HEX

File: //snap/certbot/4965/lib/python3.12/site-packages/acme/__pycache__/messages.cpython-312.pyc
�

N�h�k��l�dZddlmZddlZddlZddlmZddlmZddlmZddlm	Z	ddlm
Z
dd	lmZdd
lm
Z
ddlZddlmZddlmZdd
lmZddlmZddlmZdZidd�dd�dd�dd�dd�dd�dd�dd �d!d"�d#d$�d%d&�d'd(�d)d*�d+d,�d-d.�d/d0�d1d2�d3d4d5d6d7d8d9d:d;d<�	�Ziej1�D��cic]\}}e|z|��
c}}�Zd=ed>efd?�ZGd@�dAej:e�ZGdB�dCe�Zed%�Z edD�Z!GdE�dFejD�Z#GdG�dHejDejH�Z$GdI�dJe�Z%e%dK�Z&e%dL�Z'e%dM�Z(e%dN�Z)e%dO�Z*e%dP�Z+e%dQ�Z,e%dR�Z-GdS�dTej:�Z.GdU�dVejD�Z/GdW�dXe/�Z0GdY�dZejD�Z1Gd[�d\�Z2ed]d^�_�Z3Gd`�d^e1�Z4Gda�dbe4�Z5Gdc�dde4�Z6Gde�dfe0�Z7Gdg�dhe1�Z8Gdi�dje/�Z9Gdk�dle1�Z:Gdm�dne:�Z;Gdo�dpe:�Z<Gdq�dre0�Z=Gds�dtejD�Z>Gdu�dve0�Z?Gdw�dxejD�Z@Gdy�dze1�ZAGd{�d|e0�ZBGd}�d~eA�ZCGd�d�e1�ZDycc}}w)�zACME protocol messages.�)�HashableN)�Any)�Iterator)�Mapping)�MutableMapping)�Optional)�TypeVar)�x509)�
challenges)�errors)�fields)�jws)�utilzurn:ietf:params:acme:error:�accountDoesNotExistz4The request specified an account that does not exist�alreadyRevokedzOThe request specified a certificate to be revoked that has already been revoked�badCSRz2The CSR is unacceptable (e.g., due to a short key)�badNoncez1The client sent an unacceptable anti-replay nonce�badPublicKeyz>The JWS was signed by a public key the server does not support�badRevocationReasonz;The revocation reason provided is not allowed by the server�badSignatureAlgorithmz@The JWS was signed with an algorithm the server does not support�caaz\Certification Authority Authorization (CAA) records forbid the CA from issuing a certificate�compoundzBSpecific error conditions are indicated in the "subproblems" array�
connectionz?The server could not connect to the client to verify the domain�dnszAThere was a problem with a DNS query during identifier validation�dnssecz4The server could not validate a DNSSEC signed domain�incorrectResponsez;Response received didn't match the challenge's requirements�invalidEmailz1The provided email for a registration was invalid�invalidContactz$The provided contact URI was invalid�	malformedz!The request message was malformed�rejectedIdentifierz9The server will not issue certificates for the identifierzLThe request attempted to finalize an order that is not ready to be finalizedz,There were too many requests of a given typez(The server experienced an internal errorz=The server experienced a TLS error during domain verificationz)The client lacks sufficient authorizationz@A contact URL for an account used an unsupported protocol schemez*The server could not resolve a domain namez'An identifier is of an unsupported typez,The server requires external account binding)	�
orderNotReady�rateLimited�serverInternal�tls�unauthorized�unsupportedContact�unknownHost�unsupportedIdentifier�externalAccountRequired�err�returnc�`�t|t�r|j�t|jvSy)z#Check if argument is an ACME error.F)�
isinstance�Error�typ�ERROR_PREFIX)r*s �}/build/snapcraft-certbot-c9561b03ef7f16aa90eb6754ca5f17a1/parts/certbot/install/lib/python3.12/site-packages/acme/messages.py�
is_acme_errorr2>s'���#�u��3�7�7�#6��s�w�w�&�&��c���eZdZUdZdZeZeedfe	d<deddf�fd�Z
defd�Zed	eddfd
��Z
defd�Zdedefd
�Zdefd�Z�xZS)�	_ConstantzACME constant.��name�POSSIBLE_NAMESr7r+Nc�N��t�|��||j|<||_y�N)�super�__init__r8r7��selfr7�	__class__s  �r1r<z_Constant.__init__Js%���
����$(����D�!���	r3c��|jSr:r6�r>s r1�to_partial_jsonz_Constant.to_partial_jsonOs���y�y�r3�jobjc��||jvr"tj|j�d���|j|S)Nz not recognized)r8�jose�DeserializationError�__name__��clsrCs  r1�	from_jsonz_Constant.from_jsonRs=���s�)�)�)��+�+�s�|�|�n�O�,L�M�M��!�!�$�'�'r3c�N�|jj�d|j�d�S)N�(�))r?rGr7rAs r1�__repr__z_Constant.__repr__Xs$���.�.�)�)�*�!�D�I�I�;�a�8�8r3�otherc�b�t|t|��xr|j|jk(Sr:)r-�typer7)r>rOs  r1�__eq__z_Constant.__eq__[s%���%��d��,�H����t�y�y�1H�Hr3c�D�t|j|jf�Sr:)�hashr?r7rAs r1�__hash__z_Constant.__hash__^s���T�^�^�T�Y�Y�/�0�0r3)rG�
__module__�__qualname__�__doc__�	__slots__�NotImplementedr8�dict�str�__annotations__r<rB�classmethodrJrNr�boolrR�intrU�
__classcell__�r?s@r1r5r5Es������I�-;�N�D��k�)�*�;��S��T��
����(�S�(�[�(��(�
9�#�9�I�C�I�D�I�1�#�1r3r5c�*�eZdZUdZiZeeefed<y)�IdentifierTypezACME identifier type.r8N�	rGrVrWrXr8r[r\r5r]�r3r1rdrdbs���+-�N�D��i��(�-r3rd�ipc��eZdZUdZej
dej��Zee	d<ej
d�Z
ee	d<y)�
IdentifierzJACME identifier.

    :ivar IdentifierType typ:
    :ivar str value:

    rQ��decoderr/�valueN)rGrVrWrXrE�fieldrdrJr/r]rlr\rfr3r1ririks;���%�$�*�*�V�^�5M�5M�N�C��N�����G�$�E�3�$r3ric���eZdZUdZej
ddd��Zeed<ej
dd��Z	eed<ej
d	d��Z
eed	<ej
d
ejd��Z
eded
<ej
d
d��Zeeded
<ej"deeeefdedfd��Zedededdfd��Zedeefd��Zedeefd��Zdededdfd�Zdefd�Zy)r.a�ACME error.

    https://datatracker.ietf.org/doc/html/rfc7807

    Note: Although Error inherits from JSONObjectWithFields, which is immutable,
    we add mutability for Error to comply with the Python exception API.

    :ivar str typ:
    :ivar str title:
    :ivar str detail:
    :ivar Identifier identifier:
    :ivar tuple subproblems: An array of ACME Errors which may be present when the CA
            returns multiple errors related to the same request, `tuple` of `Error`.

    rQTzabout:blank��	omitempty�defaultr/�title�rp�detail�
identifier�rkrpri�subproblems)r..rlr+c�&�td�|D��S)Nc3�FK�|]}tj|����y�wr:)r.rJ)�.0�
subproblems  r1�	<genexpr>z$Error.subproblems.<locals>.<genexpr>�s����I�Z�U�_�_�Z�0�I���!��tuple�rls r1rwzError.subproblems�s���I�5�I�I�Ir3�code�kwargsc�T�|tvrtd|z��t|z}|dd|i|��S)z�Create an Error instance with an ACME Error code.

        :str code: An ACME error code, like 'dnssec'.
        :kwargs: kwargs to pass to Error.

        z4The supplied code: %s is not a known ACME error coder/rf)�ERROR_CODES�
ValueErrorr0)rIr�r�r/s    r1�	with_codezError.with_code�sE���{�"��%�'+�,�-�
-��T�!���%�s�%�f�%�%r3c�@�tj|j�S)z�Hardcoded error description based on its type.

        :returns: Description if standard ACME error or ``None``.
        :rtype: str

        )�ERROR_TYPE_DESCRIPTIONS�getr/rAs r1�descriptionzError.description�s��'�*�*�4�8�8�4�4r3c�j�t|j�jdd��d}|tvr|Sy)z�ACME error code.

        Basically self.typ without the ERROR_PREFIX.

        :returns: error code if standard ACME code or ``None``.
        :rtype: str

        �:�)�maxsplit���N)r\r/�rsplitr�)r>r�s  r1r�z
Error.code�s6���4�8�8�}�#�#�C�!�#�4�R�8���;���K�r3r7Nc�0�tj|||�Sr:)�object�__setattr__)r>r7rls   r1r�zError.__setattr__�s���!�!�$��e�4�4r3c�v�djd�|j|j|j|jfD��j�}|jrd|jj�d�|z}|jr1t|j�dkDr|jD]
}|d|��z
}�|S)Ns :: c3�DK�|]}|�|jdd����y�w)N�ascii�backslashreplace��encode)rz�parts  r1r|z Error.__str__.<locals>.<genexpr>�s*����!�9=���
�K�K��!3�4�!�s� zProblem for z: r�
)
�joinr/r�rtrr�decoderurlrw�len)r>�resultr{s   r1�__str__z
Error.__str__�s������!�
�X�X�t�'�'����d�j�j�A�!�!�"(���	��?�?�#�D�O�O�$9�$9�#:�"�=��F�F�����D�$4�$4� 5�� 9�"�.�.�
,�
��B�z�l�+�+��
,��
r3)rGrVrWrXrErmr/r\r]rrrtrirJrurrwrrk�listr[rr^r��propertyr�r�r�r�rfr3r1r.r.vsh����t�z�z�&�D�-�H�C��H�����G�t�4�E�3�4��$�*�*�X��6�F�C�6�)3�����j�2�2�d�*D�J���&�D�1;����M�UY�1Z�K��%��-�.�Z����J�4��S�#�X��/�J�E�,�4G�J��J��
&�S�
&�C�
&�G�
&��
&��5�X�c�]�5��5���h�s�m����5��5�C�5�D�5�
��
r3r.c�*�eZdZUdZiZeeefed<y)�StatuszACME "status" field.r8Nrerfr3r1r�r��s���+-�N�D��i��(�-r3r��unknown�pending�
processing�valid�invalid�revoked�ready�deactivatedc��eZdZdZGd�dej
�Zdeee	fddfd�Z
dede	fd	�Zdede	fd
�Zde
ee	ffd�Zedeee	fddfd��Zy)
�	DirectoryzmDirectory.

    Directory resources must be accessed by the exact field name in RFC8555 (section 9.7.5).
    c�t��eZdZUdZej
dd��Zeed<ej
dd��Z	eed<ej
dd��Z
eeed<ej
d	d��Ze
ed
<ej
dd��Zeeefed<ded
df�fd�Zed
efd��Zd
eef�fd�Zded
efd�Z�xZS)�Directory.MetazDirectory Meta.�termsOfServiceTrs�_terms_of_service�website�
caaIdentities�caa_identitiesr)�external_account_required�profilesr�r+Nc���|j�D��cic]\}}|j|�|��}}}t�|�di|��ycc}}w�Nrf��items�_internal_namer;r<�r>r��k�vr?s    �r1r<zDirectory.Meta.__init__�sF���<B�L�L�N�K�D�A�q�d�)�)�!�,�a�/�K�F�K��G��&�v�&��L��Ac��|jS)zURL for the CA TOS)r�rAs r1�terms_of_servicezDirectory.Meta.terms_of_service�s���)�)�)r3c#�P�K�t�|��D]}|dk(r|ddn|���y�w)Nr�r��r;�__iter__r=s  �r1r�zDirectory.Meta.__iter__�s8�������(�*�
H��"&�*=�"=�d�1�2�h�4�G�
H�s�#&r7c��|dk(rd|zS|S)Nr��_rf�r>r7s  r1r�zDirectory.Meta._internal_name�s��!%�);�!;�3��:�E��Er3)rGrVrWrXrErmr�r\r]r�r�r�r�r_r�r[rr<r�r�rr�r�rarbs@r1�Metar��s�����!+����,<��!M��3�M�!�t�z�z�)�t�<���<�$.�D�J�J��$�$O���S�	�O�*4�$�*�*�5N�Z^�*_�!�4�_�#-�4�:�:�j�D�#I��$�s�C�x�.�I�	'�S�	'�T�	'�
�	*�c�	*�
�	*�	H�h�s�m�	H�	F�s�	F�s�	Fr3r�rCr+Nc��||_yr:)�_jobj�r>rCs  r1r<zDirectory.__init__�s	����
r3r7c�X�	||S#t$r}tt|���d}~wwxYwr:)�KeyError�AttributeErrorr\)r>r7�errors   r1�__getattr__zDirectory.__getattr__�s0��	-���:����	-� ��U��,�,��	-�s��	)�$�)c�Z�	|j|S#t$rtd|�d���wxYw)NzDirectory field "z" not found)r�r�r�s  r1�__getitem__zDirectory.__getitem__s=��	B��:�:�d�#�#���	B��.�t�f�K�@�A�A�	B�s��*c�D�tj|jd��S)Nc��|Sr:rf)r�s r1�<lambda>z+Directory.to_partial_json.<locals>.<lambda>s��1�r3)r�map_keysr�rAs r1rBzDirectory.to_partial_jsons���}�}�T�Z�Z��5�5r3c�n�|jj|jdi��|d<||�S)N�meta)r�rJ�poprHs  r1rJzDirectory.from_jsons/���x�x�)�)�$�(�(�6�2�*>�?��V���4�y�r3)rGrVrWrXrE�JSONObjectWithFieldsr�rr\rr<r�r�r[rBr^rrJrfr3r1r�r��s����
F�t�(�(�F�4�W�S�#�X�.��4��-��-��-�B��B��B�6��c�3�h��6���^�C��H�5��+���r3r�c�@�eZdZUdZej
d�Zded<y)�ResourcezOACME Resource.

    :ivar acme.messages.ResourceBody body: Resource body.

    �body�ResourceBodyN)rGrVrWrXrErmr�r]rfr3r1r�r�s���
&�4�:�:�f�-�D�.�-r3r�c�@�eZdZUdZej
d�Zeed<y)�ResourceWithURIzKACME Resource with URI.

    :ivar str uri: Location of the resource.

    �uriN)	rGrVrWrXrErmr�r\r]rfr3r1r�r�s���
�t�z�z�%� �C�� r3r�c��eZdZdZy)r�zACME Resource Body.N�rGrVrWrXrfr3r1r�r�&s��r3r�c�\�eZdZdZe	d
dejdedededede	ee
ffd��Zy	)�ExternalAccountBindingzACME External Account Binding�account_public_key�kid�hmac_key�	directory�hmac_algr+c�t�tj|j��j�}tj
j
|�}|d}tjjtjjtjjd�}	|	j|�}
|
�1dj|	j��}td|�d|�d���tj j#|tj$j'|��|
d||�}|j�S)	zLCreate External Account Binding Resource from contact details, kid and hmac.�
newAccount)�HS256�HS384�HS512Nz, zInvalid value for hmac_alg: z. Expected one of: �.)�key)�json�dumpsrBr�rE�b64�	b64decode�jwar�r�r�r�r��keysr�r�JWS�sign�jwk�JWKOct)
rIr�r�r�r�r��key_json�decoded_hmac_key�url�hmac_alg_map�alg�	supported�eabs
             r1�	from_dataz ExternalAccountBinding.from_data-s��
�:�:�0�@�@�B�C�J�J�L���8�8�-�-�h�7����%���X�X�^�^��X�X�^�^��X�X�^�^�
��
���x�(���;��	�	�,�"3�"3�"5�6�I��;�H�:�F1�1:��1�>�?�
?��g�g�l�l�8�T�X�X�_�_�9I�_�%J�����%���"�"�$�$r3N)r�)rGrVrWrXr^rE�JWKr\r�r[rrrfr3r1r�r�*sS��'��8?�%�4�8�8�%�#�%��%�&�%�25�%�DH��c��N�%��%r3r��GenericRegistration�Registration)�boundc����eZdZUdZej
ddejj��Zeje	d<ej
ddd��Z
eedfe	d<ej
d	d�
�Z
ee	d	<ej
dd�
�Zee	d<ej
dd�
�Zee	d
<ej
dd�
�Zee	d<ej
dd�
�Zeeefe	d<dZdZe			d$deedeedeedeeeefdedefd��Zdeddf�fd�Zdedeedffd�Zdeeefdeeeffd�Zdeeeff�fd �Z deeeff�fd!�Z!e"deedffd"��Z#e"deedffd#��Z$�xZ%S)%rz�Registration Resource Body.

    :ivar jose.JWK key: Public key.
    :ivar tuple contact: Contact information following ACME spec,
        `tuple` of `str`.
    :ivar str agreement:

    r�T�rprk�contactrfro.�	agreementrs�status�termsOfServiceAgreed�terms_of_service_agreed�onlyReturnExisting�only_return_existing�externalAccountBinding�external_account_bindingztel:zmailto:NrI�phone�emailr�r+c�F�d|v}t|jdd��}|�|j|j|z�|�;|j	|jd�D�cgc]}|j|z��c}�|s|rt|�|d<|r||d<|di|��Scc}w)a
        Create registration resource from contact details.

        The `contact` keyword being passed to a Registration object is meaningful, so
        this function represents empty iterables in its kwargs by passing on an empty
        `tuple`.
        rrf�,r)r�r��append�phone_prefix�extend�split�email_prefixr)rIrrrr��contact_provided�details�mails        r1rzRegistration.from_dataes���%��.���v�z�z�)�R�0�1�����N�N�3�+�+�e�3�4����N�N����C�@P�Q��C�,�,�t�3�Q�R��&� %�g��F�9��#�1I�F�-�.��}�V�}���Rs� Bc�d��d|vr|d�tj|dd�t�|�di|��y)z;Note if the user provides a value for the `contact` member.rN�_add_contactTrf)r�r�r;r<)r>r�r?s  �r1r<zRegistration.__init__�s7������6�)�#4�#@����t�^�T�:�
���"�6�"r3�prefixc�@��t�fd�|jD��S)Nc3�\�K�|]#}|j��r|t��d���%y�wr:)�
startswithr�)rzrtr"s  �r1r|z/Registration._filter_contact.<locals>.<genexpr>�s2�����*�%+�� � ��(�
�3�v�;�<� �*�s�),)rr)r>r"s `r1�_filter_contactzRegistration._filter_contact�s!����*�/3�|�|�*�*�	*r3rCc�H�t|dd�r|jd�|d<|S)a�
        The `contact` member of Registration objects should not be required when
        de-serializing (as it would be if the Fields' `omitempty` flag were `False`), but
        it should be included in serializations if it was provided.

        :param jobj: Dictionary containing this Registrations' data
        :type jobj: dict

        :returns: Dictionary containing Registrations data to transmit to the server
        :rtype: dict
        r!Fr)�getattrr�r�s  r1�_add_contact_if_appropriatez(Registration._add_contact_if_appropriate�s'���4���/�"�k�k�)�4�D��O��r3c�B��t�|��}|j|�S)z2Modify josepy.JSONDeserializable.to_partial_json())r;rBr)�r>rCr?s  �r1rBzRegistration.to_partial_json�s!����w�&�(���/�/��5�5r3c�B��t�|��}|j|�S)z;Modify josepy.JSONObjectWithFields.fields_to_partial_json())r;�fields_to_partial_jsonr)r+s  �r1r-z#Registration.fields_to_partial_json�s!����w�-�/���/�/��5�5r3c�8�|j|j�S)z*All phones found in the ``contact`` field.)r&rrAs r1�phoneszRegistration.phones�����#�#�D�$5�$5�6�6r3c�8�|j|j�S)z*All emails found in the ``contact`` field.)r&rrAs r1�emailszRegistration.emails�r0r3)NNN)&rGrVrWrXrErmrrJr�r]rrr\rr
r�rr_rrr[rrrr^rQrrrr<r&r)rBr-r�r/r2rarbs@r1rrKs�����D�J�J�u��d�h�h�>P�>P�Q�C����Q� *�t�z�z�)�t�R�P�G�U�3��8�_�P��T�Z�Z��t�<�I�s�<��T�Z�Z��D�9�F�F�9�$.�D�J�J�/E�QU�$V��T�V�!+����,@�D�!Q��$�Q�/9�t�z�z�:R�DH�0J��d�3��8�n�J��L��L��IM�)-�GK��t�/�0���#���!�#���,4�T�#�s�(�^�,D�� ��%8����@#��#��#�*�c�*�e�C��H�o�*�
��S�#�X���4��S��>��"6��c�3�h��6�
6��S�#�X��6�
�7��c�3�h��7��7��7��c�3�h��7��7r3c��eZdZdZy)�NewRegistrationzNew registration.Nr�rfr3r1r4r4�s��r3r4c��eZdZdZy)�UpdateRegistrationzUpdate registration.Nr�rfr3r1r6r6�s��r3r6c��eZdZUdZej
dej��Zee	d<ej
dd��Z
ee	d<ej
dd��Zee	d<y)	�RegistrationResourcez�Registration Resource.

    :ivar acme.messages.Registration body:
    :ivar str new_authzr_uri: Deprecated. Do not use.
    :ivar str terms_of_service: URL for the CA TOS.

    r�rj�new_authzr_uriTrsr�N)
rGrVrWrXrErmrrJr�r]r9r\r�rfr3r1r8r8�sW���$����F�L�4J�4J�K�D�,�K�$�$�*�*�%5��F�N�C�F�&�D�J�J�'9�T�J��c�Jr3r8c����eZdZUdZdZejddd��Zee	d<ejde
jde�	�Z
e
e	d<ejd
d��Zej"e	d
<ejdejdd�	�Zee	d<d
eddf�fd�Zdedef�fd�Zdeeeff�fd�Zedeeefdeeeff�fd��Zedefd��Zdedefd�Zdeef�fd�Z dedefd�Z!�xZ"S)�
ChallengeBodya>Challenge Resource Body.

    .. todo::
       Confusingly, this has a similar name to `.challenges.Challenge`,
       as well as `.achallenges.AnnotatedChallenge`. Please use names
       such as ``challb`` to distinguish instances of this class from
       ``achall``.

    :ivar acme.challenges.Challenge: Wrapped challenge.
        Conveniently, all challenge fields are proxied, i.e. you can
        call ``challb.x`` to get ``challb.chall.x`` contents.
    :ivar acme.messages.Status status:
    :ivar datetime.datetime validated:
    :ivar messages.Error error:

    )�challr�TNro�_urlr
)rkrprq�	validatedrsr�r�r+c���|j�D��cic]\}}|j|�|��}}}t�|�di|��ycc}}wr�r�r�s    �r1r<zChallengeBody.__init__�sF���8>����G���1�$�%�%�a�(�!�+�G��G�
���"�6�"��Hr�r7c�@��t�|�|j|��Sr:)r;r�r�r=s  �r1r�zChallengeBody.encode�s����w�~�d�1�1�$�7�8�8r3c�v��t�|��}|j|jj��|Sr:)r;rB�updater<r+s  �r1rBzChallengeBody.to_partial_json�s.����w�&�(�����D�J�J�.�.�0�1��r3rCc�j��t�|�|�}tjj	|�|d<|S)Nr<)r;�fields_from_jsonr�	ChallengerJ)rIrC�jobj_fieldsr?s   �r1rDzChallengeBody.fields_from_json�s3����g�.�t�4��)�3�3�=�=�d�C��G���r3c��|jS)zThe URL of this challenge.)r=rAs r1r�zChallengeBody.uri�s���y�y�r3c�.�t|j|�Sr:)r(r<r�s  r1r�zChallengeBody.__getattr__s���t�z�z�4�(�(r3c#�J�K�t�|��D]
}|dk(rdn|���y�w)Nr=r�r�r=s  �r1r�zChallengeBody.__iter__s.������G�$�&�	4�D��6�>�%�t�3�	4�s� #c��|dk(rdS|S)Nr�r=rfr�s  r1r�zChallengeBody._internal_name
s�����v�0�D�0r3)#rGrVrWrXrYrErmr=r\r]r�rJ�STATUS_PENDINGr
r
�rfc3339r>�datetimer.r�rr<r�r[rBr^rrDr�r�r�rr�r�rarbs@r1r;r;�sQ���� �I�
��
�
�5�D�$�?�D�#�?��T�Z�Z��&�2B�2B�"&��@�F�F�@�#1�6�>�>�+��#N�I�x� � �N��4�:�:�g�u���!%�t�5�E�5�5�#��#��#�9�3�9�3�9���c�3�h���
��G�C��H�$5��$�s�C�x�.����
��S����)��)��)�4�(�3�-�4�1�3�1�3�1r3r;c��eZdZUdZej
dej��Zee	d<ej
d�Z
ee	d<edefd��Z
y)�ChallengeResourcez�Challenge Resource.

    :ivar acme.messages.ChallengeBody body:
    :ivar str authzr_uri: URI found in the 'up' ``Link`` header.

    r�rj�
authzr_urir+c�.�|jjS)zThe URL of the challenge body.)r�r�rAs r1r�zChallengeResource.uris���y�y�}�}�r3N)rGrVrWrXrErmr;rJr�r]rPr\r�r�rfr3r1rOrOsT���%�$�*�*�V�]�5L�5L�M�D�-�M� �d�j�j��.�J��.�
��S���r3rOc��eZdZUdZej
dejd��Zee	d<ej
dd��Z
eee	d<ej
dde
j��Ze
e	d<ej d	d��Zej$e	d	<ej
d
d��Zee	d
<e
j*deeeefdeed
ffd��Z
y)�
Authorizationz�Authorization Resource Body.

    :ivar acme.messages.Identifier identifier:
    :ivar list challenges: `list` of `.ChallengeBody`
    :ivar acme.messages.Status status:
    :ivar datetime.datetime expires:

    ruTrvrrsr
r
�expires�wildcardrlr+.c�&�td�|D��S)Nc3�FK�|]}tj|����y�wr:)r;rJ)rzr<s  r1r|z+Authorization.challenges.<locals>.<genexpr>6s����G��]�,�,�U�3�G�r}r~r�s r1rzAuthorization.challenges4s���G��G�G�Gr3N)rGrVrWrXrErmrirJrur]rr�r;r�r
r
rLrTrMrUr_rkr[r\rrrfr3r1rSrSs����(�T�Z�Z��j�>R�>R�^b�c�J�
�c�&0�d�j�j���&N�J��]�#�N��T�Z�Z��D�&�BR�BR�S�F�F�S�
"0����	�T�!J�G�X�
�
�J��T�Z�Z�
�d�;�H�d�;����H�$�t�C��H�~�.�H�5���9K�3L�H��Hr3rSc��eZdZdZy)�NewAuthorizationzNew authorization.Nr�rfr3r1rYrY9s��r3rYc��eZdZdZy)�UpdateAuthorizationzUpdate authorization.Nr�rfr3r1r[r[=s��r3r[c��eZdZUdZej
dej��Zee	d<ej
dd��Z
ee	d<y)�AuthorizationResourcez~Authorization Resource.

    :ivar acme.messages.Authorization body:
    :ivar str new_cert_uri: Deprecated. Do not use.

    r�rj�new_cert_uriTrsN)rGrVrWrXrErmrSrJr�r]r^r\rfr3r1r]r]As=���%�$�*�*�V�]�5L�5L�M�D�-�M�"��
�
�>�T�B�L�#�Br3r]c��eZdZUdZej
dejej��Ze	jed<y)�CertificateRequestzlACME newOrder request.

    :ivar x509.CertificateSigningRequest csr: `x509.CertificateSigningRequest`

    �csr�rk�encoderN)rGrVrWrXrErm�
decode_csr�
encode_csrrar
�CertificateSigningRequestr]rfr3r1r`r`Ls7���
+5�$�*�*�
�t������+A�C��	'�	'�Ar3r`c�x�eZdZUdZej
d�Zeed<ej
d�Z	e
edfed<y)�CertificateResourcez�Certificate Resource.

    :ivar x509.Certificate body: `x509.Certificate`
    :ivar str cert_chain_uri: URI found in the 'up' ``Link`` header
    :ivar tuple authzrs: `tuple` of `AuthorizationResource`.

    �cert_chain_uri�authzrs.N)rGrVrWrXrErmrir\r]rjrr]rfr3r1rhrhVs?���%�$�*�*�%5�6�N�C�6�1;����I�1F�G�U�(�#�-�
.�Fr3rhc��eZdZUdZej
dejej��Ze	jed<ej
d�Ze
ed<y)�
RevocationzURevocation message.

    :ivar x509.Certificate certificate: `x509.Certificate`

    �certificaterb�reasonN)rGrVrWrXrErm�decode_cert�encode_certrmr
�Certificater]rnr`rfr3r1rlrlbsP���
%/�D�J�J��t�/�/��9I�9I�%K�K��!�!�K��$�*�*�X�&�F�C�&r3rlc�6�eZdZUdZej
dd��Zeed<ej
dd��Z	e
eed<ej
dejd��Zeed<ej
dd��Ze
eed<ej
d	d��Zeed	<ej
d
d��Zeed
<ej&dd��Zej*ed<ej
ddej�
�Zeed<e	j0de
eeefdeedffd��Z	y)�Ordera�Order Resource Body.

    :ivar profile: The profile to request.
    :vartype profile: str
    :ivar identifiers: List of identifiers for the certificate.
    :vartype identifiers: `list` of `.Identifier`
    :ivar acme.messages.Status status:
    :ivar authorizations: URLs of authorizations.
    :vartype authorizations: `list` of `str`
    :ivar str certificate: URL to download certificate as a fullchain PEM.
    :ivar str finalize: URL to POST to to request issuance once all
        authorizations have "valid" status.
    :ivar datetime.datetime expires: When the order expires.
    :ivar ~.Error error: Any error that occurred during finalization, if applicable.
    �profileTrs�identifiersr
rv�authorizationsrm�finalizerTr�r
rlr+.c�&�td�|D��S)Nc3�FK�|]}tj|����y�wr:)rirJ)rzrus  r1r|z$Order.identifiers.<locals>.<genexpr>�s����N�*�Z�)�)�*�5�N�r}r~r�s r1ruzOrder.identifiers�s���N��N�N�Nr3N)rGrVrWrXrErmrtr\r]rur�rir�rJr
rvrmrwr
rLrTrMr.r�rkr[rrrfr3r1rsrsms!��� �4�:�:�i�4�8�G�S�8�$.�D�J�J�}��$M�K��j�!�M��T�Z�Z��&�2B�2B�d�S�F�F�S� *��
�
�+;�t� L�N�D��I�L�!�t�z�z�-�4�@�K��@��D�J�J�z�T�:�H�c�:�!/����	�T�!J�G�X�
�
�J��4�:�:�g��u���O�E�5�O����O�4��S�#�X��/�O�E�*�c�/�4J�O��Or3rsc�x�eZdZUdZej
dej��Zee	d<ej
ddd�d���Z
ee	d<ej
d	�Ze
ee	d	<ej
d
d��Zee	d
<ej
dd��Ze
ee	d<ej$d
e
eeefdeedffd��Zy)�
OrderResourcea�Order Resource.

    :ivar acme.messages.Order body:
    :ivar bytes csr_pem: The CSR this Order will be finalized with.
    :ivar authorizations: Fully-fetched AuthorizationResource objects.
    :vartype authorizations: `list` of `acme.messages.AuthorizationResource`
    :ivar str fullchain_pem: The fetched contents of the certificate URL
        produced once the order was finalized, if it's present.
    :ivar alternative_fullchains_pem: The fetched contents of alternative certificate
        chain URLs produced once the order was finalized, if present and requested during
        finalization.
    :vartype alternative_fullchains_pem: `list` of `str`
    r�rj�csr_pemTc�$�|jd�S�Nzutf-8r�)�ss r1r�zOrderResource.<lambda>����!�(�(�7�2C�r3c�$�|jd�Sr~)r�)�bs r1r�zOrderResource.<lambda>�r�r3)rprkrcrv�
fullchain_pemrs�alternative_fullchains_pemrlr+.c�&�td�|D��S)Nc3�FK�|]}tj|����y�wr:)r]rJ)rz�authzs  r1r|z/OrderResource.authorizations.<locals>.<genexpr>�s����O��*�4�4�U�;�O�r}r~r�s r1rvzOrderResource.authorizations�s���O��O�O�Or3N)rGrVrWrXrErmrsrJr�r]r|�bytesrvr�r]r�r\r�rkr[rrrfr3r1r{r{�s�����$�*�*�V�U�_�_�=�D�%�=��T�Z�Z�	�T�)D�(C�	E�G�U�	E�3=�$�*�*�=M�2N�N�D�.�/�N�#����O�t�D�M�3�D�,6�D�J�J�7S�AE�-G���S�	�G�
���P�d�4��S��>�2�P�u�=R�TW�=W�7X�P��Pr3r{c��eZdZdZy)�NewOrderz
New order.Nr�rfr3r1r�r��s��r3r�c��eZdZUdZGd�dej
�Zejdej��Z	ee
d<y)�RenewalInfoznRenewal Info Resource Body.
    :ivar acme.messages.SuggestedWindow window: The suggested renewal window.
    c��eZdZUdZej
dd��Zejed<ej
dd��Z	ejed<y)�RenewalInfo.SuggestedWindowz�Suggested Renewal Window, sub-resource of Renewal Info Resource.
        :ivar datetime.datetime start: Beginning of suggested renewal window
        :ivar datetime.datetime end: End of suggested renewal window (inclusive)
        �startTrs�endN)
rGrVrWrXr
rLr�rMr]r�rfr3r1�SuggestedWindowr��sC��	�$2�6�>�>�'�T�#J��x� � �J�!/������!F��X�
�
�Fr3r��suggestedWindowrj�suggested_windowN)rGrVrWrXrEr�r�rmrJr�r]rfr3r1r�r��sC���G�$�3�3�G�)3��
�
�3D�;J�;T�;T�)V��o�Vr3r�)ErX�collections.abcrrMr��typingrrrrrr	�cryptographyr
�josepyrE�acmerrr
rrr0r�r�r��
BaseExceptionr_r2�JSONDeSerializabler5rd�IDENTIFIER_FQDN�
IDENTIFIER_IPr�rir.r��STATUS_UNKNOWNrK�STATUS_PROCESSING�STATUS_VALID�STATUS_INVALID�STATUS_REVOKED�STATUS_READY�STATUS_DEACTIVATEDr�r�r�r�r�rrr4r6r8r;rOrSrYr[r]r`rhrlrsr{r�r�)r7�descs00r1�<module>r�s����$������!����������,����Q�����
�B�	�
�C���T�
��X���_��
����T�����
�N��
�D�� �X�!�$�G�%�&�<�'�(�4�)�*�U�+�,d�A�@�J�?�\�?�F�M�=��B�0;�0A�0A�0C��",�$��L�4�������
�}����1��'�'��1�:.�Y�.�
!��'���t�$�
�%��*�*�%�T�D�%�%�v�|�|�T�n.�Y�.�
�	�"���	�"���<�(���g����	�"���	�"���g����M�*��5��'�'�5�p.�t�(�(�.�!�h�!��4�,�,��%�%�<�3�>�J��j7�<�j7�Z�l�����
K�?�
K�>1�L�>1�B
��
� H�L�H�6�}�� �-� �C�O�C�A��2�2�A�	G�/�	G�'��*�*�'�O�L�O�B#P�O�#P�L�u��
V�,�
V��s�4J0