o "gIF@s`ddlZddlZddlZddlmZddlmZddlmZmZmZm Z m Z m Z m Z m Z mZmZddlmZmZmZmZmZmZmZmZmZmZddlmZmZddlmZeZeZ eZ!Gd d d eZ"ee"Z#ee#Z$Gd d d eZ%ee%Z&Gd ddeZ'GdddeZ(eree(Z)nee(Z)GdddeZ*GdddeZ+ee+Z,GdddeZ-ee-Z.GdddeZ/ee/Z0ee0Z1GdddeZ2GdddeZ3ee3Z4GdddeZ5ee5Z6Gdd d eZ7ee7Z8eeZ9dZ:d!Z;d"Zed$Z?d%Z@d&ZAd'ZBd(ZCd)ZDd*ZEd+ZFd,ZGd-ZHd.ZId/ZJd0ZKd#ZLd1ZMd0ZNd2ZOeBeCBeDBeEBeFBeGBeHBeIBeJBZPed3ZQed4ZRd5eSd6ed7ed8efd9d:ZTeQjUZUe8e9feU_VeTeU_WeQjXZXeee!ee feX_Ve eX_YeTeX_WeQjZZZe eeeee$feZ_VeeZ_YeQj[Z[eeefe[_Ve#e[_YeTe[_WeQj\Z\ee#ee e)ee e1fe\_Vee\_YeTe\_WeQj]Z]e e0e4e6fe]_Vee]_YeQj^Z^e efe^_Vee^_YeTe^_WeQj_Z_e0fe__VeQj`Z`e#fe`_VeQjaZaefea_VeRjbZbeeeeeee feb_Veeb_Y dMd;ejcdd?Zgd;ejcd@edBdAe dBe dCe)d=efdBdDehd8dfdEdFZid;ejcdGedeedAe dBe dCe)d=efdBdDehd8dfdHdIZjejkdJejcd8ejldfdKdLZmdS)NN)WinDLLWinError) POINTER Structurec_char_pc_ulongc_void_p c_wchar_pcastcreate_unicode_bufferpointersizeof) BOOLDWORDHANDLELONGLPCSTRLPCVOIDLPCWSTR LPFILETIMELPSTRLPWSTR) TYPE_CHECKINGAny)_set_ssl_context_verify_modec@s.eZdZdefdefdefdefdeffZdS) CERT_CONTEXTdwCertEncodingType pbCertEncoded cbCertEncoded pCertInfo hCertStoreN)__name__ __module__ __qualname__rr HCERTSTORE_fields_r(r(^/root/parts/websockify/install/lib/python3.10/site-packages/pip/_vendor/truststore/_windows.pyr'rc@s eZdZdefdeeffZdS)CERT_ENHKEY_USAGEcUsageIdentifierrgpszUsageIdentifierN)r#r$r%rrrr'r(r(r(r)r+5s r+c@seZdZdefdeffZdS)CERT_USAGE_MATCHdwTypeUsageN)r#r$r%rr+r'r(r(r(r)r.?r.c @sFeZdZdefdefdefdefdefdefdefdefd eff Zd S) CERT_CHAIN_PARAcbSizeRequestedUsageRequestedIssuancePolicydwUrlRetrievalTimeoutfCheckRevocationFreshnessTimedwRevocationFreshnessTimepftCacheResyncpStrongSignParadwStrongSignFlagsN) r#r$r%rr.rrr r'r(r(r(r)r2Fsr2c@seZdZdefdeffZdS)CERT_TRUST_STATUS dwErrorStatus dwInfoStatusN)r#r$r%rr'r(r(r(r)r<Zr1r<c@s:eZdZdefdefdefdefdefdefdeffZ dS) CERT_CHAIN_ELEMENTr3 pCertContext TrustStatuspRevocationInfopIssuanceUsagepApplicationUsagepwszExtendedErrorInfoN) r#r$r%r PCERT_CONTEXTr<r PCERT_ENHKEY_USAGErr'r(r(r(r)r?asr?c@s>eZdZdefdefdefdeefdefdefdeffZ dS) CERT_SIMPLE_CHAINr3rAcElement rgpElementpTrustListInfofHasRevocationFreshnessTimer8N) r#r$r%rr<rPCERT_CHAIN_ELEMENTr rr'r(r(r(r)rHps rHc @sDeZdZdefdefdefdeefdefdefdefdeffZ d S) CERT_CHAIN_CONTEXTr3rAcChainrgpChaincLowerQualityChainContextrgpLowerQualityChainContextrLr8N) r#r$r%rr<rPCERT_SIMPLE_CHAINr rr'r(r(r(r)rNs rNc@s(eZdZdefdefdefdeffZdS) SSL_EXTRA_CERT_CHAIN_POLICY_PARAr3 dwAuthType fdwCheckspwszServerNameN)r#r$r%rrr'r(r(r(r)rTs rTc@s"eZdZdefdefdeffZdS)CERT_CHAIN_POLICY_PARAr3dwFlagspvExtraPolicyParaN)r#r$r%rr r'r(r(r(r)rXs rXc@s.eZdZdefdefdefdefdeffZdS)CERT_CHAIN_POLICY_STATUSr3dwError lChainIndex lElementIndexpvExtraPolicyStatusN)r#r$r%rrr r'r(r(r(r)r[r*r[c@s^eZdZdefdefdefdefdefdefdefdefd efd efd efd efd eff ZdS)CERT_CHAIN_ENGINE_CONFIGr3hRestrictedRoothRestrictedTrusthRestrictedOthercAdditionalStorerghAdditionalStorerYr6MaximumCachedCertificatesCycleDetectionModulushExclusiveRoothExclusiveTrustedPeopledwExclusiveFlagsN)r#r$r%rr&r r'r(r(r(r)r`sr`isMemorys1.3.6.1.5.5.7.3.1ii @ iii@iiz crypt32.dllz kernel32.dllresult_argsreturncCs|st|SNr)rsrtrur(r(r)_handle_win_errorsrx ssl_context cert_chainserver_hostnamec Cs|stdd}ttdddd}z|ddD]}t|ttB|t|tdq|d}t ttB|t|}t }d|_ t dt |_t}||_t} || _t| | _t| } |jtj@rat} n |jtj@rjt} nd} z t|d||| || dWn5tjy} z(|jdd} | rz t|| ||| || dWn tjy| dwWYd} ~ nd} ~ wwWt|d|rt|dSdSt|d|rt|ww)z9Verify the cert_chain from the server using Windows APIs.z#Peer sent no certificates to verifyNrr) chain_flagsT) binary_form) sslSSLCertVerificationError CertOpenStoreCERT_STORE_PROV_MEMORY CertAddEncodedCertificateToStoreX509_ASN_ENCODINGPKCS_7_ASN_ENCODINGlenCERT_STORE_ADD_USE_EXISTINGCertCreateCertificateContextr+r,rOID_PKIX_KP_SERVER_AUTHr-r.r0r2r4rr3r verify_flagsVERIFY_CRL_CHECK_CHAIN!CERT_CHAIN_REVOCATION_CHECK_CHAINVERIFY_CRL_CHECK_LEAF$CERT_CHAIN_REVOCATION_CHECK_END_CERT_get_and_verify_cert_chain get_ca_certs_verify_using_custom_ca_certsCertCloseStoreCertFreeCertificateContext)ryrzr{r@hIntermediateCertStore cert_bytes leaf_certcert_enhkey_usagecert_usage_match chain_params pChainParar|ecustom_ca_certsr(r(r)_verify_peercerts_implCs              r hChainEnginerpPeerCertContextrr|c Csld}ztt}t||d|||d||j}t} t| | _t| _d| _ |j dur,t | _ |r3t || _ t} tt| t| _|jtjkrK| jtO_t| | _t| } t} t| | _t| } tt|| | | j}|rtd}tttBd|d|t|d}|dkrd|dd| jd}n|j !}t"|}||_#||_$|dW|rt%|jdSdS|rt%|jww)NrFizCertificate chain policy error z#xz [])&r PCERT_CHAIN_CONTEXTCertGetCertificateChaincontentsrTrr3AUTHTYPE_SERVERrUrVcheck_hostname$SECURITY_FLAG_IGNORE_CERT_CN_INVALIDr rWrXr r rZ verify_moder~ CERT_NONErY(CERT_CHAIN_POLICY_VERIFY_MODE_NONE_FLAGSr[ CertVerifyCertificateChainPolicyCERT_CHAIN_POLICY_SSLr\r FormatMessageWFORMAT_MESSAGE_FROM_SYSTEMFORMAT_MESSAGE_IGNORE_INSERTSr^valuestriprverify_message verify_codeCertFreeCertificateChain)ryrrrrr{r|ppChainContext pChainContext ssl_extra_cert_chain_policy_para chain_policy pPolicyPara policy_status pPolicyStatus error_codeerror_message_buferror_message_chars error_messageerrr(r(r)rs            rrc Csd}ttdddd}zF|D]} t|ttB| t| tdq t} t| | _ || _ t | } t t } t | | | j}t|||||||W|rJt|t|ddS|rWt|t|dw)Nr)rrrrrrrr`rr3rhr HCERTCHAINENGINE CertCreateCertificateChainEnginerrCertFreeCertificateChainEnginer) ryrrrrr{r|rhRootCertStorercert_chain_engine_configpConfig phChainEnginer(r(r)rsJ     rctxc csP|j}|j}d|_t|tjzdVW||_t||dS||_t||w)NF)rrrr~r)rrrr(r(r)_configure_context-s  rrw)n contextlibr~typingctypesrrrrrrr r r r r rctypes.wintypesrrrrrrrrrrrr_ssl_constantsrrr&HCRYPTPROV_LEGACYrrFPCCERT_CONTEXTr+rGr.r2PCERT_CHAIN_PARAr<r?rMrHrSrNrPCCERT_CHAIN_CONTEXTrTrXPCERT_CHAIN_POLICY_PARAr[PCERT_CHAIN_POLICY_STATUSr`PCERT_CHAIN_ENGINE_CONFIGPHCERTCHAINENGINErrrrUSAGE_MATCH_TYPE_ORrrr1CERT_CHAIN_POLICY_IGNORE_ALL_NOT_TIME_VALID_FLAGS7CERT_CHAIN_POLICY_IGNORE_INVALID_BASIC_CONSTRAINTS_FLAG'CERT_CHAIN_POLICY_ALLOW_UNKNOWN_CA_FLAG*CERT_CHAIN_POLICY_IGNORE_INVALID_NAME_FLAG)CERT_CHAIN_POLICY_IGNORE_WRONG_USAGE_FLAG,CERT_CHAIN_POLICY_IGNORE_INVALID_POLICY_FLAG.CERT_CHAIN_POLICY_IGNORE_ALL_REV_UNKNOWN_FLAGS%CERT_CHAIN_POLICY_ALLOW_TESTROOT_FLAG%CERT_CHAIN_POLICY_TRUST_TESTROOT_FLAGrrrrrrwincryptkernel32boolrxrargtypeserrcheckrrestyperrrrrrrrr SSLContextlistbytesstrrintrrcontextmanagerIteratorrr(r(r(r)sx  00               \ Z 4