed(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSASignatureContext(self._backend, self, signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- priv_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_key(self._dsa_cdata, pub_key, priv_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(priv_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dsa.DSAPrivateNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers=dsa.DSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers=dsa.DSAParameterNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g=self._backend._bn_to_int(g[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x=self._backend._bn_to_int(priv_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._backend._lib.DSAparams_dup(self._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(dsa_cdata != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata, self._backend._lib.DSA_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata, pub_key, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key_dup = self._backend._lib.BN_dup(pub_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.DSA_set0_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata, pub_key_dup, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._dsa_cdata_to_evp_pkey(dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAPublicKey(self._backend, dsa_cdata, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._backend._lib.DSAparams_dup(self._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(dsa_cdata != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata, self._backend._lib.DSA_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAParameters(self._backend, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _dsa_sig_sign(self._backend, self, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(dsa.DSAPublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, dsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata = dsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_pqg(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata, p, self._backend._ffi.NULL, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_size = self._backend._lib.BN_num_bits(p[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_not_prehashed(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAVerificationContext(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self, signature, signature_algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pub_key = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_pqg(self._dsa_cdata, p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(g[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.DSA_get0_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dsa_cdata, pub_key, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pub_key[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dsa.DSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers=dsa.DSAParameterNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g=self._backend._bn_to_int(g[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y=self._backend._bn_to_int(pub_key[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._backend._lib.DSAparams_dup(self._dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dsa_cdata, self._backend._lib.DSA_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DSAParameters(self._backend, dsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PublicFormat.PKCS1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DSA public keys do not support PKCS1 serialization"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _dsa_sig_verify(self._backend, self, signature, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ec.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ec.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ec.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,340 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.utils import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _calculate_digest_and_algorithm, _check_not_prehashed,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AsymmetricSignatureContext, AsymmetricVerificationContext, ec
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_signature_algorithm(signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(signature_algorithm, ec.ECDSA):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Unsupported elliptic curve signature algorithm.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ec_key_curve_sn(backend, ec_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = backend._lib.EC_KEY_get0_group(ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(group != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nid = backend._lib.EC_GROUP_get_curve_name(group)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The following check is to find EC keys with unnamed curves and raise
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # an error for now.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if nid == backend._lib.NID_undef:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ECDSA certificates with unnamed curves are unsupported "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "at this time"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_name = backend._lib.OBJ_nid2sn(nid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(curve_name != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sn = backend._ffi.string(curve_name).decode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return sn
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _mark_asn1_named_ec_curve(backend, ec_cdata):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Set the named curve flag on the EC_KEY. This causes OpenSSL to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialize EC keys along with their curve OID which makes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- deserialization easier.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.EC_KEY_set_asn1_flag(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec_cdata, backend._lib.OPENSSL_EC_NAMED_CURVE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _sn_to_elliptic_curve(backend, sn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ec._CURVE_TYPES[sn]()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not a supported elliptic curve".format(sn),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ecdsa_sig_sign(backend, private_key, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- max_size = backend._lib.ECDSA_size(private_key._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(max_size > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sigbuf = backend._ffi.new("unsigned char[]", max_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- siglen_ptr = backend._ffi.new("unsigned int[]", 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ECDSA_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0, data, len(data), sigbuf, siglen_ptr, private_key._ec_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(sigbuf)[:siglen_ptr[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ecdsa_sig_verify(backend, public_key, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ECDSA_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0, data, len(data), signature, len(signature), public_key._ec_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricSignatureContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _ECDSASignatureContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._private_key = private_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest = hashes.Hash(algorithm, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self._digest.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ecdsa_sig_sign(self._backend, self._private_key, digest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricVerificationContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _ECDSAVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, public_key, signature, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signature = signature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest = hashes.Hash(algorithm, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self._digest.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _ecdsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._public_key, self._signature, digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ec.EllipticCurvePrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _EllipticCurvePrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, ec_key_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _mark_asn1_named_ec_curve(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ec_key = ec_key_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sn = _ec_key_curve_sn(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._curve = _sn_to_elliptic_curve(backend, sn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve = utils.read_only_property("_curve")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.curve.key_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_not_prehashed(signature_algorithm.algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ECDSASignatureContext(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self, signature_algorithm.algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, algorithm, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.elliptic_curve_exchange_algorithm_supported(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm, self.curve
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "This backend does not support the ECDH algorithm.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if peer_public_key.curve.name != self.curve.name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "peer_public_key and self are not on the same curve"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- z_len = (self._backend._lib.EC_GROUP_get_degree(group) + 7) // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(z_len > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- z_buf = self._backend._ffi.new("uint8_t[]", z_len)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- peer_key = self._backend._lib.EC_KEY_get0_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- peer_public_key._ec_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r = self._backend._lib.ECDH_compute_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- z_buf, z_len, peer_key, self._ec_key, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(r > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(z_buf)[:z_len]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(group != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_nid = self._backend._lib.EC_GROUP_get_curve_name(group)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_ec_key = self._backend._lib.EC_KEY_new_by_curve_name(curve_nid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(public_ec_key != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_ec_key = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_ec_key, self._backend._lib.EC_KEY_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(point != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EC_KEY_set_public_key(public_ec_key, point)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._ec_cdata_to_evp_pkey(public_ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _EllipticCurvePublicKey(self._backend, public_ec_key, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn = self._backend._lib.EC_KEY_get0_private_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private_value = self._backend._bn_to_int(bn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ec.EllipticCurvePrivateNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private_value=private_value,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers=self.public_key().public_numbers()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ec_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, data, signature_algorithm._algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ecdsa_sig_sign(self._backend, self, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ec.EllipticCurvePublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _EllipticCurvePublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, ec_key_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _mark_asn1_named_ec_curve(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ec_key = ec_key_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sn = _ec_key_curve_sn(backend, ec_key_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._curve = _sn_to_elliptic_curve(backend, sn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve = utils.read_only_property("_curve")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.curve.key_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_not_prehashed(signature_algorithm.algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ECDSAVerificationContext(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self, signature, signature_algorithm.algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- get_func, group = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ec_key_determine_group_get_func(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(point != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._backend._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_x = self._backend._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bn_y = self._backend._lib.BN_CTX_get(bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = get_func(group, point, bn_x, bn_y, bn_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x = self._backend._bn_to_int(bn_x)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y = self._backend._bn_to_int(bn_y)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ec.EllipticCurvePublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x=x,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y=y,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve=self._curve
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _encode_point(self, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PublicFormat.CompressedPoint:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- conversion = self._backend._lib.POINT_CONVERSION_COMPRESSED
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert format is serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- conversion = self._backend._lib.POINT_CONVERSION_UNCOMPRESSED
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group = self._backend._lib.EC_KEY_get0_group(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(group != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- point = self._backend._lib.EC_KEY_get0_public_key(self._ec_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(point != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with self._backend._tmp_bn_ctx() as bn_ctx:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._lib.EC_POINT_point2oct(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group, point, conversion, self._backend._ffi.NULL, 0, bn_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("char[]", buflen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EC_POINT_point2oct(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- group, point, conversion, buf, buflen, bn_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen == res)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if format is serialization.PublicFormat.PKCS1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EC public keys do not support PKCS1 serialization"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.X962 or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.CompressedPoint or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.X962 or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format not in (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.CompressedPoint,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X962 encoding must be used with CompressedPoint or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UncompressedPoint format"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._encode_point(format)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_signature_algorithm(signature_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, data, signature_algorithm._algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _ecdsa_sig_verify(self._backend, self, signature, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,151 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import exceptions, utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.ed25519 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Ed25519PrivateKey, Ed25519PublicKey, _ED25519_KEY_SIZE, _ED25519_SIG_SIZE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Ed25519PublicKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Ed25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestVerifyInit(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestVerify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, signature, len(signature), data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise exceptions.InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Ed25519PrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Ed25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_bytes = self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.ed25519_load_public_bytes(public_bytes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSignInit(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]", _ED25519_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", len(buf))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, buf, buflen, data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED25519_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, buflen[0])[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED25519_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, _ED25519_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed448.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ed448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,154 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import exceptions, utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.ed448 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Ed448PrivateKey, Ed448PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ED448_KEY_SIZE = 57
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ED448_SIG_SIZE = 114
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Ed448PublicKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Ed448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, _ED448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestVerifyInit(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestVerify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, signature, len(signature), data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise exceptions.InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Ed448PrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Ed448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_bytes = self._backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.ed448_load_public_bytes(public_bytes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(evp_md_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSignInit(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]", _ED448_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", len(buf))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md_ctx, buf, buflen, data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED448_SIG_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, buflen[0])[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _ED448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, _ED448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/encode_asn1.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/encode_asn1.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/encode_asn1.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,657 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import calendar
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import ipaddress
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CRL_ENTRY_REASON_ENUM_TO_CODE, _DISTPOINT_TYPE_FULLNAME,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _DISTPOINT_TYPE_RELATIVENAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.name import _ASN1Type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID, ExtensionOID, OCSPExtensionOID,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_asn1_int(backend, x):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Converts a python integer to an ASN1_INTEGER. The returned ASN1_INTEGER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- will not be garbage collected (to support adding them to structs that take
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ownership of the object). Be sure to register it for GC if it will be
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- discarded after use.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Convert Python integer to OpenSSL "bignum" in case value exceeds
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # machine's native integer limits (note: `int_to_bn` doesn't automatically
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # GC).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- i = backend._int_to_bn(x)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- i = backend._ffi.gc(i, backend._lib.BN_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Wrap in an ASN.1 integer. Don't GC -- as documented.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- i = backend._lib.BN_to_ASN1_INTEGER(i, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(i != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return i
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_asn1_int_gc(backend, x):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- i = _encode_asn1_int(backend, x)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- i = backend._ffi.gc(i, backend._lib.ASN1_INTEGER_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return i
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_asn1_str(backend, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create an ASN1_OCTET_STRING from a Python byte string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- s = backend._lib.ASN1_OCTET_STRING_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ASN1_OCTET_STRING_set(s, data, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return s
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_asn1_utf8_str(backend, string):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Create an ASN1_UTF8STRING from a Python unicode string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- This object will be an ASN1_STRING with UTF8 type in OpenSSL and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- can be decoded with ASN1_STRING_to_UTF8.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- s = backend._lib.ASN1_UTF8STRING_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ASN1_STRING_set(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- s, string.encode("utf8"), len(string.encode("utf8"))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return s
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_asn1_str_gc(backend, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- s = _encode_asn1_str(backend, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- s = backend._ffi.gc(s, backend._lib.ASN1_OCTET_STRING_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return s
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_inhibit_any_policy(backend, inhibit_any_policy):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _encode_asn1_int_gc(backend, inhibit_any_policy.skip_certs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_name(backend, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The X509_NAME created will not be gc'd. Use _encode_name_gc if needed.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subject = backend._lib.X509_NAME_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for rdn in name.rdns:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- set_flag = 0 # indicate whether to add to last RDN or create new RDN
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for attribute in rdn:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_entry = _encode_name_entry(backend, attribute)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # X509_NAME_add_entry dups the object so we need to gc this copy
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_entry = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_entry, backend._lib.X509_NAME_ENTRY_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.X509_NAME_add_entry(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subject, name_entry, -1, set_flag)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- set_flag = -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return subject
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_name_gc(backend, attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subject = _encode_name(backend, attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subject = backend._ffi.gc(subject, backend._lib.X509_NAME_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return subject
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_sk_name_entry(backend, attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The sk_X509_NAME_ENTRY created will not be gc'd.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stack = backend._lib.sk_X509_NAME_ENTRY_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for attribute in attributes:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_entry = _encode_name_entry(backend, attribute)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_X509_NAME_ENTRY_push(stack, name_entry)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return stack
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_name_entry(backend, attribute):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if attribute._type is _ASN1Type.BMPString:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = attribute.value.encode('utf_16_be')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = attribute.value.encode('utf8')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = _txt2obj_gc(backend, attribute.oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_entry = backend._lib.X509_NAME_ENTRY_create_by_OBJ(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, obj, attribute._type.value, value, len(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return name_entry
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_crl_number_delta_crl_indicator(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _encode_asn1_int_gc(backend, ext.crl_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_issuing_dist_point(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp = backend._lib.ISSUING_DIST_POINT_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(idp != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp = backend._ffi.gc(idp, backend._lib.ISSUING_DIST_POINT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.onlyuser = 255 if ext.only_contains_user_certs else 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.onlyCA = 255 if ext.only_contains_ca_certs else 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.indirectCRL = 255 if ext.indirect_crl else 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.onlyattr = 255 if ext.only_contains_attribute_certs else 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ext.only_some_reasons:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.onlysomereasons = _encode_reasonflags(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, ext.only_some_reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ext.full_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.distpoint = _encode_full_name(backend, ext.full_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ext.relative_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idp.distpoint = _encode_relative_name(backend, ext.relative_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return idp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_crl_reason(backend, crl_reason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1enum = backend._lib.ASN1_ENUMERATED_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(asn1enum != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1enum = backend._ffi.gc(asn1enum, backend._lib.ASN1_ENUMERATED_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ASN1_ENUMERATED_set(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1enum, _CRL_ENTRY_REASON_ENUM_TO_CODE[crl_reason.reason]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return asn1enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_invalidity_date(backend, invalidity_date):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time = backend._lib.ASN1_GENERALIZEDTIME_set(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, calendar.timegm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- invalidity_date.invalidity_date.timetuple()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(time != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time = backend._ffi.gc(time, backend._lib.ASN1_GENERALIZEDTIME_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_certificate_policies(backend, certificate_policies):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cp = backend._lib.sk_POLICYINFO_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(cp != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cp = backend._ffi.gc(cp, backend._lib.sk_POLICYINFO_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for policy_info in certificate_policies:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pi = backend._lib.POLICYINFO_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pi != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_POLICYINFO_push(cp, pi)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _txt2obj(backend, policy_info.policy_identifier.dotted_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pi.policyid = oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if policy_info.policy_qualifiers:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqis = backend._lib.sk_POLICYQUALINFO_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pqis != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for qualifier in policy_info.policy_qualifiers:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi = backend._lib.POLICYQUALINFO_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pqi != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_POLICYQUALINFO_push(pqis, pqi)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(qualifier, six.text_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi.pqualid = _txt2obj(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, x509.OID_CPS_QUALIFIER.dotted_string
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi.d.cpsuri = _encode_asn1_str(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- qualifier.encode("ascii"),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert isinstance(qualifier, x509.UserNotice)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi.pqualid = _txt2obj(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, x509.OID_CPS_USER_NOTICE.dotted_string
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- un = backend._lib.USERNOTICE_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(un != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pqi.d.usernotice = un
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if qualifier.explicit_text:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- un.exptext = _encode_asn1_utf8_str(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, qualifier.explicit_text
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- un.noticeref = _encode_notice_reference(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, qualifier.notice_reference
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pi.qualifiers = pqis
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_notice_reference(backend, notice):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if notice is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nr = backend._lib.NOTICEREF_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(nr != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # organization is a required field
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nr.organization = _encode_asn1_utf8_str(backend, notice.organization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_stack = backend._lib.sk_ASN1_INTEGER_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nr.noticenos = notice_stack
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for number in notice.notice_numbers:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = _encode_asn1_int(backend, number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_ASN1_INTEGER_push(notice_stack, num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return nr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _txt2obj(backend, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Converts a Python string with an ASN.1 object ID in dotted form to a
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ASN1_OBJECT.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = name.encode('ascii')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = backend._lib.OBJ_txt2obj(name, 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return obj
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _txt2obj_gc(backend, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = _txt2obj(backend, name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = backend._ffi.gc(obj, backend._lib.ASN1_OBJECT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return obj
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_ocsp_nocheck(backend, ext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Doesn't need to be GC'd
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._lib.ASN1_NULL_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_key_usage(backend, key_usage):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- set_bit = backend._lib.ASN1_BIT_STRING_set_bit
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ku = backend._lib.ASN1_BIT_STRING_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ku = backend._ffi.gc(ku, backend._lib.ASN1_BIT_STRING_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 0, key_usage.digital_signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 1, key_usage.content_commitment)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 2, key_usage.key_encipherment)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 3, key_usage.data_encipherment)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 4, key_usage.key_agreement)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 5, key_usage.key_cert_sign)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 6, key_usage.crl_sign)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_usage.key_agreement:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 7, key_usage.encipher_only)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 8, key_usage.decipher_only)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 7, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = set_bit(ku, 8, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ku
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_authority_key_identifier(backend, authority_keyid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid = backend._lib.AUTHORITY_KEYID_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(akid != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid = backend._ffi.gc(akid, backend._lib.AUTHORITY_KEYID_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if authority_keyid.key_identifier is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid.keyid = _encode_asn1_str(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_keyid.key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if authority_keyid.authority_cert_issuer is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid.issuer = _encode_general_names(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, authority_keyid.authority_cert_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if authority_keyid.authority_cert_serial_number is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- akid.serial = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, authority_keyid.authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return akid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_basic_constraints(backend, basic_constraints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- constraints = backend._lib.BASIC_CONSTRAINTS_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- constraints = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- constraints, backend._lib.BASIC_CONSTRAINTS_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- constraints.ca = 255 if basic_constraints.ca else 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if basic_constraints.ca and basic_constraints.path_length is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- constraints.pathlen = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, basic_constraints.path_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return constraints
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_authority_information_access(backend, authority_info_access):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aia = backend._lib.sk_ACCESS_DESCRIPTION_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(aia != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aia = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aia,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lambda x: backend._lib.sk_ACCESS_DESCRIPTION_pop_free(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x, backend._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib._original_lib, "ACCESS_DESCRIPTION_free"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for access_description in authority_info_access:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ad = backend._lib.ACCESS_DESCRIPTION_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- method = _txt2obj(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, access_description.access_method.dotted_string
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _encode_general_name_preallocated(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, access_description.access_location, ad.location
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ad.method = method
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_ACCESS_DESCRIPTION_push(aia, ad)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aia
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_general_names(backend, names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names = backend._lib.GENERAL_NAMES_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(general_names != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for name in names:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn = _encode_general_name(backend, name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_GENERAL_NAME_push(general_names, gn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_alt_name(backend, san):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names = _encode_general_names(backend, san)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names = backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names, backend._lib.GENERAL_NAMES_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_subject_key_identifier(backend, ski):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _encode_asn1_str_gc(backend, ski.digest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_general_name(backend, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn = backend._lib.GENERAL_NAME_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _encode_general_name_preallocated(backend, name, gn)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return gn
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_general_name_preallocated(backend, name, gn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(name, x509.DNSName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_DNS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ia5 = backend._lib.ASN1_IA5STRING_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(ia5 != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ia5strings are supposed to be ITU T.50 but to allow round-tripping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # of broken certs that encode utf8 we'll encode utf8 here too.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = name.value.encode("utf8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ASN1_STRING_set(ia5, value, len(value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.dNSName = ia5
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name, x509.RegisteredID):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_RID
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = backend._lib.OBJ_txt2obj(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name.value.dotted_string.encode('ascii'), 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(obj != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.registeredID = obj
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name, x509.DirectoryName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dir_name = _encode_name(backend, name.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_DIRNAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.directoryName = dir_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name, x509.IPAddress):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(name.value, ipaddress.IPv4Network):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- packed = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name.value.network_address.packed +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.int_to_bytes(((1 << 32) - name.value.num_addresses), 4)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name.value, ipaddress.IPv6Network):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- packed = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name.value.network_address.packed +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.int_to_bytes((1 << 128) - name.value.num_addresses, 16)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- packed = name.value.packed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ipaddr = _encode_asn1_str(backend, packed)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_IPADD
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.iPAddress = ipaddr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name, x509.OtherName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other_name = backend._lib.OTHERNAME_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(other_name != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- type_id = backend._lib.OBJ_txt2obj(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name.type_id.dotted_string.encode('ascii'), 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(type_id != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = backend._ffi.new("unsigned char[]", name.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr_ptr = backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr_ptr[0] = data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = backend._lib.d2i_ASN1_TYPE(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, data_ptr_ptr, len(name.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if value == backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid ASN.1 data")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other_name.type_id = type_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other_name.value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_OTHERNAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.otherName = other_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name, x509.RFC822Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ia5strings are supposed to be ITU T.50 but to allow round-tripping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # of broken certs that encode utf8 we'll encode utf8 here too.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = name.value.encode("utf8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_str = _encode_asn1_str(backend, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_EMAIL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.rfc822Name = asn1_str
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(name, x509.UniformResourceIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(gn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ia5strings are supposed to be ITU T.50 but to allow round-tripping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # of broken certs that encode utf8 we'll encode utf8 here too.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = name.value.encode("utf8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_str = _encode_asn1_str(backend, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.type = backend._lib.GEN_URI
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gn.d.uniformResourceIdentifier = asn1_str
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is an unknown GeneralName type".format(name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_extended_key_usage(backend, extended_key_usage):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- eku = backend._lib.sk_ASN1_OBJECT_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- eku = backend._ffi.gc(eku, backend._lib.sk_ASN1_OBJECT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for oid in extended_key_usage:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = _txt2obj(backend, oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_ASN1_OBJECT_push(eku, obj)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return eku
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRLREASONFLAGS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.key_compromise: 1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.ca_compromise: 2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.affiliation_changed: 3,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.superseded: 4,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.cessation_of_operation: 5,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.certificate_hold: 6,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.privilege_withdrawn: 7,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.ReasonFlags.aa_compromise: 8,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_reasonflags(backend, reasons):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bitmask = backend._lib.ASN1_BIT_STRING_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(bitmask != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for reason in reasons:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.ASN1_BIT_STRING_set_bit(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bitmask, _CRLREASONFLAGS[reason], 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return bitmask
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_full_name(backend, full_name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dpn = backend._lib.DIST_POINT_NAME_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(dpn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dpn.type = _DISTPOINT_TYPE_FULLNAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dpn.name.fullname = _encode_general_names(backend, full_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dpn
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_relative_name(backend, relative_name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dpn = backend._lib.DIST_POINT_NAME_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(dpn != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dpn.type = _DISTPOINT_TYPE_RELATIVENAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dpn.name.relativename = _encode_sk_name_entry(backend, relative_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dpn
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_cdps_freshest_crl(backend, cdps):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdp = backend._lib.sk_DIST_POINT_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cdp = backend._ffi.gc(cdp, backend._lib.sk_DIST_POINT_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for point in cdps:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dp = backend._lib.DIST_POINT_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(dp != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if point.reasons:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dp.reasons = _encode_reasonflags(backend, point.reasons)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if point.full_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dp.distpoint = _encode_full_name(backend, point.full_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if point.relative_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dp.distpoint = _encode_relative_name(backend, point.relative_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if point.crl_issuer:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dp.CRLissuer = _encode_general_names(backend, point.crl_issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_DIST_POINT_push(cdp, dp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cdp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_name_constraints(backend, name_constraints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nc = backend._lib.NAME_CONSTRAINTS_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(nc != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nc = backend._ffi.gc(nc, backend._lib.NAME_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- permitted = _encode_general_subtree(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, name_constraints.permitted_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nc.permittedSubtrees = permitted
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- excluded = _encode_general_subtree(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, name_constraints.excluded_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nc.excludedSubtrees = excluded
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return nc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_policy_constraints(backend, policy_constraints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pc = backend._lib.POLICY_CONSTRAINTS_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pc != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pc = backend._ffi.gc(pc, backend._lib.POLICY_CONSTRAINTS_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if policy_constraints.require_explicit_policy is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pc.requireExplicitPolicy = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, policy_constraints.require_explicit_policy
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if policy_constraints.inhibit_policy_mapping is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pc.inhibitPolicyMapping = _encode_asn1_int(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, policy_constraints.inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return pc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_general_subtree(backend, subtrees):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if subtrees is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_subtrees = backend._lib.sk_GENERAL_SUBTREE_new_null()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for name in subtrees:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gs = backend._lib.GENERAL_SUBTREE_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- gs.base = _encode_general_name(backend, name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.sk_GENERAL_SUBTREE_push(general_subtrees, gs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert res >= 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return general_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _encode_nonce(backend, nonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _encode_asn1_str_gc(backend, nonce.nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.BASIC_CONSTRAINTS: _encode_basic_constraints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_KEY_IDENTIFIER: _encode_subject_key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.KEY_USAGE: _encode_key_usage,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_ALTERNATIVE_NAME: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.EXTENDED_KEY_USAGE: _encode_extended_key_usage,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _encode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CERTIFICATE_POLICIES: _encode_certificate_policies,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _encode_authority_information_access
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CRL_DISTRIBUTION_POINTS: _encode_cdps_freshest_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.FRESHEST_CRL: _encode_cdps_freshest_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.INHIBIT_ANY_POLICY: _encode_inhibit_any_policy,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.OCSP_NO_CHECK: _encode_ocsp_nocheck,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.NAME_CONSTRAINTS: _encode_name_constraints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.POLICY_CONSTRAINTS: _encode_policy_constraints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRL_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUER_ALTERNATIVE_NAME: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: _encode_authority_key_identifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _encode_authority_information_access
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CRL_NUMBER: _encode_crl_number_delta_crl_indicator,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.DELTA_CRL_INDICATOR: _encode_crl_number_delta_crl_indicator,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUING_DISTRIBUTION_POINT: _encode_issuing_dist_point,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CRL_ENTRY_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.CERTIFICATE_ISSUER: _encode_alt_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.CRL_REASON: _encode_crl_reason,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.INVALIDITY_DATE: _encode_invalidity_date,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OCSP_REQUEST_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPExtensionOID.NONCE: _encode_nonce,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OCSP_BASICRESP_EXTENSION_ENCODE_HANDLERS = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPExtensionOID.NONCE: _encode_nonce,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hashes.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hashes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hashes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,78 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(hashes.HashContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _HashContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, algorithm, ctx=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._backend._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_md == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not a supported hash on this backend.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm.name),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestInit_ex(ctx, evp_md,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_MD_CTX_copy_ex(copied_ctx, self._ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _HashContext(self._backend, self.algorithm, ctx=copied_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._backend._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestUpdate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(self.algorithm, hashes.ExtendableOutputFunction):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # extendable output functions use a different finalize
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._finalize_xof()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.EVP_MAX_MD_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = self._backend._ffi.new("unsigned int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestFinal_ex(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen[0] == self.algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _finalize_xof(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.algorithm.digest_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestFinalXOF(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, buf, self.algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:self.algorithm.digest_size]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/hmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,74 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(hashes.HashContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _HMACContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, key, algorithm, ctx=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._lib.Cryptography_HMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._backend._lib.Cryptography_HMAC_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = self._backend._evp_md_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if evp_md == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not a supported hash on this backend".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm.name),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_ptr = self._backend._ffi.from_buffer(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.HMAC_Init_ex(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, key_ptr, len(key), evp_md, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx = self._backend._lib.Cryptography_HMAC_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(copied_ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- copied_ctx, self._backend._lib.Cryptography_HMAC_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.HMAC_CTX_copy(copied_ctx, self._ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _HMACContext(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._key, self.algorithm, ctx=copied_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._backend._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.HMAC_Update(self._ctx, data_ptr, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.EVP_MAX_MD_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = self._backend._ffi.new("unsigned int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.HMAC_Final(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(outlen[0] == self.algorithm.digest_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(digest, signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidSignature("Signature did not match digest.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ocsp.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,381 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import functools
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CRL_ENTRY_REASON_CODE_TO_ENUM, _OCSP_BASICRESP_EXT_PARSER,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _OCSP_REQ_EXT_PARSER, _asn1_integer_to_int,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _asn1_string_to_bytes, _decode_x509_name, _obj2txt,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _parse_asn1_generalized_time,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.x509 import _Certificate
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.ocsp import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPCertStatus, OCSPRequest, OCSPResponse, OCSPResponseStatus,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CERT_STATUS_TO_ENUM, _OIDS_TO_HASH, _RESPONSE_STATUS_TO_ENUM,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _requires_successful_response(func):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @functools.wraps(func)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def wrapper(self, *args):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.response_status != OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OCSP response status is not successful so the property "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "has no value"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return func(self, *args)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return wrapper
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _issuer_key_hash(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_hash = backend._ffi.new("ASN1_OCTET_STRING **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_hash, backend._ffi.NULL, cert_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(key_hash[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(backend, key_hash[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _issuer_name_hash(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_hash = backend._ffi.new("ASN1_OCTET_STRING **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name_hash, backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, backend._ffi.NULL, cert_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(name_hash[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(backend, name_hash[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _serial_number(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = backend._ffi.new("ASN1_INTEGER **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, num, cert_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(num[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_integer_to_int(backend, num[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _hash_algorithm(backend, cert_id):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1obj = backend._ffi.new("ASN1_OBJECT **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.OCSP_id_get0_info(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, asn1obj,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL, backend._ffi.NULL, cert_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(asn1obj[0] != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(backend, asn1obj[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Signature algorithm OID: {} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(OCSPResponse)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _OCSPResponse(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, ocsp_response):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ocsp_response = ocsp_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- status = self._backend._lib.OCSP_response_status(self._ocsp_response)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(status in _RESPONSE_STATUS_TO_ENUM)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._status = _RESPONSE_STATUS_TO_ENUM[status]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._status is OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic = self._backend._lib.OCSP_response_get1_basic(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ocsp_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(basic != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._basic = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- basic, self._backend._lib.OCSP_BASICRESP_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.OCSP_resp_count(self._basic) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single = self._backend._lib.OCSP_resp_get0(self._basic, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single != self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cert_id = self._backend._lib.OCSP_SINGLERESP_get0_id(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cert_id != self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- response_status = utils.read_only_property("_status")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- alg = self._backend._lib.OCSP_resp_get0_tbs_sigalg(self._basic)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(alg != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(self._backend, alg.algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig = self._backend._lib.OCSP_resp_get0_signature(self._basic)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(sig != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(self._backend, sig)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_response_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- respdata = self._backend._lib.OCSP_resp_get0_respdata(self._basic)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(respdata != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_OCSP_RESPDATA(respdata, pp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pp[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def certificates(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sk_x509 = self._backend._lib.OCSP_resp_get0_certs(self._basic)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = self._backend._lib.sk_X509_num(sk_x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certs = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(num):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509 = self._backend._lib.sk_X509_value(sk_x509, i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(x509 != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert = _Certificate(self._backend, x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We need to keep the OCSP response that the certificate came from
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # alive until the Certificate object itself goes out of scope, so
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we give it a private reference.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert._ocsp_resp = self
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certs.append(cert)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def responder_key_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _, asn1_string = self._responder_key_name()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if asn1_string == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(self._backend, asn1_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def responder_name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_name, _ = self._responder_key_name()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if x509_name == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _decode_x509_name(self._backend, x509_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _responder_key_name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_string = self._backend._ffi.new("ASN1_OCTET_STRING **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_name = self._backend._ffi.new("X509_NAME **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.OCSP_resp_get0_id(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._basic, asn1_string, x509_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509_name[0], asn1_string[0]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def produced_at(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- produced_at = self._backend._lib.OCSP_resp_get0_produced_at(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._basic
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_generalized_time(self._backend, produced_at)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def certificate_status(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- status = self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(status in _CERT_STATUS_TO_ENUM)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CERT_STATUS_TO_ENUM[status]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_time(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.certificate_status is not OCSPCertStatus.REVOKED:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._backend._ffi.new("ASN1_GENERALIZEDTIME **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(asn1_time[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_generalized_time(self._backend, asn1_time[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_reason(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.certificate_status is not OCSPCertStatus.REVOKED:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason_ptr = self._backend._ffi.new("int *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason_ptr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # If no reason is encoded OpenSSL returns -1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if reason_ptr[0] == -1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason_ptr[0] in _CRL_ENTRY_REASON_CODE_TO_ENUM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CRL_ENTRY_REASON_CODE_TO_ENUM[reason_ptr[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def this_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._backend._ffi.new("ASN1_GENERALIZEDTIME **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(asn1_time[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_generalized_time(self._backend, asn1_time[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def next_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._backend._ffi.new("ASN1_GENERALIZEDTIME **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.OCSP_single_get0_status(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._single,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if asn1_time[0] != self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_generalized_time(self._backend, asn1_time[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _issuer_key_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _issuer_name_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _hash_algorithm(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _serial_number(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @_requires_successful_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OCSP_BASICRESP_EXT_PARSER.parse(self._backend, self._basic)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is not serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The only allowed encoding value is Encoding.DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_OCSP_RESPONSE_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio, self._ocsp_response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(OCSPRequest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _OCSPRequest(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, ocsp_request):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if backend._lib.OCSP_request_onereq_count(ocsp_request) > 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'OCSP request contains more than one request'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ocsp_request = ocsp_request
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._request = self._backend._lib.OCSP_request_onereq_get0(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ocsp_request, 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(self._request != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cert_id = self._backend._lib.OCSP_onereq_get0_id(self._request)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(self._cert_id != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _issuer_key_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _issuer_name_hash(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _serial_number(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _hash_algorithm(self._backend, self._cert_id)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OCSP_REQ_EXT_PARSER.parse(self._backend, self._ocsp_request)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is not serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The only allowed encoding value is Encoding.DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_OCSP_REQUEST_bio(bio, self._ocsp_request)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/poly1305.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/poly1305.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/poly1305.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,60 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_POLY1305_TAG_SIZE = 16
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_POLY1305_KEY_SIZE = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Poly1305Context(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_ptr = self._backend._ffi.from_buffer(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This function copies the key into OpenSSL-owned memory so we don't
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # need to retain it ourselves
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._lib.EVP_PKEY_new_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.NID_poly1305,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, key_ptr, len(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(evp_pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey, self._backend._lib.EVP_PKEY_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._lib.Cryptography_EVP_MD_CTX_new()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._backend._lib.Cryptography_EVP_MD_CTX_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSignInit(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, self._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_ptr = self._backend._ffi.from_buffer(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSignUpdate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx, data_ptr, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char[]", _POLY1305_TAG_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = self._backend._ffi.new("size_t *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_DigestSignFinal(self._ctx, buf, outlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res != 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(outlen[0] == _POLY1305_TAG_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, tag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mac = self.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(mac, tag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidSignature("Value did not match computed tag.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/rsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,478 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import math
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- InvalidSignature, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.utils import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _calculate_digest_and_algorithm, _check_not_prehashed,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AsymmetricSignatureContext, AsymmetricVerificationContext, rsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.padding import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AsymmetricPadding, MGF1, OAEP, PKCS1v15, PSS, calculate_max_pss_salt_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.rsa import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSAPrivateKeyWithSerialization, RSAPublicKeyWithSerialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _get_rsa_pss_salt_length(pss, key, hash_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- salt = pss._salt_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if salt is MGF1.MAX_LENGTH or salt is PSS.MAX_LENGTH:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return calculate_max_pss_salt_length(key, hash_algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return salt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _enc_dec_rsa(backend, key, data, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(padding, AsymmetricPadding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Padding must be an instance of AsymmetricPadding.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(padding, PKCS1v15):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding_enum = backend._lib.RSA_PKCS1_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(padding, OAEP):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding_enum = backend._lib.RSA_PKCS1_OAEP_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Only MGF1 is supported by this backend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_MGF
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.rsa_padding_supported(padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "This combination of padding and hash algorithm is not "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "supported by this backend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not supported by this backend.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding.name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _enc_dec_rsa_pkey_ctx(backend, key, data, padding_enum, padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _enc_dec_rsa_pkey_ctx(backend, key, data, padding_enum, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(key, _RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- init = backend._lib.EVP_PKEY_encrypt_init
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crypt = backend._lib.EVP_PKEY_encrypt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- init = backend._lib.EVP_PKEY_decrypt_init
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crypt = backend._lib.EVP_PKEY_decrypt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx = backend._lib.EVP_PKEY_CTX_new(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key._evp_pkey, backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pkey_ctx != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx = backend._ffi.gc(pkey_ctx, backend._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = init(pkey_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_rsa_padding(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx, padding_enum)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf_size = backend._lib.EVP_PKEY_size(key._evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(buf_size > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(padding, OAEP) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.Cryptography_HAS_RSA_OAEP_MD
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mgf1_md = backend._evp_md_non_null_from_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding._mgf._algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1_md)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oaep_md = backend._evp_md_non_null_from_algorithm(padding._algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_rsa_oaep_md(pkey_ctx, oaep_md)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(padding, OAEP) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding._label is not None and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(padding._label) > 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # set0_rsa_oaep_label takes ownership of the char * so we need to
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # copy it into some new memory
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- labelptr = backend._lib.OPENSSL_malloc(len(padding._label))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(labelptr != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.memmove(labelptr, padding._label, len(padding._label))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set0_rsa_oaep_label(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx, labelptr, len(padding._label)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = backend._ffi.new("size_t *", buf_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char[]", buf_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = crypt(pkey_ctx, buf, outlen, data, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res <= 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _handle_rsa_enc_dec_error(backend, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf)[:outlen[0]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _handle_rsa_enc_dec_error(backend, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(errors)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(errors[0].lib == backend._lib.ERR_LIB_RSA)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(key, _RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0].reason == backend._lib.RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Data too long for key size. Encrypt less data or use a "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "larger key size."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decoding_errors = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.RSA_R_BLOCK_TYPE_IS_NOT_01,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.RSA_R_BLOCK_TYPE_IS_NOT_02,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.RSA_R_OAEP_DECODING_ERROR,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Though this error looks similar to the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE, this occurs on decrypts,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # rather than on encrypts
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.RSA_R_DATA_TOO_LARGE_FOR_MODULUS,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if backend._lib.Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decoding_errors.append(backend._lib.RSA_R_PKCS_DECODING_ERROR)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(errors[0].reason in decoding_errors)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Decryption failed.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _rsa_sig_determine_padding(backend, key, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(padding, AsymmetricPadding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected provider of AsymmetricPadding.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_size = backend._lib.EVP_PKEY_size(key._evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pkey_size > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(padding, PKCS1v15):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding_enum = backend._lib.RSA_PKCS1_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(padding, PSS):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(padding._mgf, MGF1):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Only MGF1 is supported by this backend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_MGF
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Size of key in bytes - 2 is the maximum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # PSS signature length (salt length is checked later)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if pkey_size - algorithm.digest_size - 2 < 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Digest too large for key size. Use a larger "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "key or different digest.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding_enum = backend._lib.RSA_PKCS1_PSS_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not supported by this backend.".format(padding.name),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PADDING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return padding_enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _rsa_sig_setup(backend, padding, algorithm, key, data, init_func):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding_enum = _rsa_sig_determine_padding(backend, key, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_md = backend._evp_md_non_null_from_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx = backend._lib.EVP_PKEY_CTX_new(key._evp_pkey, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(pkey_ctx != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx = backend._ffi.gc(pkey_ctx, backend._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = init_func(pkey_ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_signature_md(pkey_ctx, evp_md)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not supported by this backend for RSA signing.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm.name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, padding_enum)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(padding, PSS):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_rsa_pss_saltlen(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx, _get_rsa_pss_salt_length(padding, key, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mgf1_md = backend._evp_md_non_null_from_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding._mgf._algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1_md)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return pkey_ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _rsa_sig_sign(backend, padding, algorithm, private_key, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx = _rsa_sig_setup(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, padding, algorithm, private_key, data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.EVP_PKEY_sign_init
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = backend._ffi.new("size_t *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char[]", buflen[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx, buf, buflen, data, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(errors[0].lib == backend._lib.ERR_LIB_RSA)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0].reason ==
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason = ("Salt length too long for key size. Try using "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "MAX_LENGTH instead.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors[0].reason ==
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason = "Digest too large for key size. Use a larger key."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(reason)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _rsa_sig_verify(backend, padding, algorithm, public_key, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx = _rsa_sig_setup(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, padding, algorithm, public_key, data,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._lib.EVP_PKEY_verify_init
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey_ctx, signature, len(signature), data, len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The previous call can return negative numbers in the event of an
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # error. This is not a signature failure but we need to fail if it
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # occurs.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res >= 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidSignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricSignatureContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _RSASignatureContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, private_key, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._private_key = private_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We now call _rsa_sig_determine_padding in _rsa_sig_setup. However
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we need to make a pointless call to it here so we maintain the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # API of erroring on init with this context if the values are invalid.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _rsa_sig_determine_padding(backend, private_key, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._padding = padding
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _rsa_sig_sign(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._padding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._private_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricVerificationContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _RSAVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, public_key, signature, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signature = signature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._padding = padding
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We now call _rsa_sig_determine_padding in _rsa_sig_setup. However
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we need to make a pointless call to it here so we maintain the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # API of erroring on init with this context if the values are invalid.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _rsa_sig_determine_padding(backend, public_key, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- padding = padding
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _rsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._padding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signature,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(RSAPrivateKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _RSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, rsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata = rsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.RSA_get0_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata, n, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_size = self._backend._lib.BN_num_bits(n[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signer(self, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_not_prehashed(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSASignatureContext(self._backend, self, padding, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, ciphertext, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size_bytes = int(math.ceil(self.key_size / 8.0))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_size_bytes != len(ciphertext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Ciphertext length must be equal to key size.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _enc_dec_rsa(self._backend, self, ciphertext, padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._lib.RSAPublicKey_dup(self._rsa_cdata)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(ctx != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend._ffi.gc(ctx, self._backend._lib.RSA_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.RSA_blinding_on(ctx, self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._rsa_cdata_to_evp_pkey(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAPublicKey(self._backend, ctx, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- d = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmp1 = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmq1 = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iqmp = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.RSA_get0_key(self._rsa_cdata, n, e, d)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(e[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(d[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.RSA_get0_factors(self._rsa_cdata, p, q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(p[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(q[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.RSA_get0_crt_params(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata, dmp1, dmq1, iqmp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(dmp1[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(dmq1[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(iqmp[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return rsa.RSAPrivateNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p=self._backend._bn_to_int(p[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q=self._backend._bn_to_int(q[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- d=self._backend._bn_to_int(d[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmp1=self._backend._bn_to_int(dmp1[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmq1=self._backend._bn_to_int(dmq1[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iqmp=self._backend._bn_to_int(iqmp[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers=rsa.RSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e=self._backend._bn_to_int(e[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n=self._backend._bn_to_int(n[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryption_algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _rsa_sig_sign(self._backend, padding, algorithm, self, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(RSAPublicKeyWithSerialization)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _RSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, rsa_cdata, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata = rsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.RSA_get0_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata, n, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_size = self._backend._lib.BN_num_bits(n[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = utils.read_only_property("_key_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verifier(self, signature, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _warn_sign_verify_deprecated()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_not_prehashed(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RSAVerificationContext(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self, signature, padding, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, plaintext, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _enc_dec_rsa(self._backend, self, plaintext, padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = self._backend._ffi.new("BIGNUM **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.RSA_get0_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata, n, e, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(n[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(e[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return rsa.RSAPublicNumbers(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e=self._backend._bn_to_int(e[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n=self._backend._bn_to_int(n[0]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rsa_cdata
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, algorithm = _calculate_digest_and_algorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, data, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _rsa_sig_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, padding, algorithm, self, signature, data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/utils.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,69 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.utils import Prehashed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _evp_pkey_derive(backend, evp_pkey, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = backend._lib.EVP_PKEY_CTX_new(evp_pkey, backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(ctx != backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = backend._ffi.gc(ctx, backend._lib.EVP_PKEY_CTX_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_derive_init(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_derive_set_peer(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, peer_public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- keylen = backend._ffi.new("size_t *")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_derive(ctx, backend._ffi.NULL, keylen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend.openssl_assert(keylen[0] > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = backend._ffi.new("unsigned char[]", keylen[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = backend._lib.EVP_PKEY_derive(ctx, buf, keylen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Null shared key derived from public/private pair."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend._ffi.buffer(buf, keylen[0])[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _calculate_digest_and_algorithm(backend, data, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, Prehashed):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hash_ctx = hashes.Hash(algorithm, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hash_ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = hash_ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = algorithm._algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) != algorithm.digest_size:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The provided data must be the same length as the hash "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "algorithm's digest size."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (data, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_not_prehashed(signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(signature_algorithm, Prehashed):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Prehashed is only supported in the sign and verify methods. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "It cannot be used with signer or verifier."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _warn_sign_verify_deprecated():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "signer and verifier have been deprecated. Please use sign "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "and verify instead.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,149 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.utils import _evp_pkey_derive
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.x25519 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- X25519PrivateKey, X25519PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_X25519_KEY_SIZE = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(X25519PublicKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _X25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding=None, format=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is None or format is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is not None or format is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Both encoding and format are required")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "public_bytes now requires encoding and format arguments. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Support for calling without arguments will be removed in "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "cryptography 2.7",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.DeprecatedIn25,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding = serialization.Encoding.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format = serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ucharpp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get1_tls_encodedpoint(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, ucharpp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 32)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(ucharpp[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ucharpp[0], self._backend._lib.OPENSSL_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(data, res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(X25519PrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _X25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_PUBKEY_bio(bio, self._evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._lib.d2i_PUBKEY_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(evp_pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- evp_pkey, self._backend._lib.EVP_PKEY_free
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _X25519PublicKey(self._backend, evp_pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(peer_public_key, X25519PublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("peer_public_key must be X25519PublicKey.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _evp_pkey_derive(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._evp_pkey, peer_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # When we drop support for CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 we can
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # switch this to EVP_PKEY_new_raw_private_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The trick we use here is serializing to a PKCS8 key and just
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # using the last 32 bytes, which is the key itself.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_PKCS8PrivateKey_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio, self._evp_pkey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, self._backend._ffi.NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0, self._backend._ffi.NULL, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkcs8 = self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(len(pkcs8) == 48)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return pkcs8[-_X25519_KEY_SIZE:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x448.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,123 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.utils import _evp_pkey_derive
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.x448 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- X448PrivateKey, X448PublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_X448_KEY_SIZE = 56
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(X448PublicKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _X448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_public_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be SubjectPublicKeyInfo when encoding is PEM or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._public_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, self, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_public_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(X448PrivateKey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _X448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, evp_pkey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey = evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_public_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.x448_load_public_bytes(buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(peer_public_key, X448PublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("peer_public_key must be X448PublicKey.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _evp_pkey_derive(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._evp_pkey, peer_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is serialization.Encoding.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is serialization.PublicFormat.Raw
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.Raw or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding is not serialization.Encoding.Raw or not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(encryption_algorithm, serialization.NoEncryption)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "When using Raw both encoding and format must be Raw "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "and encryption_algorithm must be NoEncryption"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._raw_private_bytes()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding in serialization._PEM_DER and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- format is not serialization.PrivateFormat.PKCS8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "format must be PKCS8 when encoding is PEM or DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._private_key_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encoding, format, encryption_algorithm, self._evp_pkey, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _raw_private_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.EVP_PKEY_get_raw_private_key(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._evp_pkey, buf, buflen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x509.py lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x509.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/backends/openssl/x509.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,546 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import datetime
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import operator
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils, x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.decode_asn1 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CERTIFICATE_EXTENSION_PARSER, _CERTIFICATE_EXTENSION_PARSER_NO_SCT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _CRL_EXTENSION_PARSER, _CSR_EXTENSION_PARSER,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _REVOKED_CERTIFICATE_EXTENSION_PARSER, _asn1_integer_to_int,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _asn1_string_to_bytes, _decode_x509_name, _obj2txt, _parse_asn1_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.encode_asn1 import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _encode_asn1_int_gc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes, serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(x509.Certificate)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _Certificate(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, x509):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509 = x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<Certificate(subject={}, ...)>".format(self.subject)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, x509.Certificate):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.X509_cmp(self._x509, other._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return res == 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.public_bytes(serialization.Encoding.DER))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = hashes.Hash(algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(self.public_bytes(serialization.Encoding.DER))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return h.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def version(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- version = self._backend._lib.X509_get_version(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if version == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.Version.v1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif version == 2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.Version.v3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise x509.InvalidVersion(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not a valid X509 version".format(version), version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = self._backend._lib.X509_get_serialNumber(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(asn1_int != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_integer_to_int(self._backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey = self._backend._lib.X509_get_pubkey(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if pkey == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Remove errors from the stack.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Certificate public key is of an unknown type")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._evp_pkey_to_public_key(pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def not_valid_before(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._backend._lib.X509_get_notBefore(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_time(self._backend, asn1_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def not_valid_after(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_time = self._backend._lib.X509_get_notAfter(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_time(self._backend, asn1_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- issuer = self._backend._lib.X509_get_issuer_name(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(issuer != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _decode_x509_name(self._backend, issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def subject(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subject = self._backend._lib.X509_get_subject_name(self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(subject != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _decode_x509_name(self._backend, subject)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- alg = self._backend._ffi.new("X509_ALGOR **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_get0_signature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._ffi.NULL, alg, self._x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(alg[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(self._backend, alg[0].algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._backend._lib.CRYPTOGRAPHY_OPENSSL_110_OR_GREATER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CERTIFICATE_EXTENSION_PARSER.parse(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CERTIFICATE_EXTENSION_PARSER_NO_SCT.parse(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig = self._backend._ffi.new("ASN1_BIT_STRING **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_get0_signature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig, self._backend._ffi.NULL, self._x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(sig[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(self._backend, sig[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_certificate_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_re_X509_tbs(self._x509, pp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.PEM_write_bio_X509(bio, self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_X509_bio(bio, self._x509)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(x509.RevokedCertificate)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _RevokedCertificate(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, crl, x509_revoked):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The X509_REVOKED_value is a X509_REVOKED * that has
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # no reference counting. This means when X509_CRL_free is
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # called then the CRL and all X509_REVOKED * are freed. Since
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # you can retain a reference to a single revoked certificate
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # and let the CRL fall out of scope we need to retain a
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # private reference to the CRL inside the RevokedCertificate
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # object to prevent the gc from being called inappropriately.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._crl = crl
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_revoked = x509_revoked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = self._backend._lib.X509_REVOKED_get0_serialNumber(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_revoked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(asn1_int != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_integer_to_int(self._backend, asn1_int)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_date(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_time(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_REVOKED_get0_revocationDate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_revoked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _REVOKED_CERTIFICATE_EXTENSION_PARSER.parse(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._x509_revoked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(x509.CertificateRevocationList)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _CertificateRevocationList(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, x509_crl):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_crl = x509_crl
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, x509.CertificateRevocationList):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.X509_CRL_cmp(self._x509_crl, other._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return res == 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = hashes.Hash(algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_X509_CRL_bio(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio, self._x509_crl
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- der = self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(der)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return h.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _sorted_crl(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # X509_CRL_get0_by_serial sorts in place, which breaks a variety of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # things we don't want to break (like iteration and the signature).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Let's dupe it and sort that instead.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dup = self._backend._lib.X509_CRL_dup(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(dup != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dup = self._backend._ffi.gc(dup, self._backend._lib.X509_CRL_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dup
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_revoked_certificate_by_serial_number(self, serial_number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked = self._backend._ffi.new("X509_REVOKED **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- asn1_int = _encode_asn1_int_gc(self._backend, serial_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.X509_CRL_get0_by_serial(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._sorted_crl, revoked, asn1_int
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked[0] != self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RevokedCertificate(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend, self._sorted_crl, revoked[0]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- alg = self._backend._ffi.new("X509_ALGOR **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_CRL_get0_signature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_crl, self._backend._ffi.NULL, alg
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(alg[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(self._backend, alg[0].algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- issuer = self._backend._lib.X509_CRL_get_issuer(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(issuer != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _decode_x509_name(self._backend, issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def next_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nu = self._backend._lib.X509_CRL_get_nextUpdate(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(nu != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_time(self._backend, nu)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def last_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lu = self._backend._lib.X509_CRL_get_lastUpdate(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(lu != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _parse_asn1_time(self._backend, lu)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig = self._backend._ffi.new("ASN1_BIT_STRING **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_CRL_get0_signature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_crl, sig, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(sig[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(self._backend, sig[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_certlist_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_re_X509_CRL_tbs(self._x509_crl, pp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.PEM_write_bio_X509_CRL(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio, self._x509_crl
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_X509_CRL_bio(bio, self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _revoked_cert(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked = self._backend._lib.X509_CRL_get_REVOKED(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r = self._backend._lib.sk_X509_REVOKED_value(revoked, idx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(r != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _RevokedCertificate(self._backend, self, r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(len(self)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield self._revoked_cert(i)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(idx, slice):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- start, stop, step = idx.indices(len(self))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [self._revoked_cert(i) for i in range(start, stop, step)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idx = operator.index(idx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if idx < 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idx += len(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not 0 <= idx < len(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise IndexError
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._revoked_cert(idx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked = self._backend._lib.X509_CRL_get_REVOKED(self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if revoked == self._backend._ffi.NULL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._lib.sk_X509_REVOKED_num(revoked)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CRL_EXTENSION_PARSER.parse(self._backend, self._x509_crl)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def is_signature_valid(self, public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(public_key, (dsa.DSAPublicKey, rsa.RSAPublicKey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec.EllipticCurvePublicKey)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting one of DSAPublicKey, RSAPublicKey,'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' or EllipticCurvePublicKey.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.X509_CRL_verify(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_crl, public_key._evp_pkey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(x509.CertificateSigningRequest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _CertificateSigningRequest(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, x509_req):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_req = x509_req
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, _CertificateSigningRequest):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self_bytes = self.public_bytes(serialization.Encoding.DER)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other_bytes = other.public_bytes(serialization.Encoding.DER)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self_bytes == other_bytes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.public_bytes(serialization.Encoding.DER))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey = self._backend._lib.X509_REQ_get_pubkey(self._x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._evp_pkey_to_public_key(pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def subject(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- subject = self._backend._lib.X509_REQ_get_subject_name(self._x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(subject != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _decode_x509_name(self._backend, subject)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = self.signature_algorithm_oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509._SIG_OIDS_TO_HASH[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Signature algorithm OID:{} not recognized".format(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- alg = self._backend._ffi.new("X509_ALGOR **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_REQ_get0_signature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_req, self._backend._ffi.NULL, alg
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(alg[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = _obj2txt(self._backend, alg[0].algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.ObjectIdentifier(oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @utils.cached_property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_exts = self._backend._lib.X509_REQ_get_extensions(self._x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_exts = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509_exts,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lambda x: self._backend._lib.sk_X509_EXTENSION_pop_free(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x, self._backend._ffi.addressof(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib._original_lib, "X509_EXTENSION_free"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CSR_EXTENSION_PARSER.parse(self._backend, x509_exts)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio = self._backend._create_mem_bio_gc()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encoding is serialization.Encoding.PEM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.PEM_write_bio_X509_REQ(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- bio, self._x509_req
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif encoding is serialization.Encoding.DER:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_X509_REQ_bio(bio, self._x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("encoding must be an item from the Encoding enum")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._read_mem_bio(bio)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_certrequest_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.i2d_re_X509_REQ_tbs(self._x509_req, pp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp = self._backend._ffi.gc(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pp, lambda pointer: self._backend._lib.OPENSSL_free(pointer[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(pp[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig = self._backend._ffi.new("ASN1_BIT_STRING **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._lib.X509_REQ_get0_signature(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x509_req, sig, self._backend._ffi.NULL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(sig[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _asn1_string_to_bytes(self._backend, sig[0])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def is_signature_valid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey = self._backend._lib.X509_REQ_get_pubkey(self._x509_req)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(pkey != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.X509_REQ_verify(self._x509_req, pkey)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if res != 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend._consume_errors()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x509.certificate_transparency.SignedCertificateTimestamp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _SignedCertificateTimestamp(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, backend, sct_list, sct):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Keep the SCT_LIST that this SCT came from alive.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._sct_list = sct_list
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._sct = sct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def version(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- version = self._backend._lib.SCT_get_version(self._sct)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert version == self._backend._lib.SCT_VERSION_V1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.certificate_transparency.Version.v1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def log_id(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- out = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- log_id_length = self._backend._lib.SCT_get0_log_id(self._sct, out)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert log_id_length >= 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(out[0], log_id_length)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def timestamp(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- timestamp = self._backend._lib.SCT_get_timestamp(self._sct)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- milliseconds = timestamp % 1000
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return datetime.datetime.utcfromtimestamp(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- timestamp // 1000
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).replace(microsecond=milliseconds * 1000)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def entry_type(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- entry_type = self._backend._lib.SCT_get_log_entry_type(self._sct)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We currently only support loading SCTs from the X.509 extension, so
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we only have precerts.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert entry_type == self._backend._lib.CT_LOG_ENTRY_TYPE_PRECERT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x509.certificate_transparency.LogEntryType.PRE_CERTIFICATE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ptrptr = self._backend._ffi.new("unsigned char **")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = self._backend._lib.SCT_get0_signature(self._sct, ptrptr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(res > 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend.openssl_assert(ptrptr[0] != self._backend._ffi.NULL)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend._ffi.buffer(ptrptr[0], res)[:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self._signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, _SignedCertificateTimestamp):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._signature == other._signature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/_conditional.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/_conditional.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/_conditional.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,434 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ec2m():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EC_POINT_set_affine_coordinates_GF2m",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EC_POINT_get_affine_coordinates_GF2m",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EC_POINT_set_compressed_coordinates_GF2m",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ec_1_0_2():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EC_curve_nid2nist",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_set_ecdh_auto():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_ecdh_auto",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_rsa_r_pkcs_decoding_error():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RSA_R_PKCS_DECODING_ERROR"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_rsa_oaep_md():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_CTX_set_rsa_oaep_md",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_rsa_oaep_label():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_CTX_set0_rsa_oaep_label",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ssl3_method():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSLv3_method",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSLv3_client_method",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSLv3_server_method",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_alpn():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_alpn_protos",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_set_alpn_protos",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_alpn_select_cb",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_get0_alpn_selected",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_compression():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_get_current_compression",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_get_current_expansion",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_COMP_get_name",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_get_server_tmp_key():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_get_server_tmp_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_102_verification_error_codes():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_SUITE_B_INVALID_VERSION',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_SUITE_B_INVALID_ALGORITHM',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_SUITE_B_INVALID_CURVE',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_HOSTNAME_MISMATCH',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_EMAIL_MISMATCH',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509_V_ERR_IP_ADDRESS_MISMATCH'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_102_verification_params():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_V_FLAG_SUITEB_128_LOS_ONLY",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_V_FLAG_SUITEB_192_LOS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_V_FLAG_SUITEB_128_LOS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_VERIFY_PARAM_set1_host",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_VERIFY_PARAM_set1_email",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_VERIFY_PARAM_set1_ip",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_VERIFY_PARAM_set1_ip_asc",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_VERIFY_PARAM_set_hostflags",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_get0_param",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_CHECK_FLAG_ALWAYS_CHECK_SUBJECT",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_CHECK_FLAG_NO_WILDCARDS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_CHECK_FLAG_MULTI_LABEL_WILDCARDS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_CHECK_FLAG_SINGLE_LABEL_SUBDOMAINS"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_110_verification_params():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_x509_v_flag_trusted_first():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_V_FLAG_TRUSTED_FIRST",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_x509_v_flag_partial_chain():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_V_FLAG_PARTIAL_CHAIN",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_set_cert_cb():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_cert_cb",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_set_cert_cb",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ssl_st():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_ST_BEFORE",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_ST_OK",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_ST_INIT",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_ST_RENEGOTIATE",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_tls_st():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "TLS_ST_BEFORE",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "TLS_ST_OK",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_locking_callbacks():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_setup_ssl_threads",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_scrypt():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PBE_scrypt",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_generic_dtls_method():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DTLS_method",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DTLS_server_method",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DTLS_client_method",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_OP_NO_DTLSv1",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_OP_NO_DTLSv1_2",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DTLS_set_link_mtu",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DTLS_get_link_min_mtu",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_evp_pkey_dhx():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_DHX",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_mem_functions():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_CRYPTO_set_mem_functions",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_sct():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_get_version",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_get_log_entry_type",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_get0_log_id",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_get0_signature",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_get_timestamp",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_set_source",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sk_SCT_num",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sk_SCT_value",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_LIST_free",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sk_SCT_push",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sk_SCT_new_null",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_new",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_set1_log_id",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_set_timestamp",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_set_version",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SCT_set_log_entry_type",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_x509_store_ctx_get_issuer():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_STORE_get_get_issuer",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X509_STORE_set_get_issuer",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_x25519():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_X25519",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NID_X25519",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_x448():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_X448",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NID_X448",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ed448():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_ED448",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NID_ED448",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ed25519():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NID_ED25519",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_ED25519",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_poly1305():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NID_poly1305",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_POLY1305",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_oneshot_evp_digest_sign_verify():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_DigestSign",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_DigestVerify",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_evp_digestfinal_xof():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_DigestFinalXOF",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_evp_pkey_get_set_tls_encodedpoint():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_get1_tls_encodedpoint",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_set1_tls_encodedpoint",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_fips():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "FIPS_set_mode",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "FIPS_mode",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_ssl_sigalgs():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set1_sigalgs_list",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_get_sigalgs",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_psk():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_use_psk_identity_hint",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_psk_server_callback",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_psk_client_callback",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_custom_ext():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_add_client_custom_ext",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_add_server_custom_ext",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_extension_supported",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_openssl_cleanup():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OPENSSL_cleanup",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_cipher_details():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CIPHER_is_aead",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CIPHER_get_cipher_nid",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CIPHER_get_digest_nid",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CIPHER_get_kx_nid",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CIPHER_get_auth_nid",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_tlsv13():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_OP_NO_TLSv1_3",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_VERIFY_POST_HANDSHAKE",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_ciphersuites",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_verify_client_post_handshake",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_post_handshake_auth",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_set_post_handshake_auth",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_SESSION_get_max_early_data",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_write_early_data",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_read_early_data",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SSL_CTX_set_max_early_data",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_raw_key():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_new_raw_private_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_new_raw_public_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_get_raw_private_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_PKEY_get_raw_public_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_evp_r_memory_limit_exceeded():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EVP_R_MEMORY_LIMIT_EXCEEDED",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cryptography_has_engine():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_by_id",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_init",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_finish",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_get_default_RAND",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_set_default_RAND",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_unregister_RAND",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_ctrl_cmd",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_free",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ENGINE_get_name",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_add_osrandom_engine",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This is a mapping of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# {condition: function-returning-names-dependent-on-that-condition} so we can
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# loop over them and delete unsupported names at runtime. It will be removed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# when cffi supports #if in cdef. We use functions instead of just a dict of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# lists so we can use coverage to measure which are used.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--CONDITIONAL_NAMES = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_EC2M": cryptography_has_ec2m,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_EC_1_0_2": cryptography_has_ec_1_0_2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SET_ECDH_AUTO": cryptography_has_set_ecdh_auto,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_rsa_r_pkcs_decoding_error
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_RSA_OAEP_MD": cryptography_has_rsa_oaep_md,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_RSA_OAEP_LABEL": cryptography_has_rsa_oaep_label,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SSL3_METHOD": cryptography_has_ssl3_method,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_ALPN": cryptography_has_alpn,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_COMPRESSION": cryptography_has_compression,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_GET_SERVER_TMP_KEY": cryptography_has_get_server_tmp_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_102_VERIFICATION_ERROR_CODES": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_102_verification_error_codes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_102_VERIFICATION_PARAMS": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_102_verification_params
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_110_VERIFICATION_PARAMS": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_110_verification_params
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_X509_V_FLAG_TRUSTED_FIRST": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_x509_v_flag_trusted_first
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_X509_V_FLAG_PARTIAL_CHAIN": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_x509_v_flag_partial_chain
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_TLS_ST": cryptography_has_tls_st,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_LOCKING_CALLBACKS": cryptography_has_locking_callbacks,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SCRYPT": cryptography_has_scrypt,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_GENERIC_DTLS_METHOD": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_generic_dtls_method
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_EVP_PKEY_DHX": cryptography_has_evp_pkey_dhx,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_MEM_FUNCTIONS": cryptography_has_mem_functions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SCT": cryptography_has_sct,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_X509_STORE_CTX_GET_ISSUER": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_x509_store_ctx_get_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_X25519": cryptography_has_x25519,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_X448": cryptography_has_x448,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_ED448": cryptography_has_ed448,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_ED25519": cryptography_has_ed25519,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_POLY1305": cryptography_has_poly1305,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_oneshot_evp_digest_sign_verify
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_evp_pkey_get_set_tls_encodedpoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_FIPS": cryptography_has_fips,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_PSK": cryptography_has_psk,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_CUSTOM_EXT": cryptography_has_custom_ext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_OPENSSL_CLEANUP": cryptography_has_openssl_cleanup,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_CIPHER_DETAILS": cryptography_has_cipher_details,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_TLSv1_3": cryptography_has_tlsv13,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_RAW_KEY": cryptography_has_raw_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_EVP_DIGESTFINAL_XOF": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_evp_digestfinal_xof
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_EVP_R_MEMORY_LIMIT_EXCEEDED": (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cryptography_has_evp_r_memory_limit_exceeded
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cryptography_HAS_ENGINE": cryptography_has_engine,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/binding.py lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/binding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/bindings/openssl/binding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,197 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import collections
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import threading
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import types
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import cryptography
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import InternalError
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.bindings._openssl import ffi, lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.bindings.openssl._conditional import CONDITIONAL_NAMES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OpenSSLErrorWithText = collections.namedtuple(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_OpenSSLErrorWithText", ["code", "lib", "func", "reason", "reason_text"]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _OpenSSLError(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, code, lib, func, reason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._code = code
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._lib = lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._func = func
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._reason = reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _lib_reason_match(self, lib, reason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return lib == self.lib and reason == self.reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- code = utils.read_only_property("_code")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib = utils.read_only_property("_lib")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- func = utils.read_only_property("_func")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason = utils.read_only_property("_reason")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _consume_errors(lib):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while True:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- code = lib.ERR_get_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if code == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- break
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- err_lib = lib.ERR_GET_LIB(code)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- err_func = lib.ERR_GET_FUNC(code)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- err_reason = lib.ERR_GET_REASON(code)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors.append(_OpenSSLError(code, err_lib, err_func, err_reason))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return errors
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _openssl_assert(lib, ok):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not ok:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors = _consume_errors(lib)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors_with_text = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for err in errors:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buf = ffi.new("char[]", 256)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.ERR_error_string_n(err.code, buf, len(buf))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- err_text_reason = ffi.string(buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors_with_text.append(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _OpenSSLErrorWithText(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- err.code, err.lib, err.func, err.reason, err_text_reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InternalError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Unknown OpenSSL error. This error is commonly encountered when "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "another library is not cleaning up the OpenSSL error stack. If "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "you are using cryptography with another library that uses "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OpenSSL try disabling it before reporting a bug. Otherwise "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "please file an issue at https://github.com/pyca/cryptography/"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "issues with information on how to reproduce "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "this. ({0!r})".format(errors_with_text),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errors_with_text
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def build_conditional_library(lib, conditional_names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- conditional_lib = types.ModuleType("lib")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- conditional_lib._original_lib = lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- excluded_names = set()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for condition, names_cb in conditional_names.items():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not getattr(lib, condition):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- excluded_names.update(names_cb())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for attr in dir(lib):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if attr not in excluded_names:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- setattr(conditional_lib, attr, getattr(lib, attr))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return conditional_lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Binding(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OpenSSL API wrapper.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ffi = ffi
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _lib_loaded = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _init_lock = threading.Lock()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _lock_init_lock = threading.Lock()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ensure_ffi_initialized()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _register_osrandom_engine(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Clear any errors extant in the queue before we start. In many
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # scenarios other things may be interacting with OpenSSL in the same
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # process space and it has proven untenable to assume that they will
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # reliably clear the error queue. Once we clear it here we will
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # error on any subsequent unexpected item in the stack.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls.lib.ERR_clear_error()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cls.lib.Cryptography_HAS_ENGINE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = cls.lib.Cryptography_add_osrandom_engine()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _openssl_assert(cls.lib, result in (1, 2))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _ensure_ffi_initialized(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with cls._init_lock:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not cls._lib_loaded:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls.lib = build_conditional_library(lib, CONDITIONAL_NAMES)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls._lib_loaded = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # initialize the SSL library
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls.lib.SSL_library_init()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # adds all ciphers/digests for EVP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls.lib.OpenSSL_add_all_algorithms()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # loads error strings for libcrypto and libssl functions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls.lib.SSL_load_error_strings()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls._register_osrandom_engine()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def init_static_locks(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with cls._lock_init_lock:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls._ensure_ffi_initialized()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Use Python's implementation if available, importing _ssl triggers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # the setup for this.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __import__("_ssl")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (not cls.lib.Cryptography_HAS_LOCKING_CALLBACKS or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cls.lib.CRYPTO_get_locking_callback() != cls.ffi.NULL):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # If nothing else has setup a locking callback already, we set up
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # our own
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = lib.Cryptography_setup_ssl_threads()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _openssl_assert(cls.lib, res == 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _verify_openssl_version(lib):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not lib.CRYPTOGRAPHY_IS_LIBRESSL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OpenSSL version 1.0.1 is no longer supported by the OpenSSL "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "project, please upgrade. A future version of cryptography will "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "drop support for it.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _verify_package_version(version):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Occasionally we run into situations where the version of the Python
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # package does not match the version of the shared object that is loaded.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This may occur in environments where multiple versions of cryptography
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # are installed and available in the python path. To avoid errors cropping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # up later this code checks that the currently imported package and the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # shared object that were loaded have the same version and raise an
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ImportError if they do not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- so_package_version = ffi.string(lib.CRYPTOGRAPHY_PACKAGE_VERSION)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if version.encode("ascii") != so_package_version:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ImportError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The version of cryptography does not match the loaded "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "shared object. This can happen if you have multiple copies of "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "cryptography installed in your Python path. Please try creating "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "a new virtual environment to resolve this issue. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Loaded python version: {}, shared object version: {}".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- version, so_package_version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_verify_package_version(cryptography.__version__)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# OpenSSL is not thread safe until the locks are initialized. We call this
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# method in module scope so that it executes with the import lock. On
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Pythons < 3.4 this import lock is a global lock, which can prevent a race
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# condition registering the OpenSSL locks. On Python 3.4+ the import lock
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# is per module so this approach will not work.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--Binding.init_static_locks()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_verify_openssl_version(Binding.lib)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,5 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,40 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AsymmetricSignatureContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Processes the provided bytes and returns nothing.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the signature as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AsymmetricVerificationContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Processes the provided bytes and returns nothing.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Raises an exception if the bytes provided to update do not match the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- signature or the signature does not match the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dh.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dh.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dh.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,212 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def generate_parameters(generator, key_size, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.generate_dh_parameters(generator, key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHPrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, x, public_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(x, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("x must be an integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(public_numbers, DHPublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("public_numbers must be an instance of "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DHPublicNumbers.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x = x
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DHPrivateNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x == other._x and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_numbers == other._public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_dh_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x = utils.read_only_property("_x")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHPublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, y, parameter_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(y, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("y must be an integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(parameter_numbers, DHParameterNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "parameters must be an instance of DHParameterNumbers.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._y = y
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._parameter_numbers = parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DHPublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._y == other._y and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._parameter_numbers == other._parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_dh_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y = utils.read_only_property("_y")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = utils.read_only_property("_parameter_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHParameterNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, p, g, q=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(p, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(g, six.integer_types)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("p and g must be integers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q is not None and not isinstance(q, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("q must be integer or None")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if g < 2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("DH generator must be 2 or greater")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._p = p
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._g = g
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._q = q
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DHParameterNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._p == other._p and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._g == other._g and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._q == other._q
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_dh_parameter_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = utils.read_only_property("_p")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = utils.read_only_property("_g")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = utils.read_only_property("_q")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHParameters(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generates and returns a DHPrivateKey.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameter_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the parameters serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DHParameterNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--DHParametersWithSerialization = DHParameters
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The DHPublicKey associated with this private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The DHParameters object associated with this private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Given peer's DHPublicKey, carry out the key exchange and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return shared key as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHPrivateKeyWithSerialization(DHPrivateKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DHPrivateNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DHPublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The DHParameters object associated with this public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DHPublicNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--DHPublicKeyWithSerialization = DHPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/dsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,254 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAParameters(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_private_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Generates and returns a DSAPrivateKey.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAParametersWithNumbers(DSAParameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameter_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DSAParameterNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The DSAPublicKey associated with this private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The DSAParameters object associated with this private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an AsymmetricSignatureContext used for signing data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAPrivateKeyWithSerialization(DSAPrivateKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DSAPrivateNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The bit length of the prime modulus.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The DSAParameters object associated with this public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an AsymmetricVerificationContext used for signing data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a DSAPublicNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verifies the signature of the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--DSAPublicKeyWithSerialization = DSAPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def generate_parameters(key_size, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.generate_dsa_parameters(key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def generate_private_key(key_size, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.generate_dsa_private_key_and_parameters(key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_dsa_parameters(parameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if parameters.p.bit_length() not in [1024, 2048, 3072]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("p must be exactly 1024, 2048, or 3072 bits long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if parameters.q.bit_length() not in [160, 224, 256]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("q must be exactly 160, 224, or 256 bits long")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not (1 < parameters.g < parameters.p):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("g, p don't satisfy 1 < g < p.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_dsa_private_numbers(numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameters = numbers.public_numbers.parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_dsa_parameters(parameters)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if numbers.x <= 0 or numbers.x >= parameters.q:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("x must be > 0 and < q.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if numbers.public_numbers.y != pow(parameters.g, numbers.x, parameters.p):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("y must be equal to (g ** x % p).")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAParameterNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, p, q, g):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(p, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(q, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(g, six.integer_types)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DSAParameterNumbers p, q, and g arguments must be integers."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._p = p
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._q = q
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._g = g
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = utils.read_only_property("_p")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = utils.read_only_property("_q")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g = utils.read_only_property("_g")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def parameters(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_dsa_parameter_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DSAParameterNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.p == other.p and self.q == other.q and self.g == other.g
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<DSAParameterNumbers(p={self.p}, q={self.q}, g={self.g})>".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self=self
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAPublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, y, parameter_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(y, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("DSAPublicNumbers y argument must be an integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(parameter_numbers, DSAParameterNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "parameter_numbers must be a DSAParameterNumbers instance."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._y = y
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._parameter_numbers = parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y = utils.read_only_property("_y")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = utils.read_only_property("_parameter_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_dsa_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.y == other.y and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.parameter_numbers == other.parameter_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<DSAPublicNumbers(y={self.y}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "parameter_numbers={self.parameter_numbers})>".format(self=self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DSAPrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, x, public_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(x, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("DSAPrivateNumbers x argument must be an integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(public_numbers, DSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "public_numbers must be a DSAPublicNumbers instance."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x = x
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x = utils.read_only_property("_x")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_dsa_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DSAPrivateNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.x == other.x and self.public_numbers == other.public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ec.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ec.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ec.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,500 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat._oid import ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurveOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECP192R1 = ObjectIdentifier("1.2.840.10045.3.1.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECP224R1 = ObjectIdentifier("1.3.132.0.33")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECP256K1 = ObjectIdentifier("1.3.132.0.10")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECP256R1 = ObjectIdentifier("1.2.840.10045.3.1.7")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECP384R1 = ObjectIdentifier("1.3.132.0.34")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECP521R1 = ObjectIdentifier("1.3.132.0.35")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BRAINPOOLP256R1 = ObjectIdentifier("1.3.36.3.3.2.8.1.1.7")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BRAINPOOLP384R1 = ObjectIdentifier("1.3.36.3.3.2.8.1.1.11")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BRAINPOOLP512R1 = ObjectIdentifier("1.3.36.3.3.2.8.1.1.13")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT163K1 = ObjectIdentifier("1.3.132.0.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT163R2 = ObjectIdentifier("1.3.132.0.15")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT233K1 = ObjectIdentifier("1.3.132.0.26")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT233R1 = ObjectIdentifier("1.3.132.0.27")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT283K1 = ObjectIdentifier("1.3.132.0.16")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT283R1 = ObjectIdentifier("1.3.132.0.17")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT409K1 = ObjectIdentifier("1.3.132.0.36")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT409R1 = ObjectIdentifier("1.3.132.0.37")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT571K1 = ObjectIdentifier("1.3.132.0.38")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SECT571R1 = ObjectIdentifier("1.3.132.0.39")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurve(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The name of the curve. e.g. secp256r1.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Bit size of a secret scalar for the curve.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurveSignatureAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The digest algorithm used with this signature.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurvePrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signer(self, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an AsymmetricSignatureContext used for signing data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, algorithm, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Performs a key exchange operation using the provided algorithm with the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- provided peer's public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The EllipticCurvePublicKey for this private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def curve(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The EllipticCurve that this key is on.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Bit size of a secret scalar for the curve.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurvePrivateKeyWithSerialization(EllipticCurvePrivateKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an EllipticCurvePrivateNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurvePublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verifier(self, signature, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an AsymmetricVerificationContext used for signing data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def curve(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The EllipticCurve that this key is on.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Bit size of a secret scalar for the curve.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an EllipticCurvePublicNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data, signature_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verifies the signature of the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_encoded_point(cls, curve, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("curve must be an EllipticCurve instance")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("data must not be an empty byte string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if six.indexbytes(data, 0) not in [0x02, 0x03, 0x04]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unsupported elliptic curve point type")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_elliptic_curve_public_bytes(curve, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--EllipticCurvePublicKeyWithSerialization = EllipticCurvePublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT571R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect571r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 570
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT409R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect409r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 409
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT283R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect283r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 283
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT233R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect233r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 233
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT163R2(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect163r2"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 163
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT571K1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect571k1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 571
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT409K1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect409k1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 409
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT283K1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect283k1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 283
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT233K1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect233k1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 233
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECT163K1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sect163k1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 163
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECP521R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "secp521r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 521
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECP384R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "secp384r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 384
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECP256R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "secp256r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 256
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECP256K1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "secp256k1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 256
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECP224R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "secp224r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 224
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SECP192R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "secp192r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 192
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BrainpoolP256R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "brainpoolP256r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 256
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BrainpoolP384R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "brainpoolP384r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 384
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BrainpoolP512R1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "brainpoolP512r1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_size = 512
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CURVE_TYPES = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "prime192v1": SECP192R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "prime256v1": SECP256R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp192r1": SECP192R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp224r1": SECP224R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp256r1": SECP256R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp384r1": SECP384R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp521r1": SECP521R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "secp256k1": SECP256K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect163k1": SECT163K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect233k1": SECT233K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect283k1": SECT283K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect409k1": SECT409K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect571k1": SECT571K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect163r2": SECT163R2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect233r1": SECT233R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect283r1": SECT283R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect409r1": SECT409R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "sect571r1": SECT571R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "brainpoolP256r1": BrainpoolP256R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "brainpoolP384r1": BrainpoolP384R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "brainpoolP512r1": BrainpoolP512R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(EllipticCurveSignatureAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ECDSA(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def generate_private_key(curve, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.generate_elliptic_curve_private_key(curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def derive_private_key(private_value, curve, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(private_value, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("private_value must be an integer type.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if private_value <= 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("private_value must be a positive integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("curve must provide the EllipticCurve interface.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.derive_elliptic_curve_private_key(private_value, curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurvePublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, x, y, curve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(x, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(y, six.integer_types)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("x and y must be integers.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("curve must provide the EllipticCurve interface.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._y = y
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._x = x
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._curve = curve
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_elliptic_curve_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encode_point(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "encode_point has been deprecated on EllipticCurvePublicNumbers"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " and will be removed in a future version. Please use "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "EllipticCurvePublicKey.public_bytes to obtain both "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "compressed and uncompressed point encoding.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.DeprecatedIn25,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # key_size is in bits. Convert to bytes and round up
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- byte_length = (self.curve.key_size + 7) // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b'\x04' + utils.int_to_bytes(self.x, byte_length) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.int_to_bytes(self.y, byte_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_encoded_point(cls, curve, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(curve, EllipticCurve):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("curve must be an EllipticCurve instance")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Support for unsafe construction of public numbers from "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "encoded data will be removed in a future version. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Please use EllipticCurvePublicKey.from_encoded_point",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.DeprecatedIn25,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if data.startswith(b'\x04'):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # key_size is in bits. Convert to bytes and round up
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- byte_length = (curve.key_size + 7) // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) == 2 * byte_length + 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x = utils.int_from_bytes(data[1:byte_length + 1], 'big')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y = utils.int_from_bytes(data[byte_length + 1:], 'big')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cls(x, y, curve)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Invalid elliptic curve point data length')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Unsupported elliptic curve point type')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve = utils.read_only_property("_curve")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x = utils.read_only_property("_x")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y = utils.read_only_property("_y")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, EllipticCurvePublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.x == other.x and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.y == other.y and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.curve.name == other.curve.name and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.curve.key_size == other.curve.key_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.x, self.y, self.curve.name, self.curve.key_size))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<EllipticCurvePublicNumbers(curve={0.curve.name}, x={0.x}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "y={0.y}>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class EllipticCurvePrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, private_value, public_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(private_value, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("private_value must be an integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(public_numbers, EllipticCurvePublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "public_numbers must be an EllipticCurvePublicNumbers "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "instance."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._private_value = private_value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_elliptic_curve_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private_value = utils.read_only_property("_private_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, EllipticCurvePrivateNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.private_value == other.private_value and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.public_numbers == other.public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.private_value, self.public_numbers))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ECDH(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OID_TO_CURVE = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECP192R1: SECP192R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECP224R1: SECP224R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECP256K1: SECP256K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECP256R1: SECP256R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECP384R1: SECP384R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECP521R1: SECP521R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.BRAINPOOLP256R1: BrainpoolP256R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.BRAINPOOLP384R1: BrainpoolP384R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.BRAINPOOLP512R1: BrainpoolP512R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT163K1: SECT163K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT163R2: SECT163R2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT233K1: SECT233K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT233R1: SECT233R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT283K1: SECT283K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT283R1: SECT283R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT409K1: SECT409K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT409R1: SECT409R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT571K1: SECT571K1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EllipticCurveOID.SECT571R1: SECT571R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def get_curve_for_oid(oid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _OID_TO_CURVE[oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except KeyError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise LookupError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The provided object identifier has no matching elliptic "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "curve class"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,84 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ED25519_KEY_SIZE = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ED25519_SIG_SIZE = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Ed25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.ed25519_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ed25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.ed25519_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verify the signature.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Ed25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.ed25519_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ed25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.ed25519_generate_key()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.ed25519_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ed25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.ed25519_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The Ed25519PublicKey derived from the private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed448.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/ed448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,79 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Ed448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.ed448_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ed448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.ed448_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verify the signature.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Ed448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.ed448_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ed448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.ed448_generate_key()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.ed448_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ed448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.ed448_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The Ed448PublicKey derived from the private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/padding.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/padding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/padding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,79 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import math
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import rsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AsymmetricPadding(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- A string naming this padding (e.g. "PSS", "PKCS1").
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricPadding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PKCS1v15(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "EMSA-PKCS1-v1_5"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricPadding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PSS(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- MAX_LENGTH = object()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "EMSA-PSS"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, mgf, salt_length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._mgf = mgf
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (not isinstance(salt_length, six.integer_types) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- salt_length is not self.MAX_LENGTH):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("salt_length must be an integer.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if salt_length is not self.MAX_LENGTH and salt_length < 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("salt_length must be zero or greater.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._salt_length = salt_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AsymmetricPadding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OAEP(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "EME-OAEP"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, mgf, algorithm, label):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._mgf = mgf
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._label = label
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class MGF1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- MAX_LENGTH = object()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def calculate_max_pss_salt_length(key, hash_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(key, (rsa.RSAPrivateKey, rsa.RSAPublicKey)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("key must be an RSA public or private key")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # bit length - 1 per RFC 3447
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- emlen = int(math.ceil((key.key_size - 1) / 8.0))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- salt_length = emlen - hash_algorithm.digest_size - 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert salt_length >= 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return salt_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/rsa.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/rsa.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,368 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Only available in math in 3.5+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from math import gcd
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--except ImportError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from fractions import gcd
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import RSABackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RSAPrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signer(self, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an AsymmetricSignatureContext used for signing data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, ciphertext, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Decrypts the provided ciphertext.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The bit length of the public modulus.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The RSAPublicKey associated with this private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RSAPrivateKeyWithSerialization(RSAPrivateKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an RSAPrivateNumbers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RSAPublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verifier(self, signature, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an AsymmetricVerificationContext used for verifying signatures.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, plaintext, padding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Encrypts the given plaintext.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The bit length of the public modulus.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_numbers(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an RSAPublicNumbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the key serialized as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature, data, padding, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verifies the signature of the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--RSAPublicKeyWithSerialization = RSAPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def generate_private_key(public_exponent, key_size, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, RSABackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement RSABackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _verify_rsa_parameters(public_exponent, key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.generate_rsa_private_key(public_exponent, key_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _verify_rsa_parameters(public_exponent, key_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if public_exponent < 3:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("public_exponent must be >= 3.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if public_exponent & 1 == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("public_exponent must be odd.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_size < 512:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("key_size must be at least 512-bits.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_private_key_components(p, q, private_exponent, dmp1, dmq1, iqmp,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_exponent, modulus):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if modulus < 3:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("modulus must be >= 3.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if p >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("p must be < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if q >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("q must be < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dmp1 >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("dmp1 must be < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dmq1 >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("dmq1 must be < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if iqmp >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("iqmp must be < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if private_exponent >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("private_exponent must be < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if public_exponent < 3 or public_exponent >= modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("public_exponent must be >= 3 and < modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if public_exponent & 1 == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("public_exponent must be odd.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dmp1 & 1 == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("dmp1 must be odd.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if dmq1 & 1 == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("dmq1 must be odd.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if p * q != modulus:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("p*q must equal modulus.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_public_key_components(e, n):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if n < 3:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("n must be >= 3.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if e < 3 or e >= n:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("e must be >= 3 and < n.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if e & 1 == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("e must be odd.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _modinv(e, m):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Modular Multiplicative Inverse. Returns x such that: (x*e) mod m == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- x1, y1, x2, y2 = 1, 0, 0, 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a, b = e, m
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while b > 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q, r = divmod(a, b)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- xn, yn = x1 - q * x2, y1 - q * y2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a, b, x1, y1, x2, y2 = b, r, x2, y2, xn, yn
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x1 % m
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def rsa_crt_iqmp(p, q):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Compute the CRT (q ** -1) % p value from RSA primes p and q.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _modinv(q, p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def rsa_crt_dmp1(private_exponent, p):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Compute the CRT private_exponent % (p - 1) value from the RSA
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private_exponent (d) and p.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return private_exponent % (p - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def rsa_crt_dmq1(private_exponent, q):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Compute the CRT private_exponent % (q - 1) value from the RSA
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- private_exponent (d) and q.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return private_exponent % (q - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Controls the number of iterations rsa_recover_prime_factors will perform
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# to obtain the prime factors. Each iteration increments by 2 so the actual
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# maximum attempts is half this number.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_MAX_RECOVERY_ATTEMPTS = 1000
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def rsa_recover_prime_factors(n, e, d):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Compute factors p and q from the private exponent d. We assume that n has
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- no more than two factors. This function is adapted from code in PyCrypto.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # See 8.2.2(i) in Handbook of Applied Cryptography.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ktot = d * e - 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The quantity d*e-1 is a multiple of phi(n), even,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # and can be represented as t*2^s.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- t = ktot
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while t % 2 == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- t = t // 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Cycle through all multiplicative inverses in Zn.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The algorithm is non-deterministic, but there is a 50% chance
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # any candidate a leads to successful factoring.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # See "Digitalized Signatures and Public Key Functions as Intractable
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # as Factorization", M. Rabin, 1979
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- spotted = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a = 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while not spotted and a < _MAX_RECOVERY_ATTEMPTS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- k = t
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Cycle through all values a^{t*2^i}=a^k
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while k < ktot:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cand = pow(a, k, n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Check if a^k is a non-trivial root of unity (mod n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cand != 1 and cand != (n - 1) and pow(cand, 2, n) == 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # We have found a number such that (cand-1)(cand+1)=0 (mod n).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Either of the terms divides n.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = gcd(cand + 1, n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- spotted = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- break
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- k *= 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This value was not any good... let's try another!
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a += 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not spotted:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Unable to compute factors p and q from exponent d.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Found !
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q, r = divmod(n, p)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert r == 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p, q = sorted((p, q), reverse=True)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (p, q)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RSAPrivateNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, p, q, d, dmp1, dmq1, iqmp,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(p, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(q, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(d, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(dmp1, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(dmq1, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(iqmp, six.integer_types)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RSAPrivateNumbers p, q, d, dmp1, dmq1, iqmp arguments must"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " all be an integers."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(public_numbers, RSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RSAPrivateNumbers public_numbers must be an RSAPublicNumbers"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " instance."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._p = p
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._q = q
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._d = d
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dmp1 = dmp1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._dmq1 = dmq1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._iqmp = iqmp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_numbers = public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = utils.read_only_property("_p")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q = utils.read_only_property("_q")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- d = utils.read_only_property("_d")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmp1 = utils.read_only_property("_dmp1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dmq1 = utils.read_only_property("_dmq1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iqmp = utils.read_only_property("_iqmp")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = utils.read_only_property("_public_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_rsa_private_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, RSAPrivateNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.p == other.p and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.q == other.q and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.d == other.d and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.dmp1 == other.dmp1 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.dmq1 == other.dmq1 and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.iqmp == other.iqmp and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.public_numbers == other.public_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.p,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.q,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.d,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.dmp1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.dmq1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.iqmp,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.public_numbers,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RSAPublicNumbers(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, e, n):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(e, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(n, six.integer_types)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("RSAPublicNumbers arguments must be integers.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._e = e
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._n = n
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = utils.read_only_property("_e")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = utils.read_only_property("_n")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_rsa_public_numbers(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<RSAPublicNumbers(e={0.e}, n={0.n})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, RSAPublicNumbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.e == other.e and self.n == other.n
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.e, self.n))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/utils.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,38 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from asn1crypto.algos import DSASignature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def decode_dss_signature(signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = DSASignature.load(signature, strict=True).native
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data['r'], data['s']
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def encode_dss_signature(r, s):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(r, six.integer_types) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(s, six.integer_types)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Both r and s must be integers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return DSASignature({'r': r, 's': s}).dump()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Prehashed(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected instance of HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest_size = algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x25519.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x25519.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,73 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class X25519PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.x25519_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x25519_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding=None, format=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class X25519PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.x25519_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x25519_generate_key()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.x25519_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X25519 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x25519_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Performs a key exchange operation using the provided peer's public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x448.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/asymmetric/x448.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,73 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class X448PublicKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_public_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.x448_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x448_load_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding, format):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class X448PrivateKey(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.x448_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x448_generate_key()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_private_bytes(cls, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.x448_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "X448 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x448_load_private_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def private_bytes(self, encoding, format, encryption_algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serialized bytes of the private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def exchange(self, peer_public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Performs a key exchange operation using the provided peer's public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,21 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.base import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AEADCipherContext, AEADDecryptionContext, AEADEncryptionContext,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BlockCipherAlgorithm, Cipher, CipherAlgorithm, CipherContext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--__all__ = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cipher",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CipherAlgorithm",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "BlockCipherAlgorithm",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CipherContext",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AEADCipherContext",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AEADDecryptionContext",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AEADEncryptionContext",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/aead.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/aead.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/aead.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,188 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import exceptions, utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl import aead
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ChaCha20Poly1305(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _MAX_SIZE = 2 ** 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.aead_cipher_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise exceptions.UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ChaCha20Poly1305 is not supported by this version of OpenSSL",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- exceptions._Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) != 32:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("ChaCha20Poly1305 key must be 32 bytes.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_key(cls):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return os.urandom(32)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- associated_data = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) > self._MAX_SIZE or len(associated_data) > self._MAX_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is OverflowError to match what cffi would raise
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise OverflowError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Data or associated data too long. Max 2**32 bytes"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aead._encrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- associated_data = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aead._decrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _check_params(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("associated_data", associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(nonce) != 12:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Nonce must be 12 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AESCCM(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _MAX_SIZE = 2 ** 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key, tag_length=16):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) not in (16, 24, 32):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("AESCCM key must be 128, 192, or 256 bits.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(tag_length, int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("tag_length must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if tag_length not in (4, 6, 8, 10, 12, 14, 16):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid tag_length")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag_length = tag_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.aead_cipher_supported(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise exceptions.UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AESCCM is not supported by this version of OpenSSL",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- exceptions._Reasons.UNSUPPORTED_CIPHER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_key(cls, bit_length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(bit_length, int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("bit_length must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if bit_length not in (128, 192, 256):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("bit_length must be 128, 192, or 256")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return os.urandom(bit_length // 8)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- associated_data = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) > self._MAX_SIZE or len(associated_data) > self._MAX_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is OverflowError to match what cffi would raise
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise OverflowError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Data or associated data too long. Max 2**32 bytes"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._validate_lengths(nonce, len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aead._encrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, self, nonce, data, associated_data, self._tag_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- associated_data = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aead._decrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, self, nonce, data, associated_data, self._tag_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _validate_lengths(self, nonce, data_len):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # For information about computing this, see
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # https://tools.ietf.org/html/rfc3610#section-2.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- l_val = 15 - len(nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if 2 ** (8 * l_val) < data_len:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Nonce too long for data")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _check_params(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("associated_data", associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not 7 <= len(nonce) <= 13:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Nonce must be between 7 and 13 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AESGCM(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _MAX_SIZE = 2 ** 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) not in (16, 24, 32):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("AESGCM key must be 128, 192, or 256 bits.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate_key(cls, bit_length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(bit_length, int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("bit_length must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if bit_length not in (128, 192, 256):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("bit_length must be 128, 192, or 256")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return os.urandom(bit_length // 8)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- associated_data = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) > self._MAX_SIZE or len(associated_data) > self._MAX_SIZE:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is OverflowError to match what cffi would raise
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise OverflowError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Data or associated data too long. Max 2**32 bytes"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aead._encrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decrypt(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if associated_data is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- associated_data = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_params(nonce, data, associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return aead._decrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend, self, nonce, data, associated_data, 16
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _check_params(self, nonce, data, associated_data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("associated_data", associated_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(nonce) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Nonce must be at least 1 byte")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/algorithms.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/algorithms.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/algorithms.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,167 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BlockCipherAlgorithm, CipherAlgorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.modes import ModeWithNonce
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _verify_key_size(algorithm, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Verify that the key is instance of bytes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key", key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Verify that the key size matches the expected key size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) * 8 not in algorithm.key_sizes:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid key size ({}) for {}.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(key) * 8, algorithm.name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AES(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "AES"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 512 added to support AES-256-XTS, which uses 512-bit keys
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([128, 192, 256, 512])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Camellia(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "camellia"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([128, 192, 256])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class TripleDES(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "3DES"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([64, 128, 192])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) == 8:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key += key + key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif len(key) == 16:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key += key[:8]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Blowfish(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "Blowfish"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset(range(32, 449, 8))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CAST5(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "CAST5"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset(range(40, 129, 8))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ARC4(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "RC4"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([40, 56, 64, 80, 128, 160, 192, 256])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class IDEA(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "IDEA"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([128])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(BlockCipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SEED(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "SEED"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([128])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithNonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ChaCha20(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "ChaCha20"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_sizes = frozenset([256])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key, nonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key = _verify_key_size(self, key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(nonce) != 16:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("nonce must be 128-bits (16 bytes)")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._nonce = nonce
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce = utils.read_only_property("_nonce")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self.key) * 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/base.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/base.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/base.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,235 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, AlreadyUpdated, NotYetFinalized, UnsupportedAlgorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import CipherBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers import modes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CipherAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- A string naming this mode (e.g. "AES", "Camellia").
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def key_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The size of the key being used as an integer in bits (e.g. 128, 256).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BlockCipherAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def block_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The size of a block as an integer in bits (e.g. 64, 128).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CipherContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Processes the provided bytes through the cipher and returns the results
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Processes the provided bytes and writes the resulting data into the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- provided buffer. Returns the number of bytes written.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the results of processing the final block as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AEADCipherContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def authenticate_additional_data(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Authenticates the provided bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AEADDecryptionContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize_with_tag(self, tag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the results of processing the final block as bytes and allows
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- delayed passing of the authentication tag.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AEADEncryptionContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tag(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns tag bytes. This is only available after encryption is
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finalized.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Cipher(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, mode, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, CipherBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement CipherBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, CipherAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected interface of CipherAlgorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if mode is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mode.validate_for_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.mode = mode
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encryptor(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(self.mode, modes.ModeWithAuthenticationTag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.mode.tag is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Authentication tag must be None when encrypting."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend.create_symmetric_encryption_ctx(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.algorithm, self.mode
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._wrap_ctx(ctx, encrypt=True)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decryptor(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = self._backend.create_symmetric_decryption_ctx(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.algorithm, self.mode
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._wrap_ctx(ctx, encrypt=False)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _wrap_ctx(self, ctx, encrypt):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(self.mode, modes.ModeWithAuthenticationTag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if encrypt:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _AEADEncryptionContext(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _AEADCipherContext(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _CipherContext(ctx)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _CipherContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, ctx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ctx.update_into(data, buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AEADCipherContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(CipherContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AEADDecryptionContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _AEADCipherContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, ctx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._bytes_processed = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._aad_bytes_processed = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._updated = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _check_limit(self, data_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._updated = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._bytes_processed += data_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._bytes_processed > self._ctx._mode._MAX_ENCRYPTED_BYTES:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} has a maximum encrypted byte limit of {}".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx._mode.name, self._ctx._mode._MAX_ENCRYPTED_BYTES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_limit(len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update_into(self, data, buf):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._check_limit(len(data))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._ctx.update_into(data, buf)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = self._ctx.tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize_with_tag(self, tag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = self._ctx.finalize_with_tag(tag)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = self._ctx.tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def authenticate_additional_data(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._updated:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyUpdated("Update has been called on this context.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._aad_bytes_processed += len(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._aad_bytes_processed > self._ctx._mode._MAX_AAD_BYTES:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} has a maximum AAD byte limit of {}".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx._mode.name, self._ctx._mode._MAX_AAD_BYTES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx.authenticate_additional_data(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(AEADEncryptionContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _AEADEncryptionContext(_AEADCipherContext):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tag(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotYetFinalized("You must finalize encryption before "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "getting the tag.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/modes.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/modes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/ciphers/modes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,218 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Mode(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- A string naming this mode (e.g. "ECB", "CBC").
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks that all the necessary invariants of this (mode, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- combination are met.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ModeWithInitializationVector(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def initialization_vector(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The value of the initialization vector for this mode as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ModeWithTweak(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tweak(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The value of the tweak for this mode as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ModeWithNonce(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def nonce(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The value of the nonce for this mode as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ModeWithAuthenticationTag(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tag(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The value of the tag supplied to the constructor of this mode.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_aes_key_length(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if algorithm.key_size > 256 and algorithm.name == "AES":
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Only 128, 192, and 256 bit keys are allowed for this AES mode"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_iv_length(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(self.initialization_vector) * 8 != algorithm.block_size:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid IV size ({}) for {}.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(self.initialization_vector), self.name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_iv_and_key_length(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_aes_key_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_iv_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CBC(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "CBC"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithTweak)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class XTS(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "XTS"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, tweak):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("tweak", tweak)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(tweak) != 16:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("tweak must be 128-bits (16 bytes)")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tweak = tweak
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tweak = utils.read_only_property("_tweak")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if algorithm.key_size not in (256, 512):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "The XTS specification requires a 256-bit key for AES-128-XTS"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " and 512-bit key for AES-256-XTS"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ECB(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "ECB"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- validate_for_algorithm = _check_aes_key_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OFB(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "OFB"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CFB(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "CFB"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CFB8(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "CFB8"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, initialization_vector):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- validate_for_algorithm = _check_iv_and_key_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithNonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CTR(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "CTR"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, nonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("nonce", nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._nonce = nonce
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce = utils.read_only_property("_nonce")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_aes_key_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(self.nonce) * 8 != algorithm.block_size:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid nonce size ({}) for {}.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(self.nonce), self.name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(Mode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithInitializationVector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ModeWithAuthenticationTag)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class GCM(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "GCM"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _MAX_ENCRYPTED_BYTES = (2 ** 39 - 256) // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _MAX_AAD_BYTES = (2 ** 64) // 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, initialization_vector, tag=None, min_tag_length=16):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # len(initialization_vector) must in [1, 2 ** 64), but it's impossible
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # to actually construct a bytes object that large, so we don't check
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # for it
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("initialization_vector", initialization_vector)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(initialization_vector) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("initialization_vector must be at least 1 byte")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._initialization_vector = initialization_vector
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if tag is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("tag", tag)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if min_tag_length < 4:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("min_tag_length must be >= 4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(tag) < min_tag_length:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Authentication tag must be {} bytes or longer.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- min_tag_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._tag = tag
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._min_tag_length = min_tag_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- tag = utils.read_only_property("_tag")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- initialization_vector = utils.read_only_property("_initialization_vector")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def validate_for_algorithm(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _check_aes_key_length(self, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/cmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/cmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/cmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,64 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import CMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import ciphers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CMAC(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, backend, ctx=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, CMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement CMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, ciphers.BlockCipherAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Expected instance of BlockCipherAlgorithm."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = self._backend.create_cmac_ctx(self._algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._ctx = self._ctx, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx.verify(signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CMAC(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend=self._backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx=self._ctx.copy()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/constant_time.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/constant_time.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/constant_time.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,35 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import hmac
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.bindings._constant_time import lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--if hasattr(hmac, "compare_digest"):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def bytes_eq(a, b):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(a, bytes) or not isinstance(b, bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("a and b must be bytes.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hmac.compare_digest(a, b)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Support for your Python version is deprecated. The next version of "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "cryptography will remove support. Please upgrade to a release "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "(2.7.7+) that supports hmac.compare_digest as soon as possible.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.PersistentlyDeprecated2018,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def bytes_eq(a, b):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(a, bytes) or not isinstance(b, bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("a and b must be bytes.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return lib.Cryptography_constant_time_bytes_eq(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a, len(a), b, len(b)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ) == 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hashes.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hashes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hashes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,255 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HashBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HashAlgorithm(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- A string naming this algorithm (e.g. "sha256", "md5").
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def digest_size(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The size of the resulting digest in bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HashContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- A HashAlgorithm that will be used by this context.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Processes the provided bytes through the hash.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Finalizes the hash context and returns the hash digest as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return a HashContext that is a copy of the current context.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ExtendableOutputFunction(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- An interface for extendable output functions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Hash(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, backend, ctx=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HashBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HashBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = self._backend.create_hash_ctx(self.algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return Hash(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.algorithm, backend=self._backend, ctx=self._ctx.copy()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA1(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 20
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA512_224(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha512-224"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 28
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA512_256(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha512-256"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA224(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha224"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 28
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA256(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha256"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA384(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha384"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 48
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA512(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha512"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA3_224(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha3-224"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 28
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA3_256(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha3-256"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA3_384(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha3-384"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 48
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHA3_512(object): # noqa: N801
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "sha3-512"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtendableOutputFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHAKE128(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "shake128"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(digest_size, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("digest_size must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if digest_size < 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("digest_size must be a positive integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtendableOutputFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SHAKE256(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "shake256"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(digest_size, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("digest_size must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if digest_size < 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("digest_size must be a positive integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class MD5(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "md5"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = 16
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BLAKE2b(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "blake2b"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _max_digest_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _min_digest_size = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 128
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if digest_size != 64:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Digest size must be 64")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(HashAlgorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BLAKE2s(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = "blake2s"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- block_size = 64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _max_digest_size = 32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _min_digest_size = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, digest_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if digest_size != 32:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Digest size must be 32")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest_size = digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest_size = utils.read_only_property("_digest_size")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hmac.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/hmac.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,66 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(hashes.HashContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HMAC(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key, algorithm, backend, ctx=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Expected instance of hashes.HashAlgorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = self._backend.create_hmac_ctx(key, self.algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = ctx
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm = utils.read_only_property("_algorithm")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def copy(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return HMAC(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- backend=self._backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx=self._ctx.copy()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, signature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("signature", signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._ctx = self._ctx, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx.verify(signature)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,26 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class KeyDerivationFunction(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Deterministically generates and returns a new key based on the existing
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key material.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks whether the key generated by the key material matches the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- expected derived key. Raises an exception if they do not match.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/concatkdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/concatkdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/concatkdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,124 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HashBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, hashes, hmac
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _int_to_u32be(n):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return struct.pack('>I', n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _common_args_checks(algorithm, length, otherinfo):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- max_length = algorithm.digest_size * (2 ** 32 - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if length > max_length:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Can not derive keys larger than {} bits.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- max_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if otherinfo is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("otherinfo", otherinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _concatkdf_derive(key_material, length, auxfn, otherinfo):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output = [b""]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while (length > outlen):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = auxfn()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(_int_to_u32be(counter))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(otherinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen += len(output[-1])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter += 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"".join(output)[:length]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ConcatKDFHash(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, length, otherinfo, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _common_args_checks(algorithm, length, otherinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._otherinfo = otherinfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._otherinfo is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._otherinfo = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HashBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HashBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _concatkdf_derive(key_material, self._length,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hash, self._otherinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ConcatKDFHMAC(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, length, salt, otherinfo, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _common_args_checks(algorithm, length, otherinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._otherinfo = otherinfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._otherinfo is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._otherinfo = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if salt is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- salt = b"\x00" * algorithm.block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._salt = salt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _hmac(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hmac.HMAC(self._salt, self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _concatkdf_derive(key_material, self._length,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hmac, self._otherinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/hkdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/hkdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/hkdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,110 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, hmac
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HKDF(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, length, salt, info, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if salt is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- salt = b"\x00" * self._algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._salt = salt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hkdf_expand = HKDFExpand(self._algorithm, length, info, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _extract(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = hmac.HMAC(self._salt, self._algorithm, backend=self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return h.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._hkdf_expand.derive(self._extract(key_material))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HKDFExpand(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, length, info, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- max_length = 255 * algorithm.digest_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if length > max_length:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Can not derive keys larger than {} octets.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- max_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if info is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- info = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("info", info)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._info = info
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _expand(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output = [b""]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while self._algorithm.digest_size * (len(output) - 1) < self._length:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = hmac.HMAC(key_material, self._algorithm, backend=self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(output[-1])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(self._info)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(six.int2byte(counter))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter += 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"".join(output)[:self._length]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._expand(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/kbkdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/kbkdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/kbkdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,145 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from six.moves import range
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, hashes, hmac
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Mode(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CounterMode = "ctr"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CounterLocation(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BeforeFixed = "before_fixed"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AfterFixed = "after_fixed"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class KBKDFHMAC(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, mode, length, rlen, llen,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- location, label, context, fixed, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Algorithm supplied is not a supported hash algorithm.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.hmac_supported(algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Algorithm supplied is not a supported hmac algorithm.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(mode, Mode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("mode must be of type Mode")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(location, CounterLocation):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("location must be of type CounterLocation")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (label or context) and fixed:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("When supplying fixed data, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "label and context are ignored.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rlen is None or not self._valid_byte_length(rlen):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("rlen must be between 1 and 4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if llen is None and fixed is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Please specify an llen")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if llen is not None and not isinstance(llen, int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("llen must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if label is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- label = b''
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if context is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- context = b''
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("label", label)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("context", context)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._mode = mode
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._rlen = rlen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._llen = llen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._location = location
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._label = label
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._context = context
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._fixed_data = fixed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _valid_byte_length(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(value, int):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('value must be of type int')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value_bin = utils.int_to_bytes(1, value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not 1 <= len(value_bin) <= 4:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # inverse floor division (equivalent to ceiling)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rounds = -(-self._length // self._algorithm.digest_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output = [b'']
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # For counter mode, the number of iterations shall not be
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # larger than 2^r-1, where r <= 32 is the binary length of the counter
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This ensures that the counter values used as an input to the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # PRF will not repeat during a particular call to the KDF function.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r_bin = utils.int_to_bytes(1, self._rlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rounds > pow(2, len(r_bin) * 8) - 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('There are too many iterations.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(1, rounds + 1):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = hmac.HMAC(key_material, self._algorithm, backend=self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter = utils.int_to_bytes(i, self._rlen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._location == CounterLocation.BeforeFixed:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(counter)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(self._generate_fixed_input())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._location == CounterLocation.AfterFixed:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(counter)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b''.join(output)[:self._length]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _generate_fixed_input(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._fixed_data and isinstance(self._fixed_data, bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._fixed_data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- l_val = utils.int_to_bytes(self._length * 8, self._llen)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"".join([self._label, b"\x00", self._context, l_val])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/pbkdf2.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/pbkdf2.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/pbkdf2.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,56 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import PBKDF2HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PBKDF2HMAC(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, length, salt, iterations, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, PBKDF2HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement PBKDF2HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.pbkdf2_hmac_supported(algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is not supported for PBKDF2 by this backend.".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- algorithm.name),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._salt = salt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._iterations = iterations
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("PBKDF2 instances can only be used once.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.derive_pbkdf2_hmac(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._salt,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._iterations,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- derived_key = self.derive(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(derived_key, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey("Keys do not match.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/scrypt.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/scrypt.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/scrypt.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,63 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import sys
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import ScryptBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This is used by the scrypt tests to skip tests that require more memory
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# than the MEM_LIMIT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_MEM_LIMIT = sys.maxsize // 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Scrypt(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, salt, length, n, r, p, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, ScryptBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement ScryptBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("salt", salt)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if n < 2 or (n & (n - 1)) != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("n must be greater than 1 and be a power of 2.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if r < 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("r must be greater than or equal to 1.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if p < 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("p must be greater than or equal to 1.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._salt = salt
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._n = n
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._r = r
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._p = p
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Scrypt instances can only be used once.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._backend.derive_scrypt(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_material, self._salt, self._length, self._n, self._r, self._p
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- derived_key = self.derive(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(derived_key, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey("Keys do not match.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/x963kdf.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/x963kdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/kdf/x963kdf.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,68 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HashBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.kdf import KeyDerivationFunction
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _int_to_u32be(n):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return struct.pack('>I', n)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeyDerivationFunction)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class X963KDF(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, algorithm, length, sharedinfo, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- max_len = algorithm.digest_size * (2 ** 32 - 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if length > max_len:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Can not derive keys larger than {} bits.".format(max_len))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if sharedinfo is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("sharedinfo", sharedinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._sharedinfo = sharedinfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HashBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HashBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = False
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def derive(self, key_material):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._used:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._used = True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("key_material", key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output = [b""]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while self._length > outlen:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h = hashes.Hash(self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(key_material)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(_int_to_u32be(counter))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._sharedinfo is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- h.update(self._sharedinfo)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- output.append(h.finalize())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outlen += len(output[-1])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter += 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"".join(output)[:self._length]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, key_material, expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.derive(key_material), expected_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/keywrap.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/keywrap.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/keywrap.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,154 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers import Cipher
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.algorithms import AES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.ciphers.modes import ECB
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.constant_time import bytes_eq
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _wrap_core(wrapping_key, a, r, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # RFC 3394 Key Wrap - 2.2.1 (index method)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryptor = Cipher(AES(wrapping_key), ECB(), backend).encryptor()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = len(r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for j in range(6):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in range(n):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # every encryption operation is a discrete 16 byte chunk (because
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # AES has a 128-bit block size) and since we're using ECB it is
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # safe to reuse the encryptor for the entire operation
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b = encryptor.update(a + r[i])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # pack/unpack are safe as these are always 64-bit chunks
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a = struct.pack(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ">Q", struct.unpack(">Q", b[:8])[0] ^ ((n * j) + i + 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r[i] = b[-8:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert encryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return a + b"".join(r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def aes_key_wrap(wrapping_key, key_to_wrap, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key_to_wrap) < 16:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("The key to wrap must be at least 16 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key_to_wrap) % 8 != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("The key to wrap must be a multiple of 8 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a = b"\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r = [key_to_wrap[i:i + 8] for i in range(0, len(key_to_wrap), 8)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _wrap_core(wrapping_key, a, r, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _unwrap_core(wrapping_key, a, r, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Implement RFC 3394 Key Unwrap - 2.2.2 (index method)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decryptor = Cipher(AES(wrapping_key), ECB(), backend).decryptor()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = len(r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for j in reversed(range(6)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for i in reversed(range(n)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # pack/unpack are safe as these are always 64-bit chunks
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- atr = struct.pack(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ">Q", struct.unpack(">Q", a)[0] ^ ((n * j) + i + 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ) + r[i]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # every decryption operation is a discrete 16 byte chunk so
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # it is safe to reuse the decryptor for the entire operation
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b = decryptor.update(atr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a = b[:8]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r[i] = b[-8:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert decryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return a, r
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def aes_key_wrap_with_padding(wrapping_key, key_to_wrap, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aiv = b"\xA6\x59\x59\xA6" + struct.pack(">i", len(key_to_wrap))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # pad the key to wrap if necessary
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pad = (8 - (len(key_to_wrap) % 8)) % 8
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_to_wrap = key_to_wrap + b"\x00" * pad
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key_to_wrap) == 8:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # RFC 5649 - 4.1 - exactly 8 octets after padding
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encryptor = Cipher(AES(wrapping_key), ECB(), backend).encryptor()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b = encryptor.update(aiv + key_to_wrap)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert encryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r = [key_to_wrap[i:i + 8] for i in range(0, len(key_to_wrap), 8)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _wrap_core(wrapping_key, aiv, r, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def aes_key_unwrap_with_padding(wrapping_key, wrapped_key, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapped_key) < 16:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidUnwrap("Must be at least 16 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapped_key) == 16:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # RFC 5649 - 4.2 - exactly two 64-bit blocks
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decryptor = Cipher(AES(wrapping_key), ECB(), backend).decryptor()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b = decryptor.update(wrapped_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert decryptor.finalize() == b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a = b[:8]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = b[8:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r = [wrapped_key[i:i + 8] for i in range(0, len(wrapped_key), 8)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encrypted_aiv = r.pop(0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = len(r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a, r = _unwrap_core(wrapping_key, encrypted_aiv, r, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = b"".join(r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 1) Check that MSB(32,A) = A65959A6.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 2) Check that 8*(n-1) < LSB(32,A) <= 8*n. If so, let
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # MLI = LSB(32,A).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # 3) Let b = (8*n)-MLI, and then check that the rightmost b octets of
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # the output data are zero.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (mli,) = struct.unpack(">I", a[4:])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b = (8 * n) - mli
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not bytes_eq(a[:4], b"\xa6\x59\x59\xa6") or not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 8 * (n - 1) < mli <= 8 * n or (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b != 0 and not bytes_eq(data[-b:], b"\x00" * b)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidUnwrap()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if b == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data[:-b]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def aes_key_unwrap(wrapping_key, wrapped_key, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapped_key) < 24:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidUnwrap("Must be at least 24 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapped_key) % 8 != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidUnwrap("The wrapped key must be a multiple of 8 bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(wrapping_key) not in [16, 24, 32]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("The wrapping key must be a valid AES key length")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aiv = b"\xa6\xa6\xa6\xa6\xa6\xa6\xa6\xa6"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- r = [wrapped_key[i:i + 8] for i in range(0, len(wrapped_key), 8)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a = r.pop(0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- a, r = _unwrap_core(wrapping_key, a, r, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not bytes_eq(a, aiv):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidUnwrap()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return b"".join(r)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidUnwrap(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/padding.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/padding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/padding.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,200 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import AlreadyFinalized
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.bindings._padding import lib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PaddingContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Pads the provided bytes and returns any available data as bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Finalize the padding, returns bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _byte_padding_check(block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not (0 <= block_size <= 2040):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("block_size must be in range(0, 2041).")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if block_size % 8 != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("block_size must be a multiple of 8.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _byte_padding_update(buffer_, data, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer_ += data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finished_blocks = len(buffer_) // (block_size // 8)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = buffer_[:finished_blocks * (block_size // 8)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer_ = buffer_[finished_blocks * (block_size // 8):]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return buffer_, result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _byte_padding_pad(buffer_, block_size, paddingfn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pad_size = block_size // 8 - len(buffer_)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return buffer_ + paddingfn(pad_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _byte_unpadding_update(buffer_, data, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer_ += data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- finished_blocks = max(len(buffer_) // (block_size // 8) - 1, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = buffer_[:finished_blocks * (block_size // 8)]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer_ = buffer_[finished_blocks * (block_size // 8):]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return buffer_, result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _byte_unpadding_check(buffer_, block_size, checkfn):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if buffer_ is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(buffer_) != block_size // 8:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid padding bytes.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- valid = checkfn(buffer_, block_size // 8)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not valid:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid padding bytes.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pad_size = six.indexbytes(buffer_, -1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return buffer_[:-pad_size]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PKCS7(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _byte_padding_check(block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def padder(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _PKCS7PaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def unpadder(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _PKCS7UnpaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _PKCS7PaddingContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, result = _byte_padding_update(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _padding(self, size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return six.int2byte(size) * size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = _byte_padding_pad(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, self.block_size, self._padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _PKCS7UnpaddingContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, result = _byte_unpadding_update(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = _byte_unpadding_check(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, self.block_size,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.Cryptography_check_pkcs7_padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ANSIX923(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _byte_padding_check(block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def padder(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ANSIX923PaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def unpadder(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ANSIX923UnpaddingContext(self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _ANSIX923PaddingContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, result = _byte_padding_update(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _padding(self, size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return six.int2byte(0) * (size - 1) + six.int2byte(size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = _byte_padding_pad(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, self.block_size, self._padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(PaddingContext)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _ANSIX923UnpaddingContext(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, block_size):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.block_size = block_size
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # TODO: more copies than necessary, we should use zero-buffer (#193)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = b""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, result = _byte_unpadding_update(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, data, self.block_size)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = _byte_unpadding_check(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer, self.block_size,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib.Cryptography_check_ansix923_padding)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._buffer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/poly1305.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/poly1305.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/poly1305.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,43 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AlreadyFinalized, UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Poly1305(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not backend.poly1305_supported():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "poly1305 is not supported by this version of OpenSSL.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.UNSUPPORTED_MAC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = backend.create_poly1305_ctx(key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def update(self, data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_byteslike("data", data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx.update(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def finalize(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mac = self._ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ctx = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return mac
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, tag):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils._check_bytes("tag", tag)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._ctx is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise AlreadyFinalized("Context was already finalized.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx, self._ctx = self._ctx, None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx.verify(tag)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,26 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.serialization.base import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BestAvailableEncryption, Encoding, KeySerializationEncryption,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NoEncryption, ParameterFormat, PrivateFormat, PublicFormat,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- load_der_parameters, load_der_private_key, load_der_public_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- load_pem_parameters, load_pem_private_key, load_pem_public_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.serialization.ssh import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- load_ssh_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_PEM_DER = (Encoding.PEM, Encoding.DER)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--__all__ = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_der_parameters", "load_der_private_key", "load_der_public_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_pem_parameters", "load_pem_private_key", "load_pem_public_key",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_ssh_public_key", "Encoding", "PrivateFormat", "PublicFormat",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ParameterFormat", "KeySerializationEncryption", "BestAvailableEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NoEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/base.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/base.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/base.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,82 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_pem_private_key(data, password, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_pem_private_key(data, password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_pem_public_key(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_pem_public_key(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_pem_parameters(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_pem_parameters(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_private_key(data, password, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_private_key(data, password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_public_key(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_public_key(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_parameters(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_parameters(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Encoding(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PEM = "PEM"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DER = "DER"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OpenSSH = "OpenSSH"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Raw = "Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- X962 = "ANSI X9.62"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PrivateFormat(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PKCS8 = "PKCS8"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TraditionalOpenSSL = "TraditionalOpenSSL"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Raw = "Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PublicFormat(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SubjectPublicKeyInfo = "X.509 subjectPublicKeyInfo with PKCS#1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PKCS1 = "Raw PKCS#1"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OpenSSH = "OpenSSH"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Raw = "Raw"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CompressedPoint = "X9.62 Compressed Point"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UncompressedPoint = "X9.62 Uncompressed Point"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ParameterFormat(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PKCS3 = "PKCS3"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class KeySerializationEncryption(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeySerializationEncryption)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BestAvailableEncryption(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, password):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(password, bytes) or len(password) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Password must be 1 or more bytes.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.password = password
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(KeySerializationEncryption)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class NoEncryption(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/pkcs12.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/pkcs12.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/pkcs12.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,9 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_key_and_certificates(data, password, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_key_and_certificates_from_pkcs12(data, password)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/ssh.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/ssh.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/serialization/ssh.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,153 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import base64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import UnsupportedAlgorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_ssh_public_key(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_parts = data.split(b' ', 2)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key_parts) < 2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'Key is not in the proper format or contains extra data.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_type = key_parts[0]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if key_type == b'ssh-rsa':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- loader = _load_ssh_rsa_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == b'ssh-dss':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- loader = _load_ssh_dss_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type in [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b'ecdsa-sha2-nistp256', b'ecdsa-sha2-nistp384', b'ecdsa-sha2-nistp521',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- loader = _load_ssh_ecdsa_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif key_type == b'ssh-ed25519':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- loader = _load_ssh_ed25519_public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm('Key type is not supported.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_body = key_parts[1]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decoded_data = base64.b64decode(key_body)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except TypeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Key is not in the proper format.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- inner_key_type, rest = _ssh_read_next_string(decoded_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if inner_key_type != key_type:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'Key header and key body contain different key type values.'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return loader(key_type, rest, backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _load_ssh_rsa_public_key(key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e, rest = _ssh_read_next_mpint(decoded_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rest:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return rsa.RSAPublicNumbers(e, n).public_key(backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _load_ssh_dss_public_key(key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p, rest = _ssh_read_next_mpint(decoded_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- q, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- g, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- y, rest = _ssh_read_next_mpint(rest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rest:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameter_numbers = dsa.DSAParameterNumbers(p, q, g)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_numbers = dsa.DSAPublicNumbers(y, parameter_numbers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return public_numbers.public_key(backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _load_ssh_ecdsa_public_key(expected_key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve_name, rest = _ssh_read_next_string(decoded_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, rest = _ssh_read_next_string(rest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if expected_key_type != b"ecdsa-sha2-" + curve_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'Key header and key body contain different key type values.'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rest:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- curve = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b"nistp256": ec.SECP256R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b"nistp384": ec.SECP384R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- b"nistp521": ec.SECP521R1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }[curve_name]()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if six.indexbytes(data, 0) != 4:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise NotImplementedError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Compressed elliptic curve points are not supported"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ec.EllipticCurvePublicKey.from_encoded_point(curve, data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _load_ssh_ed25519_public_key(expected_key_type, decoded_data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data, rest = _ssh_read_next_string(decoded_data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if rest:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Key body contains extra bytes.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ed25519.Ed25519PublicKey.from_public_bytes(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ssh_read_next_string(data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Retrieves the next RFC 4251 string value from the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- While the RFC calls these strings, in Python they are bytes objects.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) < 4:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Key is not in the proper format")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- str_len, = struct.unpack('>I', data[:4])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(data) < str_len + 4:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Key is not in the proper format")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return data[4:4 + str_len], data[4 + str_len:]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ssh_read_next_mpint(data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Reads the next mpint from the data.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Currently, all mpints are interpreted as unsigned.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- mpint_data, rest = _ssh_read_next_string(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.int_from_bytes(mpint_data, byteorder='big', signed=False), rest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ssh_write_string(data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return struct.pack(">I", len(data)) + data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _ssh_write_mpint(value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = utils.int_to_bytes(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if six.indexbytes(data, 0) & 0x80:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = b"\x00" + data
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _ssh_write_string(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/__init__.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,9 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidToken(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/hotp.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/hotp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/hotp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,68 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import struct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, hmac
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.hashes import SHA1, SHA256, SHA512
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.twofactor import InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class HOTP(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key, length, algorithm, backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enforce_key_length=True):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(key) < 16 and enforce_key_length is True:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Key length has to be at least 128 bits.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(length, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Length parameter must be an integer type.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if length < 6 or length > 8:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Length of HOTP has to be between 6 to 8.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, (SHA1, SHA256, SHA512)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Algorithm must be SHA1, SHA256 or SHA512.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key = key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._length = length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._backend = backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate(self, counter):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- truncated_value = self._dynamic_truncate(counter)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hotp = truncated_value % (10 ** self._length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "{0:0{1}}".format(hotp, self._length).encode()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, hotp, counter):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.generate(counter), hotp):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken("Supplied HOTP value does not match.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _dynamic_truncate(self, counter):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx = hmac.HMAC(self._key, self._algorithm, self._backend)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ctx.update(struct.pack(">Q", counter))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hmac_value = ctx.finalize()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- offset = six.indexbytes(hmac_value, len(hmac_value) - 1) & 0b1111
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- p = hmac_value[offset:offset + 4]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return struct.unpack(">I", p)[0] & 0x7fffffff
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_provisioning_uri(self, account_name, counter, issuer):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _generate_uri(self, "hotp", account_name, issuer, [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ("counter", int(counter)),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/totp.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/totp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/totp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,40 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.exceptions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UnsupportedAlgorithm, _Reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.backends.interfaces import HMACBackend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.twofactor import InvalidToken
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.twofactor.hotp import HOTP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.twofactor.utils import _generate_uri
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class TOTP(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key, length, algorithm, time_step, backend,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enforce_key_length=True):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(backend, HMACBackend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise UnsupportedAlgorithm(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Backend object does not implement HMACBackend.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _Reasons.BACKEND_MISSING_INTERFACE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._time_step = time_step
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._hotp = HOTP(key, length, algorithm, backend, enforce_key_length)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def generate(self, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- counter = int(time / self._time_step)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._hotp.generate(counter)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def verify(self, totp, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not constant_time.bytes_eq(self.generate(time), totp):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InvalidToken("Supplied TOTP value does not match.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_provisioning_uri(self, account_name, issuer):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _generate_uri(self._hotp, "totp", account_name, issuer, [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ("period", int(self._time_step)),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/utils.py lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/hazmat/primitives/twofactor/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,30 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import base64
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from six.moves.urllib.parse import quote, urlencode
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _generate_uri(hotp, type_name, account_name, issuer, extra_parameters):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameters = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ("digits", hotp._length),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ("secret", base64.b32encode(hotp._key)),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ("algorithm", hotp._algorithm.name.upper()),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if issuer is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameters.append(("issuer", issuer))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parameters.extend(extra_parameters)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- uriparts = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "type": type_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "label": ("%s:%s" % (quote(issuer), quote(account_name)) if issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else quote(account_name)),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "parameters": urlencode(parameters),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "otpauth://{type}/{label}?{parameters}".format(**uriparts)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/utils.py lib_pypy/_cffi_ssl/cryptography/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/utils.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,173 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import binascii
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import inspect
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import sys
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# We use a UserWarning subclass, instead of DeprecationWarning, because CPython
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# decided deprecation warnings should be invisble by default.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CryptographyDeprecationWarning(UserWarning):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# Several APIs were deprecated with no specific end-of-life date because of the
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# ubiquity of their use. They should not be removed until we agree on when that
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# cycle ends.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--PersistentlyDeprecated2017 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--PersistentlyDeprecated2018 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--DeprecatedIn25 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--DeprecatedIn27 = CryptographyDeprecationWarning
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_bytes(name, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(value, bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("{} must be bytes".format(name))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _check_byteslike(name, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- memoryview(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except TypeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("{} must be bytes-like".format(name))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def read_only_property(name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return property(lambda self: getattr(self, name))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def register_interface(iface):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def register_decorator(klass):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- verify_interface(iface, klass)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iface.register(klass)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return klass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return register_decorator
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def register_interface_if(predicate, iface):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def register_decorator(klass):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if predicate:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- verify_interface(iface, klass)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- iface.register(klass)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return klass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return register_decorator
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--if hasattr(int, "from_bytes"):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int_from_bytes = int.from_bytes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def int_from_bytes(data, byteorder, signed=False):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert byteorder == 'big'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- assert not signed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return int(binascii.hexlify(data), 16)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--if hasattr(int, "to_bytes"):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def int_to_bytes(integer, length=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return integer.to_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- length or (integer.bit_length() + 7) // 8 or 1, 'big'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def int_to_bytes(integer, length=None):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hex_string = '%x' % integer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if length is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = len(hex_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = length * 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return binascii.unhexlify(hex_string.zfill(n + (n & 1)))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InterfaceNotImplemented(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--if hasattr(inspect, "signature"):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- signature = inspect.signature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- signature = inspect.getargspec
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def verify_interface(iface, klass):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for method in iface.__abstractmethods__:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not hasattr(klass, method):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InterfaceNotImplemented(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{} is missing a {!r} method".format(klass, method)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(getattr(iface, method), abc.abstractproperty):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Can't properly verify these yet.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- continue
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sig = signature(getattr(iface, method))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- actual = signature(getattr(klass, method))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if sig != actual:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise InterfaceNotImplemented(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{}.{}'s signature differs from the expected. Expected: "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{!r}. Received: {!r}".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- klass, method, sig, actual
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# No longer needed as of 2.2, but retained because we have external consumers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# who use it.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def bit_length(x):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return x.bit_length()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _DeprecatedValue(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value, message, warning_class):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.message = message
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.warning_class = warning_class
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _ModuleWithDeprecations(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, module):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.__dict__["_module"] = module
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getattr__(self, attr):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = getattr(self._module, attr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(obj, _DeprecatedValue):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(obj.message, obj.warning_class, stacklevel=2)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = obj.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return obj
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __setattr__(self, attr, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- setattr(self._module, attr, value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __delattr__(self, attr):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- obj = getattr(self._module, attr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(obj, _DeprecatedValue):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(obj.message, obj.warning_class, stacklevel=2)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- delattr(self._module, attr)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __dir__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ["_module"] + dir(self._module)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def deprecated(value, module_name, message, warning_class):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- module = sys.modules[module_name]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(module, _ModuleWithDeprecations):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sys.modules[module_name] = _ModuleWithDeprecations(module)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return _DeprecatedValue(value, message, warning_class)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def cached_property(func):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cached_name = "_cached_{}".format(func)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sentinel = object()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def inner(instance):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cache = getattr(instance, cached_name, sentinel)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cache is not sentinel:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cache
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- result = func(instance)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- setattr(instance, cached_name, result)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return result
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return property(inner)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/__init__.py lib_pypy/_cffi_ssl/cryptography/x509/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/__init__.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,189 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509 import certificate_transparency
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.base import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Certificate, CertificateBuilder, CertificateRevocationList,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CertificateRevocationListBuilder,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CertificateSigningRequest, CertificateSigningRequestBuilder,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- InvalidVersion, RevokedCertificate, RevokedCertificateBuilder,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Version, load_der_x509_certificate, load_der_x509_crl, load_der_x509_csr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- load_pem_x509_certificate, load_pem_x509_crl, load_pem_x509_csr,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- random_serial_number,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.extensions import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AccessDescription, AuthorityInformationAccess,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AuthorityKeyIdentifier, BasicConstraints, CRLDistributionPoints,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLNumber, CRLReason, CertificateIssuer, CertificatePolicies,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DeltaCRLIndicator, DistributionPoint, DuplicateExtension, ExtendedKeyUsage,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Extension, ExtensionNotFound, ExtensionType, Extensions, FreshestCRL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GeneralNames, InhibitAnyPolicy, InvalidityDate, IssuerAlternativeName,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- IssuingDistributionPoint, KeyUsage, NameConstraints, NoticeReference,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPNoCheck, OCSPNonce, PolicyConstraints, PolicyInformation,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PrecertPoison, PrecertificateSignedCertificateTimestamps, ReasonFlags,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SubjectAlternativeName, SubjectKeyIdentifier, TLSFeature, TLSFeatureType,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UnrecognizedExtension, UserNotice
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.general_name import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DNSName, DirectoryName, GeneralName, IPAddress, OtherName, RFC822Name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RegisteredID, UniformResourceIdentifier, UnsupportedGeneralNameType,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _GENERAL_NAMES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.name import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Name, NameAttribute, RelativeDistinguishedName
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AuthorityInformationAccessOID, CRLEntryExtensionOID,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CertificatePoliciesOID, ExtendedKeyUsageOID, ExtensionOID, NameOID,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ObjectIdentifier, SignatureAlgorithmOID, _SIG_OIDS_TO_HASH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_AUTHORITY_INFORMATION_ACCESS = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_AUTHORITY_KEY_IDENTIFIER = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_BASIC_CONSTRAINTS = ExtensionOID.BASIC_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CERTIFICATE_POLICIES = ExtensionOID.CERTIFICATE_POLICIES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CRL_DISTRIBUTION_POINTS = ExtensionOID.CRL_DISTRIBUTION_POINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_EXTENDED_KEY_USAGE = ExtensionOID.EXTENDED_KEY_USAGE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_FRESHEST_CRL = ExtensionOID.FRESHEST_CRL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_INHIBIT_ANY_POLICY = ExtensionOID.INHIBIT_ANY_POLICY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ISSUER_ALTERNATIVE_NAME = ExtensionOID.ISSUER_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_KEY_USAGE = ExtensionOID.KEY_USAGE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_NAME_CONSTRAINTS = ExtensionOID.NAME_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_OCSP_NO_CHECK = ExtensionOID.OCSP_NO_CHECK
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_POLICY_CONSTRAINTS = ExtensionOID.POLICY_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_POLICY_MAPPINGS = ExtensionOID.POLICY_MAPPINGS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SUBJECT_ALTERNATIVE_NAME = ExtensionOID.SUBJECT_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SUBJECT_DIRECTORY_ATTRIBUTES = ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SUBJECT_INFORMATION_ACCESS = ExtensionOID.SUBJECT_INFORMATION_ACCESS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SUBJECT_KEY_IDENTIFIER = ExtensionOID.SUBJECT_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_DSA_WITH_SHA1 = SignatureAlgorithmOID.DSA_WITH_SHA1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_DSA_WITH_SHA224 = SignatureAlgorithmOID.DSA_WITH_SHA224
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_DSA_WITH_SHA256 = SignatureAlgorithmOID.DSA_WITH_SHA256
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ECDSA_WITH_SHA1 = SignatureAlgorithmOID.ECDSA_WITH_SHA1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ECDSA_WITH_SHA224 = SignatureAlgorithmOID.ECDSA_WITH_SHA224
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ECDSA_WITH_SHA256 = SignatureAlgorithmOID.ECDSA_WITH_SHA256
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ECDSA_WITH_SHA384 = SignatureAlgorithmOID.ECDSA_WITH_SHA384
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ECDSA_WITH_SHA512 = SignatureAlgorithmOID.ECDSA_WITH_SHA512
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSA_WITH_MD5 = SignatureAlgorithmOID.RSA_WITH_MD5
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSA_WITH_SHA1 = SignatureAlgorithmOID.RSA_WITH_SHA1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSA_WITH_SHA224 = SignatureAlgorithmOID.RSA_WITH_SHA224
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSA_WITH_SHA256 = SignatureAlgorithmOID.RSA_WITH_SHA256
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSA_WITH_SHA384 = SignatureAlgorithmOID.RSA_WITH_SHA384
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSA_WITH_SHA512 = SignatureAlgorithmOID.RSA_WITH_SHA512
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_RSASSA_PSS = SignatureAlgorithmOID.RSASSA_PSS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_COMMON_NAME = NameOID.COMMON_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_COUNTRY_NAME = NameOID.COUNTRY_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_DOMAIN_COMPONENT = NameOID.DOMAIN_COMPONENT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_DN_QUALIFIER = NameOID.DN_QUALIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_EMAIL_ADDRESS = NameOID.EMAIL_ADDRESS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_GENERATION_QUALIFIER = NameOID.GENERATION_QUALIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_GIVEN_NAME = NameOID.GIVEN_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_LOCALITY_NAME = NameOID.LOCALITY_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ORGANIZATIONAL_UNIT_NAME = NameOID.ORGANIZATIONAL_UNIT_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ORGANIZATION_NAME = NameOID.ORGANIZATION_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_PSEUDONYM = NameOID.PSEUDONYM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SERIAL_NUMBER = NameOID.SERIAL_NUMBER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_STATE_OR_PROVINCE_NAME = NameOID.STATE_OR_PROVINCE_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SURNAME = NameOID.SURNAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_TITLE = NameOID.TITLE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CLIENT_AUTH = ExtendedKeyUsageOID.CLIENT_AUTH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CODE_SIGNING = ExtendedKeyUsageOID.CODE_SIGNING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_EMAIL_PROTECTION = ExtendedKeyUsageOID.EMAIL_PROTECTION
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_OCSP_SIGNING = ExtendedKeyUsageOID.OCSP_SIGNING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_SERVER_AUTH = ExtendedKeyUsageOID.SERVER_AUTH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_TIME_STAMPING = ExtendedKeyUsageOID.TIME_STAMPING
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_ANY_POLICY = CertificatePoliciesOID.ANY_POLICY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CPS_QUALIFIER = CertificatePoliciesOID.CPS_QUALIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CPS_USER_NOTICE = CertificatePoliciesOID.CPS_USER_NOTICE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CERTIFICATE_ISSUER = CRLEntryExtensionOID.CERTIFICATE_ISSUER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CRL_REASON = CRLEntryExtensionOID.CRL_REASON
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_INVALIDITY_DATE = CRLEntryExtensionOID.INVALIDITY_DATE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_CA_ISSUERS = AuthorityInformationAccessOID.CA_ISSUERS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--OID_OCSP = AuthorityInformationAccessOID.OCSP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--__all__ = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "certificate_transparency",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_pem_x509_certificate",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_der_x509_certificate",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_pem_x509_csr",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_der_x509_csr",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_pem_x509_crl",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "load_der_x509_crl",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "random_serial_number",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "InvalidVersion",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DeltaCRLIndicator",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DuplicateExtension",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ExtensionNotFound",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UnsupportedGeneralNameType",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NameAttribute",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Name",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RelativeDistinguishedName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ObjectIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ExtensionType",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Extensions",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Extension",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ExtendedKeyUsage",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "FreshestCRL",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "IssuingDistributionPoint",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "TLSFeature",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "TLSFeatureType",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OCSPNoCheck",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "BasicConstraints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CRLNumber",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "KeyUsage",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AuthorityInformationAccess",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AccessDescription",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificatePolicies",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "PolicyInformation",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UserNotice",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NoticeReference",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SubjectKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "NameConstraints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CRLDistributionPoints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DistributionPoint",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ReasonFlags",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "InhibitAnyPolicy",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SubjectAlternativeName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "IssuerAlternativeName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AuthorityKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "GeneralNames",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "GeneralName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RFC822Name",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DNSName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UniformResourceIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RegisteredID",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DirectoryName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "IPAddress",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OtherName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Certificate",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificateRevocationList",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificateRevocationListBuilder",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificateSigningRequest",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RevokedCertificate",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RevokedCertificateBuilder",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificateSigningRequestBuilder",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificateBuilder",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Version",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_SIG_OIDS_TO_HASH",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OID_CA_ISSUERS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OID_OCSP",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_GENERAL_NAMES",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CertificateIssuer",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CRLReason",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "InvalidityDate",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UnrecognizedExtension",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "PolicyConstraints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "PrecertificateSignedCertificateTimestamps",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "PrecertPoison",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "OCSPNonce",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/base.py lib_pypy/_cffi_ssl/cryptography/x509/base.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/base.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,753 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import datetime
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.extensions import Extension, ExtensionType
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.name import Name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_EARLIEST_UTC_TIME = datetime.datetime(1950, 1, 1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _reject_duplicate_extension(extension, extensions):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is quadratic in the number of extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for e in extensions:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if e.oid == extension.oid:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('This extension has already been set.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _convert_to_naive_utc_time(time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """Normalizes a datetime to a naive datetime in UTC.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time -- datetime to normalize. Assumed to be in UTC if not timezone
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aware.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if time.tzinfo is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- offset = time.utcoffset()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- offset = offset if offset else datetime.timedelta()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return time.replace(tzinfo=None) - offset
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Version(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- v1 = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- v3 = 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_pem_x509_certificate(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_pem_x509_certificate(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_x509_certificate(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_x509_certificate(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_pem_x509_csr(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_pem_x509_csr(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_x509_csr(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_x509_csr(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_pem_x509_crl(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_pem_x509_crl(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_x509_crl(data, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_x509_crl(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidVersion(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, msg, parsed_version):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- super(InvalidVersion, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.parsed_version = parsed_version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Certificate(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns bytes using digest passed.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns certificate serial number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def version(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the certificate version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the public key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def not_valid_before(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Not before time (represented as UTC datetime)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def not_valid_after(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Not after time (represented as UTC datetime)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the issuer name object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def subject(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the subject name object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- in the certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the ObjectIdentifier of the signature algorithm.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an Extensions object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the signature bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_certificate_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the tbsCertificate payload bytes as defined in RFC 5280.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks equality.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks not equal.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Computes a hash.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Serializes the certificate to PEM or DER format.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificateRevocationList(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Serializes the CRL to PEM or DER format.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def fingerprint(self, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns bytes using digest passed.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_revoked_certificate_by_serial_number(self, serial_number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an instance of RevokedCertificate or None if the serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- is not in the CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- in the certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the ObjectIdentifier of the signature algorithm.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the X509Name with the issuer of this CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def next_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the date of next update for this CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def last_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the date of last update for this CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an Extensions object containing a list of CRL extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the signature bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_certlist_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the tbsCertList payload bytes as defined in RFC 5280.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks equality.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks not equal.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Number of revoked certificates in the CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a revoked certificate (or slice of revoked certificates).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Iterator over the revoked certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def is_signature_valid(self, public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verifies signature of revocation list against given public key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificateSigningRequest(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks equality.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Checks not equal.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Computes a hash.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the public key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def subject(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the subject name object.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- in the certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the ObjectIdentifier of the signature algorithm.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the extensions in the signing request.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Encodes the request to PEM or DER format.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the signature bytes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_certrequest_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the PKCS#10 CertificationRequestInfo bytes as defined in RFC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 2986.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def is_signature_valid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Verifies signature of signing request.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RevokedCertificate(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the serial number of the revoked certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_date(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the date of when this certificate was revoked.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an Extensions object containing a list of Revoked extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificateSigningRequestBuilder(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, subject_name=None, extensions=[]):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Creates an empty X.509 certificate request (v1).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._subject_name = subject_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def subject_name(self, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the certificate requestor's distinguished name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(name, Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._subject_name is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The subject name may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateSigningRequestBuilder(name, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Adds an X.509 extension to the certificate request.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateSigningRequestBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._subject_name, self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, private_key, algorithm, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the request using the requestor's private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._subject_name is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A CertificateSigningRequest must have a subject")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_x509_csr(self, private_key, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificateBuilder(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, issuer_name=None, subject_name=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- public_key=None, serial_number=None, not_valid_before=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not_valid_after=None, extensions=[]):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._version = Version.v3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name = issuer_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._subject_name = subject_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key = public_key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number = serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_before = not_valid_before
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after = not_valid_after
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_name(self, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the CA's distinguished name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(name, Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._issuer_name is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The issuer name may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name, self._subject_name, self._public_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def subject_name(self, name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the requestor's distinguished name.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(name, Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._subject_name is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The subject name may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, name, self._public_key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_key(self, key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the requestor's public key (as found in the signing request).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(key, (dsa.DSAPublicKey, rsa.RSAPublicKey,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ec.EllipticCurvePublicKey)):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting one of DSAPublicKey, RSAPublicKey,'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' or EllipticCurvePublicKey.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._public_key is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The public key may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._subject_name, key,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self, number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the certificate serial number.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Serial number must be of integral type.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._serial_number is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The serial number may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if number <= 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The serial number should be positive.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ASN.1 integers are always signed, so most significant bit must be
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # zero.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if number.bit_length() >= 160: # As defined in RFC 5280
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The serial number should not be more than 159 '
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'bits.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key, number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def not_valid_before(self, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the certificate activation time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._not_valid_before is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The not valid before may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time = _convert_to_naive_utc_time(time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The not valid before date must be on or after'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' 1950 January 1).')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._not_valid_after is not None and time > self._not_valid_after:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'The not valid before date must be before the not valid after '
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'date.'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key, self._serial_number, time,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def not_valid_after(self, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Sets the certificate expiration time.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._not_valid_after is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The not valid after may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time = _convert_to_naive_utc_time(time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The not valid after date must be on or after'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (self._not_valid_before is not None and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time < self._not_valid_before):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'The not valid after date must be after the not valid before '
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'date.'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key, self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Adds an X.509 extension to the certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._subject_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._public_key, self._serial_number, self._not_valid_before,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._not_valid_after, self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, private_key, algorithm, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Signs the certificate using the CA's private key.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._subject_name is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A certificate must have a subject name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._issuer_name is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A certificate must have an issuer name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._serial_number is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A certificate must have a serial number")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._not_valid_before is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A certificate must have a not valid before time")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._not_valid_after is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A certificate must have a not valid after time")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._public_key is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A certificate must have a public key")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_x509_certificate(self, private_key, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificateRevocationListBuilder(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, issuer_name=None, last_update=None, next_update=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=[], revoked_certificates=[]):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name = issuer_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._last_update = last_update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._next_update = next_update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._revoked_certificates = revoked_certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_name(self, issuer_name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(issuer_name, Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting x509.Name object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._issuer_name is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The issuer name may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- issuer_name, self._last_update, self._next_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions, self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def last_update(self, last_update):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(last_update, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._last_update is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Last update may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- last_update = _convert_to_naive_utc_time(last_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if last_update < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The last update date must be on or after'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._next_update is not None and last_update > self._next_update:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'The last update date must be before the next update date.'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, last_update, self._next_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions, self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def next_update(self, next_update):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(next_update, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._next_update is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('Last update may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update = _convert_to_naive_utc_time(next_update)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if next_update < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The last update date must be on or after'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._last_update is not None and next_update < self._last_update:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'The next update date must be after the last update date.'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._last_update, next_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions, self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Adds an X.509 extension to the certificate revocation list.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._last_update, self._next_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions + [extension], self._revoked_certificates
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_revoked_certificate(self, revoked_certificate):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Adds a revoked certificate to the CRL.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(revoked_certificate, RevokedCertificate):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Must be an instance of RevokedCertificate")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return CertificateRevocationListBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer_name, self._last_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._next_update, self._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._revoked_certificates + [revoked_certificate]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, private_key, algorithm, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._issuer_name is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A CRL must have an issuer name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._last_update is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A CRL must have a last update time")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._next_update is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A CRL must have a next update time")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_x509_crl(self, private_key, algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RevokedCertificateBuilder(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, serial_number=None, revocation_date=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=[]):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number = serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._revocation_date = revocation_date
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self, number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Serial number must be of integral type.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._serial_number is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The serial number may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if number <= 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The serial number should be positive')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # ASN.1 integers are always signed, so most significant bit must be
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # zero.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if number.bit_length() >= 160: # As defined in RFC 5280
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The serial number should not be more than 159 '
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'bits.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return RevokedCertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- number, self._revocation_date, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_date(self, time):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError('Expecting datetime object.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._revocation_date is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The revocation date may only be set once.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- time = _convert_to_naive_utc_time(time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The revocation date must be on or after'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return RevokedCertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number, time, self._extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(extension, ExtensionType):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension = Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return RevokedCertificateBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._serial_number, self._revocation_date,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def build(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._serial_number is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("A revoked certificate must have a serial number")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._revocation_date is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "A revoked certificate must have a revocation date"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_x509_revoked_certificate(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def random_serial_number():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return utils.int_from_bytes(os.urandom(20), "big") >> 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/certificate_transparency.py lib_pypy/_cffi_ssl/cryptography/x509/certificate_transparency.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/certificate_transparency.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,46 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class LogEntryType(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- X509_CERTIFICATE = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PRE_CERTIFICATE = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Version(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- v1 = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SignedCertificateTimestamp(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def version(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the SCT version.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def log_id(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns an identifier indicating which log this SCT is for.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def timestamp(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the timestamp for this SCT.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def entry_type(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns whether this is an SCT for a certificate or pre-certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/extensions.py lib_pypy/_cffi_ssl/cryptography/x509/extensions.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/extensions.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,1654 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import datetime
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import hashlib
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import ipaddress
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from asn1crypto.keys import PublicKeyInfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import constant_time, serialization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.ec import EllipticCurvePublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicKey
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.certificate_transparency import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignedCertificateTimestamp
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.general_name import GeneralName, IPAddress, OtherName
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.name import RelativeDistinguishedName
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.oid import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID, ExtensionOID, OCSPExtensionOID, ObjectIdentifier,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _key_identifier_from_public_key(public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(public_key, RSAPublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = public_key.public_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.Encoding.DER,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.PKCS1,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif isinstance(public_key, EllipticCurvePublicKey):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = public_key.public_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.Encoding.X962,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.UncompressedPoint
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is a very slow way to do this.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialized = public_key.public_bytes(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.Encoding.DER,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- serialization.PublicFormat.SubjectPublicKeyInfo
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data = bytes(PublicKeyInfo.load(serialized)['public_key'])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hashlib.sha1(data).digest()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DuplicateExtension(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, msg, oid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- super(DuplicateExtension, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.oid = oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ExtensionNotFound(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, msg, oid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- super(ExtensionNotFound, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.oid = oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ExtensionType(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns the oid associated with the given extension type.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Extensions(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, extensions):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_extension_for_oid(self, oid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for ext in self:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ext.oid == oid:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ExtensionNotFound("No {} extension was found".format(oid), oid)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_extension_for_class(self, extclass):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if extclass is UnrecognizedExtension:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UnrecognizedExtension can't be used with "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "get_extension_for_class because more than one instance of the"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " class may be present."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for ext in self:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(ext.value, extclass):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ext
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ExtensionNotFound(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "No {} extension was found".format(extclass), extclass.oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._extensions[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<Extensions({})>".format(self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CRLNumber(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.CRL_NUMBER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, crl_number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(crl_number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("crl_number must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._crl_number = crl_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, CRLNumber):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.crl_number == other.crl_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.crl_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<CRLNumber({})>".format(self.crl_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_number = utils.read_only_property("_crl_number")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AuthorityKeyIdentifier(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.AUTHORITY_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, key_identifier, authority_cert_issuer,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (authority_cert_issuer is None) != (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number is None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "authority_cert_issuer and authority_cert_serial_number "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "must both be present or both None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if authority_cert_issuer is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_issuer = list(authority_cert_issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, GeneralName) for x in authority_cert_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "authority_cert_issuer must be a list of GeneralName "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "objects"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if authority_cert_serial_number is not None and not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number, six.integer_types
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "authority_cert_serial_number must be an integer"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_identifier = key_identifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._authority_cert_issuer = authority_cert_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._authority_cert_serial_number = authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_issuer_public_key(cls, public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = _key_identifier_from_public_key(public_key)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cls(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_identifier=digest,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_issuer=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number=None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_issuer_subject_key_identifier(cls, ski):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(ski, SubjectKeyIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = ski.digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = ski.value.digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Extension objects are deprecated as arguments to "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "from_issuer_subject_key_identifier and support will be "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "removed soon. Please migrate to passing a "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "SubjectKeyIdentifier directly.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.DeprecatedIn27,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cls(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_identifier=digest,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_issuer=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number=None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<AuthorityKeyIdentifier(key_identifier={0.key_identifier!r}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "authority_cert_issuer={0.authority_cert_issuer}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "authority_cert_serial_number={0.authority_cert_serial_number}"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ")>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, AuthorityKeyIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_identifier == other.key_identifier and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.authority_cert_issuer == other.authority_cert_issuer and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.authority_cert_serial_number ==
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other.authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.authority_cert_issuer is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aci = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aci = tuple(self.authority_cert_issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_identifier, aci, self.authority_cert_serial_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_identifier = utils.read_only_property("_key_identifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_issuer = utils.read_only_property("_authority_cert_issuer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- authority_cert_serial_number = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_authority_cert_serial_number"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SubjectKeyIdentifier(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.SUBJECT_KEY_IDENTIFIER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, digest):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digest = digest
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def from_public_key(cls, public_key):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return cls(_key_identifier_from_public_key(public_key))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digest = utils.read_only_property("_digest")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<SubjectKeyIdentifier(digest={0!r})>".format(self.digest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, SubjectKeyIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return constant_time.bytes_eq(self.digest, other.digest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.digest)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AuthorityInformationAccess(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.AUTHORITY_INFORMATION_ACCESS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, descriptions):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- descriptions = list(descriptions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, AccessDescription) for x in descriptions):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Every item in the descriptions list must be an "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "AccessDescription"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._descriptions = descriptions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._descriptions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._descriptions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<AuthorityInformationAccess({})>".format(self._descriptions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, AuthorityInformationAccess):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._descriptions == other._descriptions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._descriptions[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._descriptions))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AccessDescription(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, access_method, access_location):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(access_method, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("access_method must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(access_location, GeneralName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("access_location must be a GeneralName")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._access_method = access_method
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._access_location = access_location
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<AccessDescription(access_method={0.access_method}, access_locati"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "on={0.access_location})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, AccessDescription):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.access_method == other.access_method and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.access_location == other.access_location
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.access_method, self.access_location))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- access_method = utils.read_only_property("_access_method")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- access_location = utils.read_only_property("_access_location")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class BasicConstraints(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.BASIC_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, ca, path_length):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(ca, bool):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("ca must be a boolean value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if path_length is not None and not ca:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("path_length must be None when ca is False")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- path_length is not None and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (not isinstance(path_length, six.integer_types) or path_length < 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "path_length must be a non-negative integer or None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._ca = ca
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._path_length = path_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ca = utils.read_only_property("_ca")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- path_length = utils.read_only_property("_path_length")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ("<BasicConstraints(ca={0.ca}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "path_length={0.path_length})>").format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, BasicConstraints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.ca == other.ca and self.path_length == other.path_length
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.ca, self.path_length))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DeltaCRLIndicator(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.DELTA_CRL_INDICATOR
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, crl_number):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(crl_number, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("crl_number must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._crl_number = crl_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_number = utils.read_only_property("_crl_number")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DeltaCRLIndicator):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.crl_number == other.crl_number
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.crl_number)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<DeltaCRLIndicator(crl_number={0.crl_number})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CRLDistributionPoints(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.CRL_DISTRIBUTION_POINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, distribution_points):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- distribution_points = list(distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, DistributionPoint) for x in distribution_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "distribution_points must be a list of DistributionPoint "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "objects"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._distribution_points = distribution_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<CRLDistributionPoints({})>".format(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, CRLDistributionPoints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._distribution_points == other._distribution_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._distribution_points[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._distribution_points))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class FreshestCRL(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.FRESHEST_CRL
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, distribution_points):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- distribution_points = list(distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, DistributionPoint) for x in distribution_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "distribution_points must be a list of DistributionPoint "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "objects"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._distribution_points = distribution_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<FreshestCRL({})>".format(self._distribution_points)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, FreshestCRL):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._distribution_points == other._distribution_points
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._distribution_points[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._distribution_points))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DistributionPoint(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, full_name, relative_name, reasons, crl_issuer):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if full_name and relative_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "You cannot provide both full_name and relative_name, at "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "least one must be None."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if full_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name = list(full_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, GeneralName) for x in full_name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "full_name must be a list of GeneralName objects"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if relative_name:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(relative_name, RelativeDistinguishedName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "relative_name must be a RelativeDistinguishedName"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if crl_issuer:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_issuer = list(crl_issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, GeneralName) for x in crl_issuer):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "crl_issuer must be None or a list of general names"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if reasons and (not isinstance(reasons, frozenset) or not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, ReasonFlags) for x in reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("reasons must be None or frozenset of ReasonFlags")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if reasons and (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ReasonFlags.unspecified in reasons or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ReasonFlags.remove_from_crl in reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "unspecified and remove_from_crl are not valid reasons in a "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DistributionPoint"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if reasons and not crl_issuer and not (full_name or relative_name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "You must supply crl_issuer, full_name, or relative_name when "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "reasons is not None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._full_name = full_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._relative_name = relative_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._reasons = reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._crl_issuer = crl_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<DistributionPoint(full_name={0.full_name}, relative_name={0.rela"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "tive_name}, reasons={0.reasons}, crl_issuer={0.crl_issuer})>"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- .format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DistributionPoint):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.full_name == other.full_name and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.relative_name == other.relative_name and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.reasons == other.reasons and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.crl_issuer == other.crl_issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.full_name is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fn = tuple(self.full_name)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fn = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.crl_issuer is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_issuer = tuple(self.crl_issuer)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_issuer = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((fn, self.relative_name, self.reasons, crl_issuer))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name = utils.read_only_property("_full_name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- relative_name = utils.read_only_property("_relative_name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reasons = utils.read_only_property("_reasons")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_issuer = utils.read_only_property("_crl_issuer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ReasonFlags(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- unspecified = "unspecified"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_compromise = "keyCompromise"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ca_compromise = "cACompromise"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- affiliation_changed = "affiliationChanged"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- superseded = "superseded"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cessation_of_operation = "cessationOfOperation"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certificate_hold = "certificateHold"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- privilege_withdrawn = "privilegeWithdrawn"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- aa_compromise = "aACompromise"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- remove_from_crl = "removeFromCRL"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PolicyConstraints(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.POLICY_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, require_explicit_policy, inhibit_policy_mapping):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if require_explicit_policy is not None and not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- require_explicit_policy, six.integer_types
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "require_explicit_policy must be a non-negative integer or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if inhibit_policy_mapping is not None and not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- inhibit_policy_mapping, six.integer_types
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "inhibit_policy_mapping must be a non-negative integer or None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if inhibit_policy_mapping is None and require_explicit_policy is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "At least one of require_explicit_policy and "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "inhibit_policy_mapping must not be None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._require_explicit_policy = require_explicit_policy
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._inhibit_policy_mapping = inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- u"<PolicyConstraints(require_explicit_policy={0.require_explicit"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- u"_policy}, inhibit_policy_mapping={0.inhibit_policy_"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- u"mapping})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, PolicyConstraints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.require_explicit_policy == other.require_explicit_policy and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.inhibit_policy_mapping == other.inhibit_policy_mapping
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (self.require_explicit_policy, self.inhibit_policy_mapping)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- require_explicit_policy = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_require_explicit_policy"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- inhibit_policy_mapping = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_inhibit_policy_mapping"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificatePolicies(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.CERTIFICATE_POLICIES
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, policies):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- policies = list(policies)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, PolicyInformation) for x in policies):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Every item in the policies list must be a "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "PolicyInformation"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._policies = policies
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._policies)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._policies)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<CertificatePolicies({})>".format(self._policies)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, CertificatePolicies):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._policies == other._policies
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._policies[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._policies))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PolicyInformation(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, policy_identifier, policy_qualifiers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(policy_identifier, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("policy_identifier must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._policy_identifier = policy_identifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if policy_qualifiers:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- policy_qualifiers = list(policy_qualifiers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, (six.text_type, UserNotice))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for x in policy_qualifiers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "policy_qualifiers must be a list of strings and/or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "UserNotice objects or None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._policy_qualifiers = policy_qualifiers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<PolicyInformation(policy_identifier={0.policy_identifier}, polic"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "y_qualifiers={0.policy_qualifiers})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, PolicyInformation):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.policy_identifier == other.policy_identifier and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.policy_qualifiers == other.policy_qualifiers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.policy_qualifiers is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pq = tuple(self.policy_qualifiers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pq = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.policy_identifier, pq))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- policy_identifier = utils.read_only_property("_policy_identifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- policy_qualifiers = utils.read_only_property("_policy_qualifiers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class UserNotice(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, notice_reference, explicit_text):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if notice_reference and not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_reference, NoticeReference
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "notice_reference must be None or a NoticeReference"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._notice_reference = notice_reference
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._explicit_text = explicit_text
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<UserNotice(notice_reference={0.notice_reference}, explicit_text="
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{0.explicit_text!r})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, UserNotice):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.notice_reference == other.notice_reference and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.explicit_text == other.explicit_text
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.notice_reference, self.explicit_text))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_reference = utils.read_only_property("_notice_reference")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- explicit_text = utils.read_only_property("_explicit_text")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class NoticeReference(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, organization, notice_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._organization = organization
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_numbers = list(notice_numbers)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, int) for x in notice_numbers):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "notice_numbers must be a list of integers"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._notice_numbers = notice_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<NoticeReference(organization={0.organization!r}, notice_numbers="
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{0.notice_numbers})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, NoticeReference):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.organization == other.organization and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.notice_numbers == other.notice_numbers
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.organization, tuple(self.notice_numbers)))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- organization = utils.read_only_property("_organization")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- notice_numbers = utils.read_only_property("_notice_numbers")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ExtendedKeyUsage(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.EXTENDED_KEY_USAGE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, usages):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- usages = list(usages)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, ObjectIdentifier) for x in usages):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Every item in the usages list must be an ObjectIdentifier"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._usages = usages
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._usages)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._usages)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<ExtendedKeyUsage({})>".format(self._usages)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, ExtendedKeyUsage):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._usages == other._usages
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._usages))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPNoCheck(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.OCSP_NO_CHECK
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, OCSPNoCheck):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(OCSPNoCheck)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<OCSPNoCheck()>"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PrecertPoison(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.PRECERT_POISON
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, PrecertPoison):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return True
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(PrecertPoison)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<PrecertPoison()>"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class TLSFeature(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.TLS_FEATURE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, features):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- features = list(features)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not all(isinstance(x, TLSFeatureType) for x in features) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len(features) == 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "features must be a list of elements from the TLSFeatureType "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "enum"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._features = features
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._features)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._features)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<TLSFeature(features={0._features})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, TLSFeature):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._features == other._features
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._features[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._features))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class TLSFeatureType(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # status_request is defined in RFC 6066 and is used for what is commonly
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # called OCSP Must-Staple when present in the TLS Feature extension in an
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # X.509 certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- status_request = 5
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # status_request_v2 is defined in RFC 6961 and allows multiple OCSP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # responses to be provided. It is not currently in use by clients or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # servers.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- status_request_v2 = 17
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_TLS_FEATURE_TYPE_TO_ENUM = dict((x.value, x) for x in TLSFeatureType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InhibitAnyPolicy(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.INHIBIT_ANY_POLICY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, skip_certs):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(skip_certs, six.integer_types):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("skip_certs must be an integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if skip_certs < 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("skip_certs must be a non-negative integer")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._skip_certs = skip_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<InhibitAnyPolicy(skip_certs={0.skip_certs})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, InhibitAnyPolicy):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.skip_certs == other.skip_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.skip_certs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- skip_certs = utils.read_only_property("_skip_certs")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class KeyUsage(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.KEY_USAGE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, digital_signature, content_commitment, key_encipherment,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_encipherment, key_agreement, key_cert_sign, crl_sign,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encipher_only, decipher_only):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not key_agreement and (encipher_only or decipher_only):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "encipher_only and decipher_only can only be true when "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "key_agreement is true"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._digital_signature = digital_signature
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._content_commitment = content_commitment
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_encipherment = key_encipherment
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._data_encipherment = data_encipherment
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_agreement = key_agreement
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._key_cert_sign = key_cert_sign
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._crl_sign = crl_sign
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._encipher_only = encipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._decipher_only = decipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- digital_signature = utils.read_only_property("_digital_signature")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- content_commitment = utils.read_only_property("_content_commitment")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_encipherment = utils.read_only_property("_key_encipherment")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- data_encipherment = utils.read_only_property("_data_encipherment")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_agreement = utils.read_only_property("_key_agreement")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key_cert_sign = utils.read_only_property("_key_cert_sign")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_sign = utils.read_only_property("_crl_sign")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def encipher_only(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not self.key_agreement:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "encipher_only is undefined unless key_agreement is true"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._encipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def decipher_only(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not self.key_agreement:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "decipher_only is undefined unless key_agreement is true"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._decipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encipher_only = self.encipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decipher_only = self.decipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except ValueError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- encipher_only = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- decipher_only = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ("<KeyUsage(digital_signature={0.digital_signature}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "content_commitment={0.content_commitment}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "key_encipherment={0.key_encipherment}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "data_encipherment={0.data_encipherment}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "key_agreement={0.key_agreement}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "key_cert_sign={0.key_cert_sign}, crl_sign={0.crl_sign}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "encipher_only={1}, decipher_only={2})>").format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self, encipher_only, decipher_only)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, KeyUsage):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.digital_signature == other.digital_signature and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.content_commitment == other.content_commitment and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_encipherment == other.key_encipherment and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.data_encipherment == other.data_encipherment and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_agreement == other.key_agreement and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_cert_sign == other.key_cert_sign and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.crl_sign == other.crl_sign and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._encipher_only == other._encipher_only and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._decipher_only == other._decipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.digital_signature, self.content_commitment,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_encipherment, self.data_encipherment,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.key_agreement, self.key_cert_sign,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.crl_sign, self._encipher_only,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._decipher_only
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class NameConstraints(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.NAME_CONSTRAINTS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, permitted_subtrees, excluded_subtrees):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if permitted_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- permitted_subtrees = list(permitted_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, GeneralName) for x in permitted_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "permitted_subtrees must be a list of GeneralName objects "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "or None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._validate_ip_name(permitted_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if excluded_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- excluded_subtrees = list(excluded_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, GeneralName) for x in excluded_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "excluded_subtrees must be a list of GeneralName objects "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "or None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._validate_ip_name(excluded_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if permitted_subtrees is None and excluded_subtrees is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "At least one of permitted_subtrees and excluded_subtrees "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "must not be None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._permitted_subtrees = permitted_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._excluded_subtrees = excluded_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, NameConstraints):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.excluded_subtrees == other.excluded_subtrees and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.permitted_subtrees == other.permitted_subtrees
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _validate_ip_name(self, tree):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if any(isinstance(name, IPAddress) and not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name.value, (ipaddress.IPv4Network, ipaddress.IPv6Network)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ) for name in tree):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "IPAddress name constraints must be an IPv4Network or"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " IPv6Network object"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- u"<NameConstraints(permitted_subtrees={0.permitted_subtrees}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- u"excluded_subtrees={0.excluded_subtrees})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.permitted_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ps = tuple(self.permitted_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ps = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self.excluded_subtrees is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- es = tuple(self.excluded_subtrees)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- es = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((ps, es))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- permitted_subtrees = utils.read_only_property("_permitted_subtrees")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- excluded_subtrees = utils.read_only_property("_excluded_subtrees")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Extension(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, oid, critical, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(oid, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "oid argument must be an ObjectIdentifier instance."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(critical, bool):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("critical must be a boolean value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._oid = oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._critical = critical
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = utils.read_only_property("_oid")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- critical = utils.read_only_property("_critical")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ("<Extension(oid={0.oid}, critical={0.critical}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "value={0.value})>").format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, Extension):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.oid == other.oid and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.critical == other.critical and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.oid, self.critical, self.value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class GeneralNames(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- general_names = list(general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, GeneralName) for x in general_names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Every item in the general_names list must be an "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "object conforming to the GeneralName interface"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._general_names = general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Return the value of each GeneralName, except for OtherName instances
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # which we return directly because it has two important properties not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # just one value.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- objs = (i for i in self if isinstance(i, type))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if type != OtherName:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- objs = (i.value for i in objs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return list(objs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<GeneralNames({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, GeneralNames):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._general_names))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SubjectAlternativeName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.SUBJECT_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._general_names = GeneralNames(general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names.get_values_for_type(type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<SubjectAlternativeName({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, SubjectAlternativeName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class IssuerAlternativeName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.ISSUER_ALTERNATIVE_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._general_names = GeneralNames(general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names.get_values_for_type(type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<IssuerAlternativeName({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, IssuerAlternativeName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificateIssuer(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = CRLEntryExtensionOID.CERTIFICATE_ISSUER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, general_names):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._general_names = GeneralNames(general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_values_for_type(self, type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names.get_values_for_type(type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<CertificateIssuer({})>".format(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, CertificateIssuer):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names == other._general_names
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._general_names[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self._general_names)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CRLReason(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = CRLEntryExtensionOID.CRL_REASON
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, reason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(reason, ReasonFlags):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("reason must be an element from ReasonFlags")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._reason = reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<CRLReason(reason={})>".format(self._reason)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, CRLReason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.reason == other.reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.reason)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- reason = utils.read_only_property("_reason")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class InvalidityDate(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = CRLEntryExtensionOID.INVALIDITY_DATE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, invalidity_date):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(invalidity_date, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("invalidity_date must be a datetime.datetime")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._invalidity_date = invalidity_date
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<InvalidityDate(invalidity_date={})>".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._invalidity_date
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, InvalidityDate):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.invalidity_date == other.invalidity_date
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.invalidity_date)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- invalidity_date = utils.read_only_property("_invalidity_date")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class PrecertificateSignedCertificateTimestamps(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, signed_certificate_timestamps):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- signed_certificate_timestamps = list(signed_certificate_timestamps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(sct, SignedCertificateTimestamp)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for sct in signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Every item in the signed_certificate_timestamps list must be "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "a SignedCertificateTimestamp"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signed_certificate_timestamps = signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._signed_certificate_timestamps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._signed_certificate_timestamps)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __getitem__(self, idx):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._signed_certificate_timestamps[idx]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<PrecertificateSignedCertificateTimestamps({})>".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- list(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._signed_certificate_timestamps))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, PrecertificateSignedCertificateTimestamps):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._signed_certificate_timestamps ==
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other._signed_certificate_timestamps
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPNonce(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = OCSPExtensionOID.NONCE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, nonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(nonce, bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("nonce must be bytes")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._nonce = nonce
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, OCSPNonce):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.nonce == other.nonce
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.nonce)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<OCSPNonce(nonce={0.nonce!r})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- nonce = utils.read_only_property("_nonce")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class IssuingDistributionPoint(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = ExtensionOID.ISSUING_DISTRIBUTION_POINT
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, full_name, relative_name, only_contains_user_certs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_ca_certs, only_some_reasons, indirect_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_attribute_certs):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_some_reasons and (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(only_some_reasons, frozenset) or not all(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(x, ReasonFlags) for x in only_some_reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_some_reasons must be None or frozenset of ReasonFlags"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if only_some_reasons and (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ReasonFlags.unspecified in only_some_reasons or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ReasonFlags.remove_from_crl in only_some_reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "unspecified and remove_from_crl are not valid reasons in an "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "IssuingDistributionPoint"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(only_contains_user_certs, bool) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(only_contains_ca_certs, bool) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(indirect_crl, bool) and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- isinstance(only_contains_attribute_certs, bool)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_contains_user_certs, only_contains_ca_certs, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "indirect_crl and only_contains_attribute_certs "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "must all be boolean."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- crl_constraints = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_user_certs, only_contains_ca_certs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- indirect_crl, only_contains_attribute_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len([x for x in crl_constraints if x]) > 1:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Only one of the following can be set to True: "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_contains_user_certs, only_contains_ca_certs, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "indirect_crl, only_contains_attribute_certs"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not any([
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_user_certs, only_contains_ca_certs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- indirect_crl, only_contains_attribute_certs, full_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- relative_name, only_some_reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Cannot create empty extension: "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "if only_contains_user_certs, only_contains_ca_certs, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "indirect_crl, and only_contains_attribute_certs are all False"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ", then either full_name, relative_name, or only_some_reasons "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "must have a value."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._only_contains_user_certs = only_contains_user_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._only_contains_ca_certs = only_contains_ca_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._indirect_crl = indirect_crl
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._only_contains_attribute_certs = only_contains_attribute_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._only_some_reasons = only_some_reasons
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._full_name = full_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._relative_name = relative_name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<IssuingDistributionPoint(full_name={0.full_name}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "relative_name={0.relative_name}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_contains_user_certs={0.only_contains_user_certs}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_contains_ca_certs={0.only_contains_ca_certs}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_some_reasons={0.only_some_reasons}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "indirect_crl={0.indirect_crl}, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "only_contains_attribute_certs="
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "{0.only_contains_attribute_certs})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, IssuingDistributionPoint):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.full_name == other.full_name and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.relative_name == other.relative_name and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_contains_user_certs == other.only_contains_user_certs and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_contains_ca_certs == other.only_contains_ca_certs and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_some_reasons == other.only_some_reasons and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.indirect_crl == other.indirect_crl and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_contains_attribute_certs ==
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- other.only_contains_attribute_certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.full_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.relative_name,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_contains_user_certs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_contains_ca_certs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_some_reasons,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.indirect_crl,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.only_contains_attribute_certs,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- full_name = utils.read_only_property("_full_name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- relative_name = utils.read_only_property("_relative_name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_user_certs = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_only_contains_user_certs"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_ca_certs = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_only_contains_ca_certs"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_some_reasons = utils.read_only_property("_only_some_reasons")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- indirect_crl = utils.read_only_property("_indirect_crl")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- only_contains_attribute_certs = utils.read_only_property(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "_only_contains_attribute_certs"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(ExtensionType)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class UnrecognizedExtension(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, oid, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(oid, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("oid must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._oid = oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = utils.read_only_property("_oid")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "<UnrecognizedExtension(oid={0.oid}, value={0.value!r})>".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, UnrecognizedExtension):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.oid == other.oid and self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.oid, self.value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/general_name.py lib_pypy/_cffi_ssl/cryptography/x509/general_name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/general_name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,360 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import ipaddress
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import warnings
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from email.utils import parseaddr
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from six.moves import urllib_parse
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.name import Name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.oid import ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_GENERAL_NAMES = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 0: "otherName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 1: "rfc822Name",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 2: "dNSName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 3: "x400Address",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 4: "directoryName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 5: "ediPartyName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 6: "uniformResourceIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 7: "iPAddress",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 8: "registeredID",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _lazy_import_idna():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Import idna lazily becase it allocates a decent amount of memory, and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # we're only using it in deprecated paths.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- import idna
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return idna
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except ImportError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ImportError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "idna is not installed, but a deprecated feature that requires it"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " was used. See: https://cryptography.io/en/latest/faq/#importe"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "rror-idna-is-not-installed"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class UnsupportedGeneralNameType(Exception):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, msg, type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- super(UnsupportedGeneralNameType, self).__init__(msg)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.type = type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class GeneralName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def value(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Return the value of the object
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RFC822Name(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value.encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = self._idna_encode(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "RFC822Name values should be passed as an A-label string. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "This means unicode characters should be encoded via "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "idna. Support for passing unicode strings (aka U-label) "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "will be removed in a future version.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("value must be string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name, address = parseaddr(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if name or not address:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # parseaddr has found a name (e.g. Name <email>) or the entire
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # value is an empty string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Invalid rfc822name value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _init_without_validation(cls, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- instance = cls.__new__(cls)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- instance._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return instance
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _idna_encode(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idna = _lazy_import_idna()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _, address = parseaddr(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parts = address.split(u"@")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return parts[0] + "@" + idna.encode(parts[1]).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<RFC822Name(value={0!r})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, RFC822Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _idna_encode(value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idna = _lazy_import_idna()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Retain prefixes '*.' for common/alt names and '.' for name constraints
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for prefix in ['*.', '.']:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if value.startswith(prefix):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = value[len(prefix):]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return prefix + idna.encode(value).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return idna.encode(value).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DNSName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value.encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = _idna_encode(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "DNSName values should be passed as an A-label string. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "This means unicode characters should be encoded via "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "idna. Support for passing unicode strings (aka U-label) "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "will be removed in a future version.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("value must be string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _init_without_validation(cls, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- instance = cls.__new__(cls)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- instance._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return instance
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<DNSName(value={0!r})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DNSName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class UniformResourceIdentifier(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value.encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- except UnicodeEncodeError:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = self._idna_encode(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- warnings.warn(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "URI values should be passed as an A-label string. "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "This means unicode characters should be encoded via "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "idna. Support for passing unicode strings (aka U-label) "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " will be removed in a future version.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- utils.PersistentlyDeprecated2017,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- stacklevel=2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("value must be string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _init_without_validation(cls, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- instance = cls.__new__(cls)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- instance._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return instance
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def _idna_encode(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idna = _lazy_import_idna()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed = urllib_parse.urlparse(value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if parsed.port:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- netloc = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- idna.encode(parsed.hostname) +
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ":{}".format(parsed.port).encode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- netloc = idna.encode(parsed.hostname).decode("ascii")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Note that building a URL in this fashion means it should be
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # semantically indistinguishable from the original but is not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # guaranteed to be exactly the same.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return urllib_parse.urlunparse((
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed.scheme,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- netloc,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed.path,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed.params,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed.query,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- parsed.fragment
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<UniformResourceIdentifier(value={0!r})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, UniformResourceIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class DirectoryName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(value, Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("value must be a Name")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<DirectoryName(value={})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, DirectoryName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RegisteredID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(value, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("value must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<RegisteredID(value={})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, RegisteredID):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class IPAddress(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ipaddress.IPv4Address,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ipaddress.IPv6Address,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ipaddress.IPv4Network,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ipaddress.IPv6Network
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "value must be an instance of ipaddress.IPv4Address, "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ipaddress.IPv6Address, ipaddress.IPv4Network, or "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "ipaddress.IPv6Network"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<IPAddress(value={})>".format(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, IPAddress):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@utils.register_interface(GeneralName)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OtherName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, type_id, value):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(type_id, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("type_id must be an ObjectIdentifier")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(value, bytes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("value must be a binary string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._type_id = type_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- type_id = utils.read_only_property("_type_id")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<OtherName(type_id={}, value={!r})>".format(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.type_id, self.value)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, OtherName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self.type_id == other.type_id and self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.type_id, self.value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/name.py lib_pypy/_cffi_ssl/cryptography/x509/name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/name.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,259 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import utils
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.oid import NameOID, ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _ASN1Type(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UTF8String = 12
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NumericString = 18
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PrintableString = 19
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- T61String = 20
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- IA5String = 22
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UTCTime = 23
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GeneralizedTime = 24
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- VisibleString = 26
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UniversalString = 28
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BMPString = 30
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ASN1_TYPE_TO_ENUM = dict((i.value, i) for i in _ASN1Type)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_SENTINEL = object()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_NAMEOID_DEFAULT_TYPE = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.COUNTRY_NAME: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.JURISDICTION_COUNTRY_NAME: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.SERIAL_NUMBER: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.DN_QUALIFIER: _ASN1Type.PrintableString,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.EMAIL_ADDRESS: _ASN1Type.IA5String,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.DOMAIN_COMPONENT: _ASN1Type.IA5String,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#: Short attribute names from RFC 4514:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#: https://tools.ietf.org/html/rfc4514#page-7
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_NAMEOID_TO_NAME = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.COMMON_NAME: 'CN',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.LOCALITY_NAME: 'L',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.STATE_OR_PROVINCE_NAME: 'ST',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.ORGANIZATION_NAME: 'O',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.ORGANIZATIONAL_UNIT_NAME: 'OU',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.COUNTRY_NAME: 'C',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.STREET_ADDRESS: 'STREET',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.DOMAIN_COMPONENT: 'DC',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.USER_ID: 'UID',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _escape_dn_value(val):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """Escape special characters in RFC4514 Distinguished Name value."""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # See https://tools.ietf.org/html/rfc4514#section-2.4
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace('\\', '\\\\')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace('"', '\\"')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace('+', '\\+')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace(',', '\\,')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace(';', '\\;')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace('<', '\\<')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace('>', '\\>')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val.replace('\0', '\\00')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if val[0] in ('#', ' '):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = '\\' + val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if val[-1] == ' ':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- val = val[:-1] + '\\ '
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return val
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class NameAttribute(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, oid, value, _type=_SENTINEL):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(oid, ObjectIdentifier):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "oid argument must be an ObjectIdentifier instance."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(value, six.text_type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "value argument must be a text type."
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid == NameOID.COUNTRY_NAME or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid == NameOID.JURISDICTION_COUNTRY_NAME
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(value.encode("utf8")) != 2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Country name must be a 2 character country code"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(value) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Value cannot be an empty string")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # The appropriate ASN1 string type varies by OID and is defined across
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # multiple RFCs including 2459, 3280, and 5280. In general UTF8String
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # is preferred (2459), but 3280 and 5280 specify several OIDs with
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # alternate types. This means when we see the sentinel value we need
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # to look up whether the OID has a non-UTF8 type. If it does, set it
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # to that. Otherwise, UTF8!
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if _type == _SENTINEL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _type = _NAMEOID_DEFAULT_TYPE.get(oid, _ASN1Type.UTF8String)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(_type, _ASN1Type):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("_type must be from the _ASN1Type enum")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._oid = oid
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._value = value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._type = _type
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- oid = utils.read_only_property("_oid")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- value = utils.read_only_property("_value")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rfc4514_string(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Format as RFC4514 Distinguished Name string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Use short attribute name if available, otherwise fall back to OID
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dotted string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- key = _NAMEOID_TO_NAME.get(self.oid, self.oid.dotted_string)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return '%s=%s' % (key, _escape_dn_value(self.value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, NameAttribute):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.oid == other.oid and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self.value == other.value
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash((self.oid, self.value))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<NameAttribute(oid={0.oid}, value={0.value!r})>".format(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class RelativeDistinguishedName(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes = list(attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not attributes:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("a relative distinguished name cannot be empty")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, NameAttribute) for x in attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("attributes must be an iterable of NameAttribute")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Keep list and frozenset to preserve attribute order where it matters
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._attributes = attributes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._attribute_set = frozenset(attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(self._attribute_set) != len(attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("duplicate attributes are not allowed")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_attributes_for_oid(self, oid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [i for i in self if i.oid == oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rfc4514_string(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Format as RFC4514 Distinguished Name string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Within each RDN, attributes are joined by '+', although that is rarely
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- used in certificates.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return '+'.join(attr.rfc4514_string() for attr in self._attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, RelativeDistinguishedName):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._attribute_set == other._attribute_set
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(self._attribute_set)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return iter(self._attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return len(self._attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<RelativeDistinguishedName({})>".format(self.rfc4514_string())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class Name(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- attributes = list(attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if all(isinstance(x, NameAttribute) for x in attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._attributes = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RelativeDistinguishedName([x]) for x in attributes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elif all(isinstance(x, RelativeDistinguishedName) for x in attributes):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._attributes = attributes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "attributes must be a list of NameAttribute"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " or a list RelativeDistinguishedName"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rfc4514_string(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Format as RFC4514 Distinguished Name string.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- For example 'CN=foobar.com,O=Foo Corp,C=US'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- An X.509 name is a two-level structure: a list of sets of attributes.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Each list element is separated by ',' and within each list element, set
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- elements are separated by '+'. The latter is almost never used in
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- real world certificates.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ','.join(attr.rfc4514_string() for attr in self._attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def get_attributes_for_oid(self, oid):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return [i for i in self if i.oid == oid]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @property
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def rdns(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._attributes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, backend):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.x509_name_bytes(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __eq__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(other, Name):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return NotImplemented
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return self._attributes == other._attributes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __ne__(self, other):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return not self == other
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __hash__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # TODO: this is relatively expensive, if this looks like a bottleneck
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # for you, consider optimizing!
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hash(tuple(self._attributes))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __iter__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for rdn in self._attributes:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for ava in rdn:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- yield ava
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __len__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return sum(len(rdn) for rdn in self._attributes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __repr__(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if six.PY2:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<Name({})>".format(self.rfc4514_string().encode('utf8'))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<Name({})>".format(self.rfc4514_string())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/ocsp.py lib_pypy/_cffi_ssl/cryptography/x509/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/ocsp.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,422 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import abc
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import datetime
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from enum import Enum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import six
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography import x509
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.x509.base import (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _EARLIEST_UTC_TIME, _convert_to_naive_utc_time, _reject_duplicate_extension
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OIDS_TO_HASH = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "1.3.14.3.2.26": hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "2.16.840.1.101.3.4.2.4": hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "2.16.840.1.101.3.4.2.1": hashes.SHA256(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "2.16.840.1.101.3.4.2.2": hashes.SHA384(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "2.16.840.1.101.3.4.2.3": hashes.SHA512(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPResponderEncoding(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- HASH = "By Hash"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NAME = "By Name"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPResponseStatus(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SUCCESSFUL = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- MALFORMED_REQUEST = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- INTERNAL_ERROR = 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TRY_LATER = 3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SIG_REQUIRED = 5
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNAUTHORIZED = 6
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_RESPONSE_STATUS_TO_ENUM = dict((x.value, x) for x in OCSPResponseStatus)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_ALLOWED_HASHES = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA1, hashes.SHA224, hashes.SHA256,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hashes.SHA384, hashes.SHA512
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def _verify_algorithm(algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, _ALLOWED_HASHES):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPCertStatus(Enum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GOOD = 0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- REVOKED = 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- UNKNOWN = 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_CERT_STATUS_TO_ENUM = dict((x.value, x) for x in OCSPCertStatus)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_ocsp_request(data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_ocsp_request(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def load_der_ocsp_response(data):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.load_der_ocsp_response(data)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPRequestBuilder(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, request=None, extensions=[]):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._request = request
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_certificate(self, cert, issuer, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._request is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Only one certificate can be added to a request")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _verify_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(cert, x509.Certificate) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(issuer, x509.Certificate)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("cert and issuer must be a Certificate")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return OCSPRequestBuilder((cert, issuer, algorithm), self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(extension, x509.ExtensionType):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension = x509.Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return OCSPRequestBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._request, self._extensions + [extension]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def build(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._request is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("You must add a certificate before building")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_ocsp_request(self)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class _SingleResponse(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, cert, issuer, algorithm, cert_status, this_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update, revocation_time, revocation_reason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(cert, x509.Certificate) or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(issuer, x509.Certificate)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("cert and issuer must be a Certificate")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _verify_algorithm(algorithm)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(this_update, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("this_update must be a datetime object")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update is not None and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(next_update, datetime.datetime)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("next_update must be a datetime object or None")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cert = cert
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._issuer = issuer
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._algorithm = algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._this_update = this_update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._next_update = next_update
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(cert_status, OCSPCertStatus):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "cert_status must be an item from the OCSPCertStatus enum"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if cert_status is not OCSPCertStatus.REVOKED:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if revocation_time is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "revocation_time can only be provided if the certificate "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "is revoked"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if revocation_reason is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "revocation_reason can only be provided if the certificate"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- " is revoked"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(revocation_time, datetime.datetime):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("revocation_time must be a datetime object")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revocation_time = _convert_to_naive_utc_time(revocation_time)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if revocation_time < _EARLIEST_UTC_TIME:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError('The revocation_time must be on or after'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ' 1950 January 1.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revocation_reason is not None and
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not isinstance(revocation_reason, x509.ReasonFlags)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "revocation_reason must be an item from the ReasonFlags "
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "enum or None"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._cert_status = cert_status
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._revocation_time = revocation_time
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._revocation_reason = revocation_reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPResponseBuilder(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def __init__(self, response=None, responder_id=None, certs=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extensions=[]):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._response = response
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._responder_id = responder_id
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._certs = certs
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._extensions = extensions
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_response(self, cert, issuer, algorithm, cert_status, this_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- next_update, revocation_time, revocation_reason):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._response is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("Only one response per OCSPResponse.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- singleresp = _SingleResponse(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- cert, issuer, algorithm, cert_status, this_update, next_update,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revocation_time, revocation_reason
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- singleresp, self._responder_id,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._certs, self._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def responder_id(self, encoding, responder_cert):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._responder_id is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("responder_id can only be set once")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(responder_cert, x509.Certificate):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("responder_cert must be a Certificate")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(encoding, OCSPResponderEncoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "encoding must be an element from OCSPResponderEncoding"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._response, (responder_cert, encoding),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._certs, self._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def certificates(self, certs):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._certs is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("certificates may only be set once")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certs = list(certs)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if len(certs) == 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("certs must not be an empty list")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not all(isinstance(x, x509.Certificate) for x in certs):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("certs must be a list of Certificates")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._response, self._responder_id,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certs, self._extensions,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def add_extension(self, extension, critical):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(extension, x509.ExtensionType):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("extension must be an ExtensionType")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extension = x509.Extension(extension.oid, critical, extension)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _reject_duplicate_extension(extension, self._extensions)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return OCSPResponseBuilder(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._response, self._responder_id,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- self._certs, self._extensions + [extension],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def sign(self, private_key, algorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._response is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("You must add a response before signing")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if self._responder_id is None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("You must add a responder_id before signing")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(algorithm, hashes.HashAlgorithm):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError("Algorithm must be a registered hash algorithm.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_ocsp_response(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPResponseStatus.SUCCESSFUL, self, private_key, algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @classmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def build_unsuccessful(cls, response_status):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- from cryptography.hazmat.backends.openssl.backend import backend
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not isinstance(response_status, OCSPResponseStatus):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise TypeError(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "response_status must be an item from OCSPResponseStatus"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if response_status is OCSPResponseStatus.SUCCESSFUL:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- raise ValueError("response_status cannot be SUCCESSFUL")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return backend.create_ocsp_response(response_status, None, None, None)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPRequest(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The hash of the issuer public key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The hash of the issuer name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The hash algorithm used in the issuer name and key hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serial number of the cert whose status is being checked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractmethod
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def public_bytes(self, encoding):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Serializes the request to DER
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The list of request extensions. Not single request extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--@six.add_metaclass(abc.ABCMeta)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPResponse(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def response_status(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The status of the response. This is a value from the OCSPResponseStatus
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- enumeration
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_algorithm_oid(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The ObjectIdentifier of the signature algorithm
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature_hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Returns a HashAlgorithm corresponding to the type of the digest signed
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def signature(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The signature bytes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def tbs_response_bytes(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The tbsResponseData bytes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def certificates(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- A list of certificates used to help build a chain to verify the OCSP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- response. This situation occurs when the OCSP responder uses a delegate
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- certificate.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def responder_key_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The responder's key hash or None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def responder_name(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The responder's Name or None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def produced_at(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The time the response was produced
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def certificate_status(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The status of the certificate (an element from the OCSPCertStatus enum)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_time(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The date of when the certificate was revoked or None if not
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- revoked.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def revocation_reason(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The reason the certificate was revoked or None if not specified or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- not revoked.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def this_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The most recent time at which the status being indicated is known by
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- the responder to have been correct
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def next_update(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The time when newer information will be available
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_key_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The hash of the issuer public key
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def issuer_name_hash(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The hash of the issuer name
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def hash_algorithm(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The hash algorithm used in the issuer name and key hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def serial_number(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The serial number of the cert whose status is being checked
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- @abc.abstractproperty
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def extensions(self):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- The list of response extensions. Not single response extensions.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/cryptography/x509/oid.py lib_pypy/_cffi_ssl/cryptography/x509/oid.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/cryptography/x509/oid.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,226 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# This file is dual licensed under the terms of the Apache License, Version
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# 2.0, and the BSD License. See the LICENSE file in the root of this repository
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# for complete details.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from __future__ import absolute_import, division, print_function
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat._oid import ObjectIdentifier
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--from cryptography.hazmat.primitives import hashes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ExtensionOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SUBJECT_DIRECTORY_ATTRIBUTES = ObjectIdentifier("2.5.29.9")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SUBJECT_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.14")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- KEY_USAGE = ObjectIdentifier("2.5.29.15")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SUBJECT_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.17")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ISSUER_ALTERNATIVE_NAME = ObjectIdentifier("2.5.29.18")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BASIC_CONSTRAINTS = ObjectIdentifier("2.5.29.19")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NAME_CONSTRAINTS = ObjectIdentifier("2.5.29.30")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRL_DISTRIBUTION_POINTS = ObjectIdentifier("2.5.29.31")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CERTIFICATE_POLICIES = ObjectIdentifier("2.5.29.32")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- POLICY_MAPPINGS = ObjectIdentifier("2.5.29.33")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AUTHORITY_KEY_IDENTIFIER = ObjectIdentifier("2.5.29.35")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- POLICY_CONSTRAINTS = ObjectIdentifier("2.5.29.36")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- FRESHEST_CRL = ObjectIdentifier("2.5.29.46")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- INHIBIT_ANY_POLICY = ObjectIdentifier("2.5.29.54")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ISSUING_DISTRIBUTION_POINT = ObjectIdentifier("2.5.29.28")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AUTHORITY_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SUBJECT_INFORMATION_ACCESS = ObjectIdentifier("1.3.6.1.5.5.7.1.11")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSP_NO_CHECK = ObjectIdentifier("1.3.6.1.5.5.7.48.1.5")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TLS_FEATURE = ObjectIdentifier("1.3.6.1.5.5.7.1.24")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRL_NUMBER = ObjectIdentifier("2.5.29.20")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DELTA_CRL_INDICATOR = ObjectIdentifier("2.5.29.27")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ObjectIdentifier("1.3.6.1.4.1.11129.2.4.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PRECERT_POISON = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ObjectIdentifier("1.3.6.1.4.1.11129.2.4.3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class OCSPExtensionOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NONCE = ObjectIdentifier("1.3.6.1.5.5.7.48.1.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CRLEntryExtensionOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CERTIFICATE_ISSUER = ObjectIdentifier("2.5.29.29")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRL_REASON = ObjectIdentifier("2.5.29.21")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- INVALIDITY_DATE = ObjectIdentifier("2.5.29.24")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class NameOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- COMMON_NAME = ObjectIdentifier("2.5.4.3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- COUNTRY_NAME = ObjectIdentifier("2.5.4.6")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- LOCALITY_NAME = ObjectIdentifier("2.5.4.7")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- STATE_OR_PROVINCE_NAME = ObjectIdentifier("2.5.4.8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- STREET_ADDRESS = ObjectIdentifier("2.5.4.9")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ORGANIZATION_NAME = ObjectIdentifier("2.5.4.10")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ORGANIZATIONAL_UNIT_NAME = ObjectIdentifier("2.5.4.11")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SERIAL_NUMBER = ObjectIdentifier("2.5.4.5")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SURNAME = ObjectIdentifier("2.5.4.4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GIVEN_NAME = ObjectIdentifier("2.5.4.42")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TITLE = ObjectIdentifier("2.5.4.12")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- GENERATION_QUALIFIER = ObjectIdentifier("2.5.4.44")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- X500_UNIQUE_IDENTIFIER = ObjectIdentifier("2.5.4.45")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DN_QUALIFIER = ObjectIdentifier("2.5.4.46")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PSEUDONYM = ObjectIdentifier("2.5.4.65")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- USER_ID = ObjectIdentifier("0.9.2342.19200300.100.1.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DOMAIN_COMPONENT = ObjectIdentifier("0.9.2342.19200300.100.1.25")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EMAIL_ADDRESS = ObjectIdentifier("1.2.840.113549.1.9.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- JURISDICTION_COUNTRY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- JURISDICTION_LOCALITY_NAME = ObjectIdentifier("1.3.6.1.4.1.311.60.2.1.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- JURISDICTION_STATE_OR_PROVINCE_NAME = ObjectIdentifier(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "1.3.6.1.4.1.311.60.2.1.2"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- )
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- BUSINESS_CATEGORY = ObjectIdentifier("2.5.4.15")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- POSTAL_ADDRESS = ObjectIdentifier("2.5.4.16")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- POSTAL_CODE = ObjectIdentifier("2.5.4.17")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class SignatureAlgorithmOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSA_WITH_MD5 = ObjectIdentifier("1.2.840.113549.1.1.4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSA_WITH_SHA1 = ObjectIdentifier("1.2.840.113549.1.1.5")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # This is an alternate OID for RSA with SHA1 that is occasionally seen
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- _RSA_WITH_SHA1 = ObjectIdentifier("1.3.14.3.2.29")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSA_WITH_SHA224 = ObjectIdentifier("1.2.840.113549.1.1.14")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSA_WITH_SHA256 = ObjectIdentifier("1.2.840.113549.1.1.11")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSA_WITH_SHA384 = ObjectIdentifier("1.2.840.113549.1.1.12")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSA_WITH_SHA512 = ObjectIdentifier("1.2.840.113549.1.1.13")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- RSASSA_PSS = ObjectIdentifier("1.2.840.113549.1.1.10")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ECDSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10045.4.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ECDSA_WITH_SHA224 = ObjectIdentifier("1.2.840.10045.4.3.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ECDSA_WITH_SHA256 = ObjectIdentifier("1.2.840.10045.4.3.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ECDSA_WITH_SHA384 = ObjectIdentifier("1.2.840.10045.4.3.3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ECDSA_WITH_SHA512 = ObjectIdentifier("1.2.840.10045.4.3.4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DSA_WITH_SHA1 = ObjectIdentifier("1.2.840.10040.4.3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DSA_WITH_SHA224 = ObjectIdentifier("2.16.840.1.101.3.4.3.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- DSA_WITH_SHA256 = ObjectIdentifier("2.16.840.1.101.3.4.3.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_SIG_OIDS_TO_HASH = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_MD5: hashes.MD5(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID._RSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA224: hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA256: hashes.SHA256(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA384: hashes.SHA384(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA512: hashes.SHA512(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA224: hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA256: hashes.SHA256(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA384: hashes.SHA384(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA512: hashes.SHA512(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.DSA_WITH_SHA1: hashes.SHA1(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.DSA_WITH_SHA224: hashes.SHA224(),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.DSA_WITH_SHA256: hashes.SHA256()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class ExtendedKeyUsageOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SERVER_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CLIENT_AUTH = ObjectIdentifier("1.3.6.1.5.5.7.3.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CODE_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.3")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- EMAIL_PROTECTION = ObjectIdentifier("1.3.6.1.5.5.7.3.4")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- TIME_STAMPING = ObjectIdentifier("1.3.6.1.5.5.7.3.8")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSP_SIGNING = ObjectIdentifier("1.3.6.1.5.5.7.3.9")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ANY_EXTENDED_KEY_USAGE = ObjectIdentifier("2.5.29.37.0")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class AuthorityInformationAccessOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CA_ISSUERS = ObjectIdentifier("1.3.6.1.5.5.7.48.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSP = ObjectIdentifier("1.3.6.1.5.5.7.48.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--class CertificatePoliciesOID(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CPS_QUALIFIER = ObjectIdentifier("1.3.6.1.5.5.7.2.1")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CPS_USER_NOTICE = ObjectIdentifier("1.3.6.1.5.5.7.2.2")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ANY_POLICY = ObjectIdentifier("2.5.29.32.0")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--_OID_NAMES = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.COMMON_NAME: "commonName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.COUNTRY_NAME: "countryName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.LOCALITY_NAME: "localityName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.STATE_OR_PROVINCE_NAME: "stateOrProvinceName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.STREET_ADDRESS: "streetAddress",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.ORGANIZATION_NAME: "organizationName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.ORGANIZATIONAL_UNIT_NAME: "organizationalUnitName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.SERIAL_NUMBER: "serialNumber",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.SURNAME: "surname",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.GIVEN_NAME: "givenName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.TITLE: "title",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.GENERATION_QUALIFIER: "generationQualifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.X500_UNIQUE_IDENTIFIER: "x500UniqueIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.DN_QUALIFIER: "dnQualifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.PSEUDONYM: "pseudonym",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.USER_ID: "userID",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.DOMAIN_COMPONENT: "domainComponent",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.EMAIL_ADDRESS: "emailAddress",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.JURISDICTION_COUNTRY_NAME: "jurisdictionCountryName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.JURISDICTION_LOCALITY_NAME: "jurisdictionLocalityName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.JURISDICTION_STATE_OR_PROVINCE_NAME: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "jurisdictionStateOrProvinceName"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.BUSINESS_CATEGORY: "businessCategory",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.POSTAL_ADDRESS: "postalAddress",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NameOID.POSTAL_CODE: "postalCode",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_MD5: "md5WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA1: "sha1WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA224: "sha224WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA256: "sha256WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA384: "sha384WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSA_WITH_SHA512: "sha512WithRSAEncryption",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.RSASSA_PSS: "RSASSA-PSS",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA1: "ecdsa-with-SHA1",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA224: "ecdsa-with-SHA224",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA256: "ecdsa-with-SHA256",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA384: "ecdsa-with-SHA384",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.ECDSA_WITH_SHA512: "ecdsa-with-SHA512",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.DSA_WITH_SHA1: "dsa-with-sha1",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.DSA_WITH_SHA224: "dsa-with-sha224",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- SignatureAlgorithmOID.DSA_WITH_SHA256: "dsa-with-sha256",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtendedKeyUsageOID.SERVER_AUTH: "serverAuth",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtendedKeyUsageOID.CLIENT_AUTH: "clientAuth",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtendedKeyUsageOID.CODE_SIGNING: "codeSigning",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtendedKeyUsageOID.EMAIL_PROTECTION: "emailProtection",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtendedKeyUsageOID.TIME_STAMPING: "timeStamping",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtendedKeyUsageOID.OCSP_SIGNING: "OCSPSigning",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_DIRECTORY_ATTRIBUTES: "subjectDirectoryAttributes",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_KEY_IDENTIFIER: "subjectKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.KEY_USAGE: "keyUsage",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_ALTERNATIVE_NAME: "subjectAltName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUER_ALTERNATIVE_NAME: "issuerAltName",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.BASIC_CONSTRAINTS: "basicConstraints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.PRECERT_SIGNED_CERTIFICATE_TIMESTAMPS: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "signedCertificateTimestampList"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.PRECERT_POISON: "ctPoison",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.CRL_REASON: "cRLReason",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.INVALIDITY_DATE: "invalidityDate",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRLEntryExtensionOID.CERTIFICATE_ISSUER: "certificateIssuer",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.NAME_CONSTRAINTS: "nameConstraints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CRL_DISTRIBUTION_POINTS: "cRLDistributionPoints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CERTIFICATE_POLICIES: "certificatePolicies",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.POLICY_MAPPINGS: "policyMappings",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_KEY_IDENTIFIER: "authorityKeyIdentifier",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.POLICY_CONSTRAINTS: "policyConstraints",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.EXTENDED_KEY_USAGE: "extendedKeyUsage",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.FRESHEST_CRL: "freshestCRL",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.INHIBIT_ANY_POLICY: "inhibitAnyPolicy",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.ISSUING_DISTRIBUTION_POINT: (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "issuingDistributionPoint"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.AUTHORITY_INFORMATION_ACCESS: "authorityInfoAccess",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.SUBJECT_INFORMATION_ACCESS: "subjectInfoAccess",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.OCSP_NO_CHECK: "OCSPNoCheck",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.CRL_NUMBER: "cRLNumber",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.DELTA_CRL_INDICATOR: "deltaCRLIndicator",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ExtensionOID.TLS_FEATURE: "TLSFeature",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AuthorityInformationAccessOID.OCSP: "OCSP",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- AuthorityInformationAccessOID.CA_ISSUERS: "caIssuers",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CertificatePoliciesOID.CPS_QUALIFIER: "id-qt-cps",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CertificatePoliciesOID.CPS_USER_NOTICE: "id-qt-unotice",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- OCSPExtensionOID.NONCE: "OCSPNonce",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.c lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.c
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,655 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* osurandom engine
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- *
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * Windows CryptGenRandom()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * macOS >= 10.12 getentropy()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * OpenBSD 5.6+ getentropy()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * other BSD getentropy() if SYS_getentropy is defined
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * Linux 3.17+ getrandom() with fallback to /dev/urandom
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * other /dev/urandom with cached fd
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- *
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * The /dev/urandom, getrandom and getentropy code is derived from Python's
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * Python/random.c, written by Antoine Pitrou and Victor Stinner.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- *
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * Copyright 2001-2016 Python Software Foundation; All Rights Reserved.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifdef __linux__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#include <poll.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifndef OPENSSL_NO_ENGINE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* OpenSSL has ENGINE support so build the engine. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_id = "osrandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * Windows
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_name = "osrandom_engine CryptGenRandom()";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static HCRYPTPROV hCryptProv = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (hCryptProv != 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (CryptAcquireContext(&hCryptProv, NULL, NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_INIT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (hCryptProv == 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (!CryptGenRandom(hCryptProv, (DWORD)size, buffer)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (CryptReleaseContext(hCryptProv, 0)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- hCryptProv = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_FINISH,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return hCryptProv != 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "CryptGenRandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * /dev/urandom helpers for all non-BSD Unix platforms
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifdef CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static struct {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dev_t st_dev;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ino_t st_ino;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--} urandom_cache = { -1 };
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int open_cloexec(const char *path) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int open_flags = O_RDONLY;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifdef O_CLOEXEC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- open_flags |= O_CLOEXEC;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd = open(path, open_flags);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd == -1) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifndef O_CLOEXEC
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int flags = fcntl(fd, F_GETFD);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (flags == -1) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) == -1) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifdef __linux__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* On Linux, we open("/dev/random") and use poll() to wait until it's readable
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * before we read from /dev/urandom, this ensures that we don't read from
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * /dev/urandom before the kernel CSPRNG is initialized. This isn't necessary on
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * other platforms because they don't have the same _bug_ as Linux does with
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * /dev/urandom and early boot. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int wait_on_devrandom(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- struct pollfd pfd = {};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int ret = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int random_fd = open_cloexec("/dev/random");
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (random_fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pfd.fd = random_fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pfd.events = POLLIN;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pfd.revents = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- do {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ret = poll(&pfd, 1, -1);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } while (ret < 0 && (errno == EINTR || errno == EAGAIN));
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- close(random_fd);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return ret;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* return -1 on error */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int dev_urandom_fd(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd = -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- struct stat st;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Check that fd still points to the correct device */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (urandom_cache.fd >= 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fstat(urandom_cache.fd, &st)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- || st.st_dev != urandom_cache.st_dev
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- || st.st_ino != urandom_cache.st_ino) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Somebody replaced our FD. Invalidate our cache but don't
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * close the fd. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- urandom_cache.fd = -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (urandom_cache.fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifdef __linux__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (wait_on_devrandom() < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- goto error;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fd = open_cloexec("/dev/urandom");
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- goto error;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fstat(fd, &st)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- goto error;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Another thread initialized the fd */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (urandom_cache.fd >= 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- close(fd);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return urandom_cache.fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- urandom_cache.st_dev = st.st_dev;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- urandom_cache.st_ino = st.st_ino;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- urandom_cache.fd = fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return urandom_cache.fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- error:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd != -1) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- close(fd);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int dev_urandom_read(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- do {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = (int)read(fd, buffer, (size_t)size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } while (n < 0 && errno == EINTR);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (n <= 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer += n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- size -= n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static void dev_urandom_close(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (urandom_cache.fd >= 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- struct stat st;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fstat(urandom_cache.fd, &st)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- && st.st_dev == urandom_cache.st_dev
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- && st.st_ino == urandom_cache.st_ino) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- fd = urandom_cache.fd;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- urandom_cache.fd = -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- close(fd);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * BSD getentropy
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_name = "osrandom_engine getentropy()";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_NOT_INIT;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if !defined(__APPLE__)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (&getentropy != NULL) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getentropy_works = CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int res;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch(getentropy_works) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if defined(__APPLE__)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dev_urandom_read(buffer, size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* OpenBSD and macOS restrict maximum buffer size to 256. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len = size > 256 ? 256 : size;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- res = getentropy(buffer, (size_t)len);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (res < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer += len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- size -= len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch(getentropy_works) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "/dev/urandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "getentropy";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * Linux getrandom engine with fallback to dev_urandom
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_name = "osrandom_engine getrandom()";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* We try to detect working getrandom until we succeed. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (getrandom_works != CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- long n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- char dest[1];
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* if the kernel CSPRNG is not initialized this will block */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = syscall(SYS_getrandom, dest, sizeof(dest), 0);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (n == sizeof(dest)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int e = errno;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch(e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case ENOSYS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Fallback: Kernel does not support the syscall. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- break;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case EPERM:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Fallback: seccomp prevents syscall */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- break;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- default:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* EINTR cannot occur for buflen < 256. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_INIT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "errno", e
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- getrandom_works = CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- break;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* fallback to dev urandom */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (getrandom_works == CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- long n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch(getrandom_works) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dev_urandom_read(buffer, size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- while (size > 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- do {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- n = syscall(SYS_getrandom, buffer, size, 0);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } while (n < 0 && errno == EINTR);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (n <= 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_Cryptography_OSRandom_error(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __FILE__, __LINE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- );
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- buffer += n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- size -= (int)n;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dev_urandom_close();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch(getrandom_works) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return urandom_cache.fd >= 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch(getrandom_works) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<failed>";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "<not initialized>";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "/dev/urandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "getrandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- __builtin_unreachable();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * dev_urandom engine for all remaining platforms
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_name = "osrandom_engine /dev/urandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_init(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int fd = dev_urandom_fd();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (fd < 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return dev_urandom_read(buffer, size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_finish(ENGINE *e) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- dev_urandom_close();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_rand_status(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return urandom_cache.fd >= 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *osurandom_get_implementation(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return "/dev/urandom";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/****************************************************************************
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * ENGINE boiler plate
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* This replicates the behavior of the OpenSSL FIPS RNG, which returns a
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- -1 in the event that there is an error when calling RAND_pseudo_bytes. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_pseudo_rand_bytes(unsigned char *buffer, int size) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- int res = osrandom_rand_bytes(buffer, size);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (res == 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return -1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return res;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static RAND_METHOD osrandom_rand = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- osrandom_rand_bytes,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- NULL,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- osrandom_pseudo_rand_bytes,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- osrandom_rand_status,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const ENGINE_CMD_DEFN osrandom_cmd_defns[] = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "get_implementation",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Get CPRNG implementation.",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINE_CMD_FLAG_NO_INPUT},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {0, NULL, NULL, 0}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int osrandom_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f) (void)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- const char *name;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- size_t len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- switch (cmd) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- case CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* i: buffer size, p: char* buffer */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- name = osurandom_get_implementation();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- len = strlen(name);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ((p == NULL) && (i == 0)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* return required buffer len */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (int)len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if ((p == NULL) || i < 0 || ((size_t)i <= len)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* no buffer or buffer too small */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_INVALID_ARGUMENT);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- strncpy((char *)p, name, len);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return (int)len;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- default:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINEerr(ENGINE_F_ENGINE_CTRL, ENGINE_R_CTRL_COMMAND_NOT_IMPLEMENTED);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* error reporting */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define ERR_FUNC(func) ERR_PACK(0, func, 0)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define ERR_REASON(reason) ERR_PACK(0, 0, reason)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_lib_name[] = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {0, "osrandom_engine"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {0, NULL}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_str_funcs[] = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_INIT),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "osrandom_init"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "osrandom_rand_bytes"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_FINISH),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "osrandom_finish"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "dev_urandom_fd"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_FUNC(CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "dev_urandom_read"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {0, NULL}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static ERR_STRING_DATA CRYPTOGRAPHY_OSRANDOM_str_reasons[] = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CryptAcquireContext() failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CryptGenRandom() failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "CryptReleaseContext() failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "getentropy() failed"},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "open('/dev/urandom') failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "Reading from /dev/urandom fd failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "getrandom() initialization failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "getrandom() initialization failed with unexpected errno."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "getrandom() syscall failed."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {ERR_REASON(CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- "getrandom() engine was not properly initialized."},
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- {0, NULL}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static int Cryptography_OSRandom_lib_error_code = 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static void ERR_load_Cryptography_OSRandom_strings(void)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--{
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (Cryptography_OSRandom_lib_error_code == 0) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- Cryptography_OSRandom_lib_error_code = ERR_get_next_error_library();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_load_strings(Cryptography_OSRandom_lib_error_code,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_lib_name);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_load_strings(Cryptography_OSRandom_lib_error_code,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_str_funcs);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_load_strings(Cryptography_OSRandom_lib_error_code,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_str_reasons);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static void ERR_Cryptography_OSRandom_error(int function, int reason,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- char *file, int line)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--{
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_PUT_error(Cryptography_OSRandom_lib_error_code, function, reason,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- file, line);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* Returns 1 if successfully added, 2 if engine has previously been added,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- and 0 for error. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int Cryptography_add_osrandom_engine(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINE *e;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_load_Cryptography_OSRandom_strings();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = ENGINE_by_id(Cryptography_osrandom_engine_id);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (e != NULL) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINE_free(e);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 2;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- } else {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ERR_clear_error();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- e = ENGINE_new();
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (e == NULL) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (!ENGINE_set_id(e, Cryptography_osrandom_engine_id) ||
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- !ENGINE_set_name(e, Cryptography_osrandom_engine_name) ||
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- !ENGINE_set_RAND(e, &osrandom_rand) ||
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- !ENGINE_set_init_function(e, osrandom_init) ||
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- !ENGINE_set_finish_function(e, osrandom_finish) ||
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- !ENGINE_set_cmd_defns(e, osrandom_cmd_defns) ||
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- !ENGINE_set_ctrl_function(e, osrandom_ctrl)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINE_free(e);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (!ENGINE_add(e)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- ENGINE_free(e);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (!ENGINE_free(e)) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 1;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* If OpenSSL has no ENGINE support then we don't want
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * to compile the osrandom engine, but we do need some
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * placeholders */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_id = "no-engine-support";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static const char *Cryptography_osrandom_engine_name = "osrandom_engine disabled due to no engine support";
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--int Cryptography_add_osrandom_engine(void) {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return 0;
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.h lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.h
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-deleted file mode 100644
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/openssl/src/osrandom_engine.h
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ /dev/null
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -1,114 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifndef OPENSSL_NO_ENGINE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* OpenSSL has ENGINE support so include all of this. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifdef _WIN32
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <Wincrypt.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <fcntl.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <unistd.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* for defined(BSD) */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <sys/param.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #ifdef BSD
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* for SYS_getentropy */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <sys/syscall.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #ifdef __APPLE__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <sys/random.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* To support weak linking we need to declare this as a weak import even if
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * it's not present in sys/random (e.g. macOS < 10.12). */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- extern int getentropy(void *buffer, size_t size) __attribute((weak_import));
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #ifdef __linux__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* for SYS_getrandom */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #include <sys/syscall.h>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #ifndef GRND_NONBLOCK
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define GRND_NONBLOCK 0x0001
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif /* GRND_NONBLOCK */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #ifndef SYS_getrandom
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* We only bother to define the constants for platforms where we ship
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * wheels, since that's the predominant way you get a situation where
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * you don't have SYS_getrandom at compile time but do have the syscall
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * at runtime */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #if defined __x86_64__
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define SYS_getrandom 318
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #elif defined(__i386__)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define SYS_getrandom 355
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif /* __linux__ */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* _WIN32 */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY 2
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM 3
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM 4
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#ifndef CRYPTOGRAPHY_OSRANDOM_ENGINE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #if defined(_WIN32)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Windows */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_CRYPTGENRANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #elif defined(BSD) && defined(SYS_getentropy)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* OpenBSD 5.6+ & macOS with SYS_getentropy defined, although < 10.12 will fallback
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- * to urandom */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #elif defined(__linux__) && defined(SYS_getrandom)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Linux 3.17+ */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #else
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- /* Keep this as last entry, fall back to /dev/urandom */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define CRYPTOGRAPHY_OSRANDOM_ENGINE CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif /* CRYPTOGRAPHY_OSRANDOM_ENGINE */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* Fallbacks need /dev/urandom helper functions. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#if CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETRANDOM || \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_DEV_URANDOM || \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (CRYPTOGRAPHY_OSRANDOM_ENGINE == CRYPTOGRAPHY_OSRANDOM_ENGINE_GETENTROPY && \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- defined(__APPLE__))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #define CRYPTOGRAPHY_OSRANDOM_NEEDS_DEV_URANDOM 1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--enum {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_INIT_FAILED = -2,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_NOT_INIT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_FALLBACK,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETRANDOM_WORKS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--enum {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETENTROPY_NOT_INIT,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETENTROPY_FALLBACK,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- CRYPTOGRAPHY_OSRANDOM_GETENTROPY_WORKS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--};
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* engine ctrl */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_GET_IMPLEMENTATION ENGINE_CMD_BASE
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--/* error reporting */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static void ERR_load_Cryptography_OSRandom_strings(void);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--static void ERR_Cryptography_OSRandom_error(int function, int reason,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- char *file, int line);
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_F_INIT 100
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_F_RAND_BYTES 101
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_F_FINISH 102
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_FD 300
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_F_DEV_URANDOM_READ 301
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTACQUIRECONTEXT 100
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTGENRANDOM 101
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_CRYPTRELEASECONTEXT 102
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_GETENTROPY_FAILED 200
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_OPEN_FAILED 300
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_DEV_URANDOM_READ_FAILED 301
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED 400
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_INIT_FAILED_UNEXPECTED 402
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_FAILED 403
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#define CRYPTOGRAPHY_OSRANDOM_R_GETRANDOM_NOT_INIT 404
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--#endif
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_cffi_ssl/tools/make_ssl_data.py lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_cffi_ssl/tools/make_ssl_data.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -3,80 +3,126 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- This script should be called *manually* when we want to upgrade SSLError
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- `library` and `reason` mnemnonics to a more recent OpenSSL version.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- It takes two arguments:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- - the path to the OpenSSL source tree (e.g. git checkout)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- the path to the C file to be generated
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- (probably Modules/_ssl_data.h)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+- the path to the wrapper file to be generated
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+- error codes are version specific
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+Sample invocation (from folder containing this file):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+python make_ssl_data.py ../openssl/src/ ../_stdssl/errorcodes.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- """
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+import argparse
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- import datetime
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+import operator
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- import os
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- import re
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- import sys
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--import _ssl
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+parser = argparse.ArgumentParser(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ description="Generate ssl_data.h from OpenSSL sources"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+parser.add_argument("srcdir", help="OpenSSL source directory")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+parser.add_argument(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ "output", nargs="?", type=argparse.FileType("w"), default=sys.stdout
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def _file_search(fname, pat):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ with open(fname, encoding="utf-8") as f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ for line in f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ match = pat.search(line)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if match is not None:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield match
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def parse_err_h(args):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ """Parse err codes, e.g. ERR_LIB_X509: 11"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ pat = re.compile(r"#\s*define\W+ERR_LIB_(\w+)\s+(\d+)")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib2errnum = {}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ for match in _file_search(args.err_h, pat):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ libname, num = match.groups()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib2errnum[libname] = int(num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ return lib2errnum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def parse_openssl_error_text(args):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ """Parse error reasons, X509_R_AKID_MISMATCH"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # ignore backslash line continuation for now
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ pat = re.compile(r"^((\w+?)_R_(\w+)):(\d+):")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ for match in _file_search(args.errtxt, pat):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reason, libname, errname, num = match.groups()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if "_F_" in reason:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # ignore function codes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ continue
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ num = int(num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield reason, libname, errname, num
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def parse_extra_reasons(args):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ """Parse extra reasons from openssl.ec"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ pat = re.compile(r"^R\s+((\w+)_R_(\w+))\s+(\d+)")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ for match in _file_search(args.errcodes, pat):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reason, libname, errname, num = match.groups()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ num = int(num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield reason, libname, errname, num
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--def parse_error_codes(h_file, prefix, libcode):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- pat = re.compile(r"#define\W+(%s([\w]+))\W+(\d+)\b" % re.escape(prefix))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- with open(h_file, "r", encoding="latin1") as f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for line in f:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- match = pat.search(line)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if match:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- code, name, num = match.groups()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- num = int(num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # e.g. ("SSL_R_BAD_DATA", ("ERR_LIB_SSL", "BAD_DATA", 390))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes.append((code, (libcode, name, num)))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- return codes
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def gen_library_codes(args):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ """Generate table short libname to numeric code"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield "_lib_codes = ["
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ for libname in sorted(args.lib2errnum):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield f' ("{libname}", lib.ERR_LIB_{libname}),'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield "]"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield ""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def gen_error_codes(args):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ """Generate error code table for error reasons"""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield "_error_codes = ["
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ for reason, libname, errname, num in args.reasons:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield f' ("{errname}", lib.ERR_LIB_{libname}, {num}),'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield "]"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ yield ""
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+def main():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args = parser.parse_args()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.err_h = os.path.join(args.srcdir, "include", "openssl", "err.h")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if not os.path.isfile(args.err_h):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # Fall back to infile for OpenSSL 3.0.0
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.err_h += ".in"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.errcodes = os.path.join(args.srcdir, "crypto", "err", "openssl.ec")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.errtxt = os.path.join(args.srcdir, "crypto", "err", "openssl.txt")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if not os.path.isfile(args.errtxt):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ parser.error(f"File {args.errtxt} not found in srcdir\n.")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # {X509: 11, ...}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.lib2errnum = parse_err_h(args)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # [('X509_R_AKID_MISMATCH', 'X509', 'AKID_MISMATCH', 110), ...]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reasons = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reasons.extend(parse_openssl_error_text(args))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ reasons.extend(parse_extra_reasons(args))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # sort by libname, numeric error code
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.reasons = sorted(reasons, key=operator.itemgetter(0, 3))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lines = [
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ "# File generated by lib_pypy/_cffi_ssl/tools/make_ssl_data.py",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ f"# Generated on {datetime.datetime.utcnow().isoformat()}",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ "",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ "from _pypy_openssl import ffi, lib"
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lines.extend(gen_library_codes(args))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lines.append("")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lines.extend(gen_error_codes(args))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ args.output.write("\n".join(lines))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if __name__ == "__main__":
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- openssl_inc = sys.argv[1]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- outfile = sys.argv[2]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- use_stdout = outfile == '-'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- f = sys.stdout if use_stdout else open(outfile, "w")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- error_libraries = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # mnemonic -> (library code, error prefix, header file)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'PEM': ('ERR_LIB_PEM', 'PEM_R_', 'include/openssl/pem.h'),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'SSL': ('ERR_LIB_SSL', 'SSL_R_', 'include/openssl/ssl.h'),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'X509': ('ERR_LIB_X509', 'X509_R_', 'include/openssl/x509.h'),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Read codes from libraries
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- new_codes = []
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for libcode, prefix, h_file in sorted(error_libraries.values()):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- new_codes += parse_error_codes(os.path.join(openssl_inc, h_file),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- prefix, libcode)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- new_code_nums = set((libcode, num)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for (code, (libcode, name, num)) in new_codes)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Merge with existing codes (in case some old codes disappeared).
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes = {}
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for errname, (libnum, errnum) in _ssl.err_names_to_codes.items():
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- lib = error_libraries[_ssl.lib_codes_to_names[libnum]]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- libcode = lib[0] # e.g. ERR_LIB_PEM
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- errcode = lib[1] + errname # e.g. SSL_R_BAD_SSL_SESSION_ID_LENGTH
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- # Only keep it if the numeric codes weren't reused
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if (libcode, errnum) not in new_code_nums:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes[errcode] = libcode, errname, errnum
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- codes.update(dict(new_codes))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- def w(l):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- f.write(l + "\n")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w("# File generated by tools/make_ssl_data.py")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w("# Generated on %s" % datetime.datetime.now().isoformat())
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w("")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w("from _openssl import ffi, lib ")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w("_lib_codes = []")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for mnemo, (libcode, _, _) in sorted(error_libraries.items()):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w('_lib_codes.append(("%s", lib.%s))' % (mnemo, libcode))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w("_error_codes = []")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- for errcode, (libcode, name, num) in sorted(codes.items()):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #w('if lib.%s:' % (errcode))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #w(' _error_codes.append(("%s", lib.%s, lib.%s))' % (name, libcode, errcode))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- #w('else:')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- w('_error_codes.append(("%s", lib.%s, %d))' % (name, libcode, num))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- if not use_stdout:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- f.close()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ main()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/_ssl_build.py lib_pypy/_ssl_build.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/_ssl_build.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/_ssl_build.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -18,6 +18,8 @@ ffi = build_ffi_for_binding(
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # This goes first so we can define some cryptography-wide symbols.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- "cryptography",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ # Provider comes early as well so we define OSSL_LIB_CTX
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ "provider",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- "aes",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- "asn1",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- "bignum",
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/pypy_tools/build_cffi_imports.py lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -60,21 +60,22 @@ configure_args = ['./configure',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ]
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # please note the deliberate use of a mirror site: we can't use HTTPS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # without an _ssl module, but the OpenSSL download site redirect HTTP
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--# to HTTPS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+# to HTTPS. Use a mirror from https://www.openssl.org/source/mirror.html
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- cffi_dependencies = {
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- '_ssl': ('http://distfiles.macports.org/openssl/openssl-1.1.1k.tar.gz',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- '892a0875b9872acd04a9fde79b1f943075d5ea162415de3047c327df33fbaee5',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- [['./config', '--prefix=/usr', 'no-shared'],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ '_ssl': ('http://artfiles.org/openssl.org/source/openssl-3.0.0.tar.gz',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ '59eedfcb46c25214c9bd37ed6078297b4df01d012267fe9e9eee31f61bc70536',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ [['./config', '--prefix=/usr', 'no-shared', 'enable-fips'],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ['make', '-s', '-j', str(multiprocessing.cpu_count())],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ['make', 'install', 'DESTDIR={}/'.format(deps_destdir)],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ]),
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- }
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if sys.platform == 'darwin' or platform.machine() == 'aarch64':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # TODO: use these on x86 after upgrading Docker images to manylinux2014
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- cffi_dependencies['_gdbm'] = (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # this does not compile on the x86 buildbot, linker is missing '_history_list'
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- 'http://distfiles.macports.org/gdbm/gdbm-1.18.1.tar.gz',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- '86e613527e5dba544e73208f42b78b7c022d4fa5a6d5498bf18c8d6f745b91dc',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ 'http://distfiles.macports.org/gdbm/gdbm-1.19.tar.gz',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ '37ed12214122b972e18a0d94995039e57748191939ef74115b1d41d8811364bc',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- [configure_args + ['--without-readline'],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ['make', '-s', '-j', str(multiprocessing.cpu_count())],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- ['make', 'install', 'DESTDIR={}/'.format(deps_destdir)],
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -238,7 +239,8 @@ def create_cffi_import_libraries(pypy_c,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- env['CPPFLAGS'] = \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- '-I{}/usr/include {}'.format(deps_destdir, env.get('CPPFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- env['LDFLAGS'] = \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- '-L{}/usr/lib {}'.format(deps_destdir, env.get('LDFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ '-L{}/usr/lib -L{}/usr/lib64 {}'.format(deps_destdir, deps_destdir,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ env.get('LDFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- status, stdout, stderr = run_subprocess(str(pypy_c), args,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -274,8 +276,8 @@ if __name__ == '__main__':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- sys.exit(1)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- tool_dir = os.path.dirname(os.path.abspath(sys.argv[0]))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- base_dir = os.path.dirname(os.path.dirname(tool_dir))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- sys.path.insert(0, base_dir)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ lib_pypy_dir = os.path.dirname(os.path.dirname(tool_dir))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ sys.path.insert(0, lib_pypy_dir)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- class Options(object):
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- pass
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -287,7 +289,7 @@ if __name__ == '__main__':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- parser.add_argument('--rebuild', dest='rebuild', action='store_true',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- help='Rebuild the module even if it already appears to have been built.')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- parser.add_argument('--only', dest='only', default=None,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- help='Only build the modules delimited by a colon. E.g. _ssl,sqlite')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ help='Only build the modules delimited by a comma e.g. _ssl,sqlite')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- parser.add_argument('--embed-dependencies', dest='embed_dependencies', action='store_true',
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- help='embed dependencies for distribution')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- args = parser.parse_args()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -306,9 +308,14 @@ if __name__ == '__main__':
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- only = None
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- only = set(args.only.split(','))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- failures = create_cffi_import_libraries(exename, options, basedir, only=only,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- embed_dependencies=args.embed_dependencies,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- rebuild=args.rebuild)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ olddir = os.getcwd()
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ os.chdir(lib_pypy_dir)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ try:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ failures = create_cffi_import_libraries(exename, options, basedir,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ only=only, embed_dependencies=args.embed_dependencies,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ rebuild=args.rebuild)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ finally:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ os.chdir(olddir)
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if len(failures) > 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- print('*** failed to build the CFFI modules %r' % (
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- [f[1] for f in failures],), file=sys.stderr)
</span><span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/pypy38-cflags.diff b/lang/pypy/files/pypy38-cflags.diff
</span>deleted file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index e9efa9314c9..00000000000
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/lang/pypy/files/pypy38-cflags.diff
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -1,36 +0,0 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# HG changeset patch
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# User Dan Villiom Podlaski Christiansen <danchr@gmail.com>
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Date 1633441137 -7200
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Tue Oct 05 15:38:57 2021 +0200
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Branch release-pypy3.8-v7.x
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Node ID 7b60c4aeb4296a536e293e01e0489a90806bed9f
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-# Parent 7e233b73b92740ab7a20680a404ac100be1eb508
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-build_cffi_imports: fix determining CFLAGS
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-The previous logic implicitly assumed that CFLAGS was either unset or
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-started with a space, breaking the MacPorts build. In addition, it
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-also extracted the version info from the _running_ interpreter rather
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-than the _built_ one.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-diff --git lib_pypy/pypy_tools/build_cffi_imports.py lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>---- lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+++ lib_pypy/pypy_tools/build_cffi_imports.py
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-@@ -198,8 +198,16 @@ def create_cffi_import_libraries(pypy_c,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- else:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # normally, this would be correctly added by setuptools/distutils, but
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- # we moved this, and the ensurepip setuptools has not caught up yet
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- include_path = os.path.join(basedir, 'include', 'pypy%d.%d' % sys.version_info[:2])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-- env['CFLAGS'] = '-fPIC -I%s' % include_path + env.get('CFLAGS', '')
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ status, stdout, stderr = run_subprocess(str(pypy_c), ['-c', 'from _sysconfigdata import build_time_vars as v; print(v["INCLUDEPY"])'])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ if status != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ failures.append((key, module))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ print("stdout:")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ print(stdout.decode('utf-8'))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ print("stderr:")
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ print(stderr.decode('utf-8'))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ continue
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ include_path = stdout
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-+ env['CFLAGS'] = ' '.join(('-fPIC', '-I' + include_path, env.get('CFLAGS', ''))
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- status, stdout, stderr = run_subprocess(str(pypy_c), ['-c', 'import setuptools'])
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- if status != 0:
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- status, stdout, stderr = run_subprocess(str(pypy_c), ['-m', 'ensurepip'])
</span><span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/python-pypy39 b/lang/pypy/files/python-pypy39
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..3665e853a08
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/files/python-pypy39
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,13 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+bin/pypy38
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/idle
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/pydoc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/smtpd.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/2to3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+share/man/man1/pypy38.1.gz
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;color:#808080;'>diff --git a/lang/pypy/files/python3-pypy39 b/lang/pypy/files/python3-pypy39
</span>new file mode 100644
<span style='display:block; white-space:pre;color:#808080;'>index 00000000000..3665e853a08
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>--- /dev/null
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/lang/pypy/files/python3-pypy39
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -0,0 +1,13 @@
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+bin/pypy38
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/idle
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/pydoc
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/smtpd.py
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+lib/pypy38/bin/2to3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+share/man/man1/pypy38.1.gz
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+-
</span></pre><pre style='margin:0'>
</pre>