ó
    Ë<iæA  ã                   óÄ  • S r SSKrSSKrSSKrSSKrSSKrSSKrSSKrSSK	rSSK
rSSKrSSKrSSKJrJrJr  SSKJr  SrSrSrSrS	rS
r\R2                  R4                  R7                  SSSSSS5      r\R2                  R4                  R9                  S5      r\R2                  R4                  R7                  SS5      r " S S\5      r " S S\ 5      r! " S S\!5      r"g)ag
  
Parsing for `Tor Ed25519 certificates
<https://gitweb.torproject.org/torspec.git/tree/cert-spec.txt>`_, which are
used to for a variety of purposes...

  * validating the key used to sign server descriptors
  * validating the key used to sign hidden service v3 descriptors
  * signing and encrypting hidden service v3 indroductory points

.. versionadded:: 1.6.0

**Module Overview:**

::

  Ed25519Certificate - Ed25519 signing key certificate
    | +- Ed25519CertificateV1 - version 1 Ed25519 certificate
    |      |- is_expired - checks if certificate is presently expired
    |      |- signing_key - certificate signing key
    |      +- validate - validates a descriptor's signature
    |
    |- from_base64 - decodes a base64 encoded certificate
    |- to_base64 - base64 encoding of this certificate
    |
    |- unpack - decodes a byte encoded certificate
    +- pack - byte encoding of this certificate

  Ed25519Extension - extension included within an Ed25519Certificate

.. data:: CertType (enum)

  Purpose of Ed25519 certificate. For more information see...

    * `cert-spec.txt <https://gitweb.torproject.org/torspec.git/tree/cert-spec.txt>`_ section A.1
    * `rend-spec-v3.txt <https://gitweb.torproject.org/torspec.git/tree/rend-spec-v3.txt>`_ appendix E

  .. deprecated:: 1.8.0
     Replaced with :data:`stem.client.datatype.CertType`

  ========================  ===========
  CertType                  Description
  ========================  ===========
  **SIGNING**               signing key with an identity key
  **LINK_CERT**             TLS link certificate signed with ed25519 signing key
  **AUTH**                  authentication key signed with ed25519 signing key
  **HS_V3_DESC_SIGNING**    hidden service v3 short-term descriptor signing key
  **HS_V3_INTRO_AUTH**      hidden service v3 introductory point authentication key
  **HS_V3_INTRO_ENCRYPT**   hidden service v3 introductory point encryption key
  ========================  ===========

.. data:: ExtensionType (enum)

  Recognized exception types.

  ====================  ===========
  ExtensionType         Description
  ====================  ===========
  **HAS_SIGNING_KEY**   includes key used to sign the certificate
  ====================  ===========

.. data:: ExtensionFlag (enum)

  Flags that can be assigned to Ed25519 certificate extensions.

  ======================  ===========
  ExtensionFlag           Description
  ======================  ===========
  **AFFECTS_VALIDATION**  extension affects whether the certificate is valid
  **UNKNOWN**             extension includes flags not yet recognized by stem
  ======================  ===========
é    N)ÚFieldÚSizeÚsplit)ÚCertTypeé    é(   é@   s"   Tor router descriptor signature v1s#   Tor onion service descriptor sig v3é6   ÚSIGNINGÚ	LINK_CERTÚAUTHÚHS_V3_DESC_SIGNINGÚHS_V3_INTRO_AUTHÚHS_V3_INTRO_ENCRYPT)ÚHAS_SIGNING_KEYé   ÚAFFECTS_VALIDATIONÚUNKNOWNc                   ó:   • \ rS rSrSrS rS r\S 5       rS r	Sr
g)	ÚEd25519Extensionév   a  
Extension within an Ed25519 certificate.

:var stem.descriptor.certificate.ExtensionType type: extension type
:var list flags: extension attribute flags
:var int flag_int: integer encoding of the extension attribute flags
:var bytes data: data the extension concerns
c                 óœ  • Xl         / U l        U(       a  UOSU l        X0l        U(       a7  US-  S:X  a.  U R                  R	                  [
        R                  5        US-  nU(       a)  U R                  R	                  [
        R                  5        U[        R                  :X  a'  [        U5      S:w  a  [        S[        U5      -  5      eg g )Nr   é   é   r   z?Ed25519 HAS_SIGNING_KEY extension must be 32 bytes, but was %i.)ÚtypeÚflagsÚflag_intÚdataÚappendÚExtensionFlagr   r   ÚExtensionTyper   ÚlenÚ
ValueError)ÚselfÚext_typeÚflag_valr   s       ÚU/home/james-whalen/.local/lib/python3.13/site-packages/stem/descriptor/certificate.pyÚ__init__ÚEd25519Extension.__init__€   s¡   € Ø„IØ€D„JÞ (‘H¨a€D„MØ„IæH˜q‘L AÓ%Ø
‡jj×Ñœ×8Ñ8Ô9Ø!m€hæØ
‡jj×Ñœ×-Ñ-Ô.à”=×0Ñ0Ó0´S¸³YÀ"³_ÜÐXÔ[^Ð_cÓ[dÑdÓeÐeð 6EÐ0ó    c                 ób  • [        5       nU[        R                  R                  [	        U R
                  5      5      -  nU[        R                  R                  U R                  5      -  nU[        R                  R                  U R                  5      -  nXR
                  -  n[        U5      $ ©N)
Ú	bytearrayr   ÚSHORTÚpackr"   r   ÚCHARr   r   Úbytes)r$   Úencodeds     r'   r/   ÚEd25519Extension.pack   st   € Ü‹k€GØŒtz‰z‰œs 4§9¡9›~Ó.Ñ.€GØŒty‰y~‰~˜dŸi™iÓ(Ñ(€GØŒty‰y~‰~˜dŸm™mÓ,Ñ,€GØy‰yÑ€GÜ‹>Ðr*   c                 ó‚  • [        U 5      S:  a  [        S5      e[        R                  R	                  U 5      u  p[        R
                  R	                  U 5      u  p [        R
                  R	                  U 5      u  p0[        X5      u  p@[        U5      U:w  a  [        SU[        U5      4-  5      e[        X#U5      U 4$ )Nr   z*Ed25519 extension is missing header fieldszTEd25519 extension is truncated. It should have %i bytes of data but there's only %i.)r"   r#   r   r.   Úpopr0   r   r   )ÚcontentÚ	data_sizer%   r   r   s        r'   r5   ÚEd25519Extension.pop˜   sµ   € ä
ˆ7ƒ|aÓÜÐCÓDÐDäŸ™Ÿ™¨Ó0Ñ€IÜŸ	™	Ÿ™ gÓ.Ñ€HÜ—Y‘Y—]‘] 7Ó+N€EÜ˜'Ó-M€Dä
ˆ4ƒyIÓÜÐmÐqzÔ|ð  AEó  }Fð  qGñ  Gó  Hð  Hä˜H¨TÓ2°GÐ;Ð;r*   c                 óD   • [         R                  R                  U SSSSS9$ )Nr   r   r   T)Úcache)ÚstemÚutilÚ
_hash_attr©r$   s    r'   Ú__hash__ÚEd25519Extension.__hash__§   s"   € Ü9‰9×Ñ  f¨j¸&È$ÐÐOÐOr*   )r   r   r   r   N)Ú__name__Ú
__module__Ú__qualname__Ú__firstlineno__Ú__doc__r(   r/   Ústaticmethodr5   r?   Ú__static_attributes__© r*   r'   r   r   v   s,   † ñòfò ð ñ<ó ð<õPr*   r   c                   ót   • \ rS rSrSrS r\S 5       r\S 5       rS r	SS jr
\S 5       rS	 r\S
 5       rSrg)ÚEd25519Certificateé«   z
Base class for an Ed25519 certificate.

:var int version: certificate format version
:var unicode encoded: base64 encoded ed25519 certificate
c                 ó   • Xl         S U l        g r,   )Úversionr2   )r$   rM   s     r'   r(   ÚEd25519Certificate.__init__³   s   € Ø„LØ€D…Lr*   c                 ó˜   • [         R                  R                  U 5      S   nUS:X  a  [        R	                  U 5      $ [        SU-  5      e)zõ
Parses a byte encoded ED25519 certificate.

:param bytes content: encoded certificate

:returns: :class:`~stem.descriptor.certificate.Ed25519Certificate` subclsss
  for the given certificate

:raises: **ValueError** if certificate is malformed
r   r   zLEd25519 certificate is version %i. Parser presently only supports version 1.)r   r0   r5   ÚEd25519CertificateV1Úunpackr#   )r6   rM   s     r'   rQ   ÚEd25519Certificate.unpack·   sE   € ô i‰im‰m˜GÓ$ QÑ'€Gà!ƒ|Ü!×(Ñ(¨Ó1Ð1äÐeÐhoÑoÓpÐpr*   c                 ó¬  • [         R                  R                  R                  U 5      n U R	                  S5      (       a  U R                  S5      (       a  U SS n  [        R                  " U 5      nU(       d  [        S5      e[        R                  U5      nXl        U$ ! [        [        R                  4 a  n[        SU< SU < 35      eSnAff = f)	zø
Parses a base64 encoded ED25519 certificate.

:param str content: base64 encoded certificate

:returns: :class:`~stem.descriptor.certificate.Ed25519Certificate` subclsss
  for the given certificate

:raises: **ValueError** if content is malformed
z-----BEGIN ED25519 CERT-----
z
-----END ED25519 CERT-----é   iåÿÿÿÚemptyz5Ed25519 certificate wasn't propoerly base64 encoded (z):
N)r;   r<   Ú	str_toolsÚ_to_unicodeÚ
startswithÚendswithÚbase64Ú	b64decodeÚ	TypeErrorrJ   rQ   r2   ÚbinasciiÚErrorr#   )r6   ÚdecodedÚinstanceÚexcs       r'   Úfrom_base64ÚEd25519Certificate.from_base64Ë   s¸   € ô i‰i×!Ñ!×-Ñ-¨gÓ6€Gà×ÑÐ:×;Ñ;À×@PÑ@PÐQo×@pÑ@pØ˜˜3€gð
iÜ× Ò  Ó)€gæÜ˜Ó Ð ä#×*Ñ*¨7Ó3€hØ ÔØ€oøÜ”x—~‘~Ð&ó iÝÓZ]Ò_fÐgÓhÐhûðiús   ÁAB! Â!CÂ;CÃCc                 óD   • [        S[        U 5      R                  -  5      e)zq
Encoded byte representation of our certificate.

:returns: **bytes** for our encoded certificate representation
z4Certificate encoding has not been implemented for %s)ÚNotImplementedErrorr   rA   r>   s    r'   r/   ÚEd25519Certificate.packé   s"   € ô ÐTÔW[Ð\`ÓWa×WjÑWjÑjÓ
kÐkr*   c                 ó"  • SR                  [        R                  R                  R	                  [
        R                  " U R                  5       5      S5      5      nU(       a  SU-  n[        R                  R                  R                  U5      $ )a  
Base64 encoded certificate data.

:param bool pem: include `PEM header/footer
  <https://en.wikipedia.org/wiki/Privacy-Enhanced_Mail>`_, for more
  information see `RFC 7468 <https://tools.ietf.org/html/rfc7468>`_

:returns: **unicode** for our encoded certificate representation
ó   
r	   s:   -----BEGIN ED25519 CERT-----
%s
-----END ED25519 CERT-----)	Újoinr;   r<   rV   Ú_split_by_lengthrZ   Ú	b64encoder/   rW   )r$   Úpemr2   s      r'   Ú	to_base64ÚEd25519Certificate.to_base64ò   sd   € ð j‰jœŸ™×,Ñ,×=Ñ=¼f×>NÒ>NÈtÏyÉyË{Ó>[Ð]_Ó`Óa€Gæ
ØOÐRYÑY€gä9‰9×Ñ×*Ñ*¨7Ó3Ð3r*   c                 ó   ^ ^• UU 4S jnU$ )Nc                 óœ   >• UT   S   u  p#nU(       a  US:w  a  [        ST< SU< 35      e[        U T[        R                  U5      5        g )Nr   zED25519 CERTÚ'z8' should be followed by a ED25519 CERT block, but was a )r#   ÚsetattrrJ   rb   )Ú
descriptorÚentriesÚvalueÚ
block_typeÚblock_contentsÚ	attributeÚkeywords        €€r'   Ú_parseÚ3Ed25519Certificate._from_descriptor.<locals>._parse  sK   ø€ Ø*1°'Ñ*:¸1Ñ*=Ñ'€e˜æ˜z¨^Ó;ÝÓ\cÒeoÐpÓqÐqäˆj˜)Ô%7×%CÑ%CÀNÓ%SÕTr*   rH   )ry   rx   rz   s   `` r'   Ú_from_descriptorÚ#Ed25519Certificate._from_descriptor  s   ù€ öUð €Mr*   c                 ó    • U R                  SS9$ )NT)rl   )rm   r>   s    r'   Ú__str__ÚEd25519Certificate.__str__  s   € Ø>‰> ˆ>Ð%Ð%r*   c                 ó,   • [         R                  U 5      $ r,   )rJ   rb   )r6   s    r'   ÚparseÚEd25519Certificate.parse  s   € ä×)Ñ)¨'Ó2Ð2r*   )r2   rM   N)F)rA   rB   rC   rD   rE   r(   rF   rQ   rb   r/   rm   r|   r   r‚   rG   rH   r*   r'   rJ   rJ   «   sp   † ñòð ñqó ðqð& ñió ðiò:lô4ð$ ñ	ó ð	ò&ð ñ3ó ó3r*   rJ   c                   ón   ^ • \ rS rSrSrSU 4S jjrS r\S 5       rS r	S r
S r\S	 5       rS
 rSrU =r$ )rP   i  a  
Version 1 Ed25519 certificate, which are used for signing tor server
descriptors.

:var stem.client.datatype.CertType type: certificate purpose
:var int type_int: integer value of the certificate purpose
:var datetime expiration: expiration of the certificate
:var int key_type: format of the key
:var bytes key: key content
:var list extensions: :class:`~stem.descriptor.certificate.Ed25519Extension` in this certificate
:var bytes signature: certificate signature

:param bytes signature: pre-calculated certificate signature
:param cryptography.hazmat.primitives.asymmetric.ed25519.Ed25519PrivateKey signing_key: certificate signing key
c                 ó  >• [         [        U ]  S5        Uc  [        S5      eUc  [        S5      e[        R
                  " U5      u  U l        U l        U(       a  UO6[        R                  R                  5       [        R                  " [        S9-   U l        U(       a  UOSU l        [        R                  R!                  U5      U l        U(       a  UO/ U l        X`l        U(       ad  UR)                  U R+                  5       5      nU R&                  (       a.  U R&                  U:w  a  [        SU< SU R&                  < S35      eX€l        U R                  [        R,                  [        R.                  [        R0                  4;   a  [        SU R                  -  5      eU R                  [        R2                  :X  a  [        S	5      eU R                  [        R4                  :X  a  [        S
U R                  -  5      eg )Nr   zCertificate type is requiredzCertificate key is required)Úhoursz#Signature calculated from its key (z) mismatches 'rq   zOEd25519 certificate cannot have a type of %i. This is reserved for CERTS cells.zcEd25519 certificate cannot have a type of 7. This is reserved for RSA identity cross-certification.z+Ed25519 certificate type %i is unrecognized)ÚsuperrP   r(   r#   ÚClientCertTypeÚgetr   Útype_intÚdatetimeÚutcnowÚ	timedeltaÚDEFAULT_EXPIRATION_HOURSÚ
expirationÚkey_typer;   r<   Ú_pubkey_bytesÚkeyÚ
extensionsÚ	signatureÚsignr/   ÚLINKÚIDENTITYÚAUTHENTICATEÚED25519_IDENTITYr   )
r$   Ú	cert_typer   r   r’   r“   r”   Úsigning_keyÚcalculated_sigÚ	__class__s
            €r'   r(   ÚEd25519CertificateV1.__init__)  sˆ  ø€ Ü	Ô
 Ñ.¨qÔ1àÑÜÐ5Ó6Ð6Ø	‰ÜÐ4Ó5Ð5ä-×1Ò1°)Ó<Ñ€D„IˆtŒ}Þ$.‘j´H×4EÑ4E×4LÑ4LÓ4NÔQY×QcÒQcô  mEñ  RFñ  5F€D„OÞ (‘H¨a€D„MÜy‰y×&Ñ& sÓ+€D„HÞ$.‘j°B€D„OØ„NæØ"×'Ñ'¨¯	©	«Ó4€nð 
˜DŸN™N¨nÓ<ÝÓUcÐei×esÔesÐtÓuÐuà%„nà‡yy”^×(Ñ(¬.×*AÑ*AÄ>×C^ÑC^Ð_Ó_ÜÐhÐko×kxÑkxÑxÓyÐyØ	‰”n×5Ñ5Ó	5ÜÐ|Ó}Ð}Ø	‰”n×,Ñ,Ó	,ÜÐDÀtÇ}Á}ÑTÓUÐUð 
-r*   c                 óì  • [        5       nU[        R                  R                  U R                  5      -  nU[        R                  R                  U R
                  5      -  nU[        R                  R                  [        [        R                  R                  U R                  5      S-  5      5      -  nU[        R                  R                  U R                  5      -  nXR                  -  nU[        R                  R                  [        U R                  5      5      -  nU R                   H  nXR                  5       -  nM     U R                   (       a  XR                   -  n[#        U5      $ )Né  )r-   r   r0   r/   rM   rŠ   ÚLONGÚintr;   r<   Údatetime_to_unixr   r   r’   r"   r“   r”   r1   )r$   r2   Ú	extensions      r'   r/   ÚEd25519CertificateV1.packI  s÷   € Ü‹k€GØŒty‰y~‰~˜dŸl™lÓ+Ñ+€GØŒty‰y~‰~˜dŸm™mÓ,Ñ,€GØŒty‰y~‰~œc¤$§)¡)×"<Ñ"<¸T¿_¹_Ó"MÐPTÑ"TÓUÓVÑV€GØŒty‰y~‰~˜dŸm™mÓ,Ñ,€GØx‰xÑ€GØŒty‰y~‰~œc $§/¡/Ó2Ó3Ñ3€Gà—_”_ˆ	Ø—‘Ó!Ñ!‚gñ %ð ‡~‡~Ø—‘Ñ€gä‹>Ðr*   c                 ó`  • [        U 5      [        [        -   :  a$  [        S[        U 5      [        [        -   4-  5      e[	        U [        U 5      [        -
  5      u  p[
        R                  R                  U5      u  p1[
        R                  R                  U5      u  pA[
        R                  R                  U5      u  pQ[
        R                  R                  U5      u  pa[	        U[        5      u  pq[
        R                  R                  U5      u  p‰US:w  a  [        SU-  5      e/ n
[        U5       H+  n[        R                  U	5      u  pÉU
R                  U5        M-     U	(       a  [        S[        U	5      -  5      e[        U[        R                  R                  US-  5      XgX¢5      $ )Nz;Ed25519 certificate was %i bytes, but should be at least %ir   z5Ed25519 v1 parser cannot read version %i certificatesz9Ed25519 certificate had %i bytes of unused extension datar    )r"   ÚED25519_HEADER_LENGTHÚED25519_SIGNATURE_LENGTHr#   r   r   r0   r5   r¡   ÚED25519_KEY_LENGTHÚranger   r   rP   r‹   Úutcfromtimestamp)r6   Úheaderr”   rM   rš   Úexpiration_hoursr   r’   Úextension_countÚextension_datar“   Úir¤   s                r'   rQ   ÚEd25519CertificateV1.unpackZ  s  € ä
ˆ7ƒ|Ô+Ô.FÑFÓFÜÐTÔX[Ð\cÓXdÔf{ô  Wñ  gWð  XXñ  Xó  Yð  Yä˜g¤s¨7£|Ô6NÑ'NÓOÑ€Fä—i‘i—m‘m FÓ+O€GÜŸ	™	Ÿ™ fÓ-Ñ€IÜ#Ÿy™yŸ}™}¨VÓ4ÑÐÜ—y‘y—}‘} VÓ,Ñ€HÜ˜Ô 2Ó3K€CÜ&*§i¡i§m¡m°FÓ&;Ñ#€Oà!ƒ|ÜÐNÐQXÑXÓYÐYà€Jä?Ö#ˆÜ"2×"6Ñ"6°~Ó"FÑ€iØ×Ñ˜	Ö"ñ $ö ÜÐRÔUXÐYgÓUhÑhÓiÐiä 	¬8×+<Ñ+<×+MÑ+MÐN^ÐaeÑNeÓ+fÐhpð  xBó  Nð  Nr*   c                 óX   • [         R                   R                  5       U R                  :„  $ )z
Checks if this certificate is presently expired or not.

:returns: **True** if the certificate has expired, **False** otherwise
)r‹   Únowr   r>   s    r'   Ú
is_expiredÚEd25519CertificateV1.is_expiredv  s"   € ô ×Ñ× Ñ Ó" T§_¡_Ñ4Ð4r*   c                 ó‚   • U R                    H/  nUR                  [        R                  :X  d  M#  UR                  s  $    g)z
Provides this certificate's signing key.

.. versionadded:: 1.8.0

:returns: **bytes** with the first signing key on the certificate, None if
  not present
N)r“   r   r!   r   r   )r$   r¤   s     r'   r›   Ú Ed25519CertificateV1.signing_key  s3   € ð —_”_ˆ	Ø	‰œ=×8Ñ8Õ	8Ø~‰~Òñ %ð r*   c                 ó’  • [         R                  R                  SS9(       d  [        S5      e[	        U[         R
                  R                  R                  5      (       a|  [        R                  " [        R                  U5      5      R                  5       n[         R                  R                  R                  UR                   5      nU R#                  U5        O[	        U[         R
                  R$                  R&                  5      (       aI  [        R                  U5      n[         R                  R                  R                  UR(                  5      nO![+        S[-        U5      R.                  -  5      eSSKJn  SSKJn   UR9                  U R:                  5      nUR=                  X25        g	! U a    [?        S5      ef = f)
a  
Validate our descriptor content matches its ed25519 signature. Supported
descriptor types include...

  * :class:`~stem.descriptor.server_descriptor.RelayDescriptor`
  * :class:`~stem.descriptor.hidden_service.HiddenServiceDescriptorV3`

:param stem.descriptor.__init__.Descriptor descriptor: descriptor to validate

:raises:
  * **ValueError** if signing key or descriptor are invalid
  * **TypeError** if descriptor type is unsupported
  * **ImportError** if cryptography module or ed25519 support unavailable
T)Úed25519zKCertificate validation requires the cryptography module and ed25519 supportzWCertificate validation only supported for server and hidden service descriptors, not %sr   ©ÚEd25519PublicKey©ÚInvalidSignaturezNDescriptor Ed25519 certificate signature invalid (signature forged or corrupt)N) r;   ÚprereqÚis_crypto_availableÚImportErrorÚ
isinstancers   Úserver_descriptorÚRelayDescriptorÚhashlibÚsha256rP   Ú_signed_contentÚdigestr<   rV   Ú_decode_b64Úed25519_signatureÚ!_validate_server_desc_signing_keyÚhidden_serviceÚHiddenServiceDescriptorV3r”   r\   r   rA   Ú1cryptography.hazmat.primitives.asymmetric.ed25519r»   Úcryptography.exceptionsr½   Úfrom_public_bytesr’   Úverifyr#   )r$   rs   Úsigned_contentr”   r»   r½   r’   s          r'   ÚvalidateÚEd25519CertificateV1.validate  s`  € ô  ;‰;×*Ñ*°TÐ*Ö:ÜÐeÓfÐfä*œdŸo™o×?Ñ?×OÑO×PÑPÜ—~’~Ô&:×&JÑ&JÈ:Ó&VÓW×^Ñ^Ó`€nÜ—)‘)×%Ñ%×1Ñ1°*×2NÑ2NÓO€ià
×,Ñ,¨ZÕ8Ü	J¤§¡× >Ñ >× XÑ X×	YÑ	YÜ+×;Ñ;¸JÓG€nÜ—)‘)×%Ñ%×1Ñ1°*×2FÑ2FÓGiäÐoÔrvð  xBó  sC÷  sLñ  sLñ  Ló  Mð  MåRÝ8ðiØ×.Ñ.¨t¯x©xÓ8€cØ	‡jjÕ+øØó iÜÐgÓhÐhðiús   Æ,F4 Æ4Gc                 óä  • [        U [        R                  R                  R                  5      (       a	  [
        nSnO][        U [        R                  R                  R                  5      (       a	  [        nSnO![        S[        U 5      R                  -  5      e[        R                  " X R                  5       [        R                  5      nU(       d  [        S5      eXR!                  S5      -   $ )zi
Provides this descriptor's signing constant, appended with the portion of
the descriptor that's signed.
s   (.+router-sig-ed25519 )s   (.+)signature zBUG: %s type unexpectedz+Malformed descriptor missing signature liner   )rÁ   r;   rs   rÂ   rÃ   ÚSIG_PREFIX_SERVER_DESCrË   rÌ   ÚSIG_PREFIX_HS_V3r#   r   rA   ÚreÚsearchÚ	get_bytesÚDOTALLÚgroup)rs   ÚprefixÚregexÚmatchs       r'   rÆ   Ú$Ed25519CertificateV1._signed_content¶  s«   € ô *œdŸo™o×?Ñ?×OÑO×PÑPÜ%€fØ(eÜ	J¤§¡× >Ñ >× XÑ X×	YÑ	YÜ€fØeäÐ0´4¸
Ó3C×3LÑ3LÑLÓMÐMäIŠIe×1Ñ1Ó3´R·Y±YÓ?€EæÜÐDÓEÐEà—K‘K “NÑ"Ð"r*   c                 ó8  • SSK Jn  SSKJn  UR                  (       aK  [
        R                  " [        R                  R                  R                  UR                  5      S-   5      nOU R                  5       nU(       d  [        S5      e UR                  U5      nUR                  U R                  [
        R                  " [        R                  R                  R                  U R                   5      5      S ["        *  5        g ! U a    [        S5      ef = f)Nr   rº   r¼   ó   =z0Server descriptor missing an ed25519 signing keyzJEd25519KeyCertificate signing key is invalid (signature forged or corrupt))rÍ   r»   rÎ   r½   Úed25519_master_keyrZ   r[   r;   r<   rV   Ú	_to_bytesr›   r#   rÏ   rÐ   r”   r2   r¨   )r$   rs   r»   r½   r›   r’   s         r'   rÊ   Ú6Ed25519CertificateV1._validate_server_desc_signing_keyÍ  s×   € ÝRÝ8à×$×$Ü×$Ò$¤T§Y¡Y×%8Ñ%8×%BÑ%BÀ:×C`ÑC`Ó%aÐdhÑ%hÓikà×$Ñ$Ó&€kæÜÐIÓJÐJðeØ×.Ñ.¨{Ó;€cØ	‡jj—‘¤×!1Ò!1´$·)±)×2EÑ2E×2OÑ2OÐPT×P\ÑP\Ó2]Ó!^Ð_yÔayÐ`yÐ!zÕ{øØó eÜÐcÓdÐdðeús   ÂA:D ÄD)r   r“   r’   r   r”   r   rŠ   )NNNNNNN)rA   rB   rC   rD   rE   r(   r/   rF   rQ   r´   r›   rÒ   rÆ   rÊ   rG   Ú__classcell__)r   s   @r'   rP   rP     s[   ø† ñ÷ Vò@ð" ñNó ðNò65òò %iðN ñ#ó ð#÷,eð er*   rP   )#rE   rZ   r]   r‹   rÄ   r×   Ústem.descriptor.hidden_servicer;   Ú!stem.descriptor.server_descriptorÚstem.prereqÚ	stem.utilÚstem.util.enumÚstem.util.str_toolsÚstem.client.datatyper   r   r   r   rˆ   r©   r§   r¨   rÕ   rÖ   rŽ   r<   ÚenumÚUppercaseEnumÚEnumr!   r    r   ÚobjectrJ   rP   rH   r*   r'   Ú<module>rñ      sí   ðñFóP Û Û Û Û 	ã %Û (Û Û Û Û ç 3Ñ 3õ
 <àÐ ØÐ ØÐ à>Ð Ø9Ð àÐ à9‰9>‰>×'Ñ'ØØØØØØó€ð —	‘	—‘×#Ñ#Ð$:Ó<€Ø—	‘	—‘×,Ñ,Ð-AÀ9ÓM€ô2Puô 2Pôjj3˜ô j3ôZEeÐ-õ Eer*   