a ChG"@s0ddlmZGdddeZGdddeZdS))ConfigGeneratorc@s8eZdZdZhdZddddddd d d d d d d d Zd d dd d d d ddddddddddddd d ddZdddZdd d!d"dd#d$d%d&d'd d d d(d) Z d*d+d,d-d.d/d0d1d2d3d4d5d6d7 Z gd8Z d9d:d;dd?d@dAdBdCdDdEdFdGdHdIdJdKdLdMdNdOdPZ dQdRdSdTdUdVd dWZ d dXdYdZd[d\d]Zed^d_Zed`daZdbS)c JavaGeneratorjavaZsslZtlszjava-tlsMD2MD5SHA1ZSHA224ZSHA256ZSHA384ZSHA512ZSHA3_256ZSHA3_384ZSHA3_512) rrrzSHA2-224zSHA2-256zSHA2-384zSHA2-512zSHA3-256zSHA3-384zSHA3-512z SHAKE-128z SHAKE-256ZGOSTR94zChaCha20-Poly1305Z AES_256_CBCZ AES_128_CBCZ AES_256_GCMZ AES_128_GCMZ AES_256_CCMZ AES_128_CCMZRC4_128ZRC4_40ZRC2ZDES_CBCZ DES40_CBCZ 3DES_EDE_CBCz anon, NULL)z AES-256-CTRz AES-128-CTRzCHACHA20-POLY1305zCAMELLIA-256-GCMzCAMELLIA-128-GCMzCAMELLIA-256-CBCzCAMELLIA-128-CBCz AES-256-CBCz AES-128-CBCz AES-256-GCMz AES-128-GCMz AES-256-CCMz AES-128-CCMRC4-128zRC4-40zRC2-CBCzDES-CBCz DES40-CBC3DES-CBCzSEED-CBCzIDEA-CBCZNULL)r r , )Z RSA_EXPORTZDHE_DSS_EXPORTZDHE_RSA_EXPORTZ DH_DSS_EXPORTZ DH_RSA_EXPORTzDH_RSA, DH_DSSzDH_anon, ECDH_anon)ZTLS_RSA_WITH_AES_256_CBC_SHA256ZTLS_RSA_WITH_AES_256_CBC_SHAZTLS_RSA_WITH_AES_128_CBC_SHA256ZTLS_RSA_WITH_AES_128_CBC_SHAZTLS_RSA_WITH_AES_256_GCM_SHA384ZTLS_RSA_WITH_AES_128_GCM_SHA256ZDHE_RSAZDHE_DSSECDHEECDHZRSAPSK) ZEXPORTDHZANONRSAzDHE-RSAzDHE-DSSr rZPSKzDHE-PSKz ECDHE-PSKzRSA-PSKZx25519Z secp256r1Z secp384r1Z secp521r1Zx448Z ffdhe2048Z ffdhe3072Z ffdhe4096Z ffdhe6144Z ffdhe8192ZbrainpoolP256r1ZbrainpoolP384r1ZbrainpoolP512r1) ZX25519Z SECP256R1Z SECP384R1Z SECP521R1ZX448z FFDHE-2048z FFDHE-3072z FFDHE-4096z FFDHE-6144z FFDHE-8192zBRAINPOOL-P256R1zBRAINPOOL-P384R1zBRAINPOOL-P512R1),Z secp112r1Z secp112r2Z secp128r1Z secp128r2Z secp160k1Z secp160r1Z secp160r2Z secp192k1Z secp192r1Z secp224k1Z secp224r1Z secp256k1Z sect113r1Z sect113r2Z sect131r1Z sect131r2Z sect163k1Z sect163r1Z sect163r2Z sect193r1Z sect193r2Z sect233k1Z sect233r1Z sect239k1Z sect283k1Z sect283r1Z sect409k1Z sect409r1Z sect571k1Z sect571r1Z c2tnb191v1Z c2tnb191v2Z c2tnb191v3Z c2tnb239v1Z c2tnb239v2Z c2tnb239v3Z c2tnb359v1Z c2tnb431r1Z prime192v2Z prime192v3Z prime239v1Z prime239v2Z prime239v3ZbrainpoolP320r1Z MD5withRSAZ SHA1withRSAZ SHA1withDSAZ SHA1withECDSAZ SHA224withRSAZ SHA224withDSAZSHA224withECDSAZ SHA256withRSAZ SHA256withDSAZSHA256withECDSAZ SHA384withRSAZ SHA384withDSAZSHA384withECDSAZ SHA512withRSAZ SHA512withDSAZSHA512withECDSAZEd25519ZEd448ZSHA1withRSAandMGF1ZSHA224withRSAandMGF1ZSHA256withRSAandMGF1ZSHA384withRSAandMGF1ZSHA512withRSAandMGF1)zRSA-MD5zRSA-SHA1zDSA-SHA1z ECDSA-SHA1z RSA-SHA2-224z DSA-SHA2-224zECDSA-SHA2-224z RSA-SHA2-256z DSA-SHA2-256zECDSA-SHA2-256z RSA-SHA2-384z DSA-SHA2-384zECDSA-SHA2-384z RSA-SHA2-512z DSA-SHA2-512zECDSA-SHA2-512z EDDSA-ED25519z EDDSA-ED448z RSA-PSS-SHA1zRSA-PSS-SHA2-224zRSA-PSS-SHA2-256zRSA-PSS-SHA2-384zRSA-PSS-SHA2-512ZSSLv2ZSSLv3ZTLSv1zTLSv1.1zTLSv1.2zDTLSv1.0)zSSL2.0zSSL3.0zTLS1.0zTLS1.1zTLS1.2zDTLS1.0zDTLS1.2ZHmacMD5ZHmacSHA1Z HmacSHA256Z HmacSHA384Z HmacSHA512)ZAEADzHMAC-MD5z HMAC-SHA1z HMAC-SHA2-256z HMAC-SHA2-384z HMAC-SHA2-512c Cs|j}|j}d}gd}|dD],}z||j|Wq tyJYq 0q dd}||d|jd||d|jd ||d |jd ||d |jd dd|}|dD]0}z|||j||}WqtyYq0q|dd|7}||d|}|dD]4}z|||j||}WntyRYn0q"|dD]4}z|||j ||}WntyYn0q`|dD]4}z|||j ||}WntyYn0q|dD]4}z|||j ||}Wnty Yn0q|d7}d} |dD]4}z|| |j ||} WntyVYn0q&|j D]} || | |} qb|d| d7}d} |dD]4}z|| |j||} WntyYn0q|d| d7}|S)Nr )rZ MD5withDSAZMD5withECDSARIPEMD160withRSAZRIPEMD160withECDSAZRIPEMD160withRSAandMGF1signcSs|r|d|S|S)Nz keySize < )keywordsizerr:/usr/share/crypto-policies/python/policygenerators/java.pykeysizesz.JavaGenerator.generate_config..keysizerZ min_rsa_sizeZDSAZ min_dsa_sizer min_dh_sizeZECZ min_ec_sizez jdk.certpath.disabledAlgorithms=hashz jdk.tls.disabledAlgorithms=z include jdk.disabled.namedCurvesZprotocolZ key_exchangeZcipherZmac r groupzjdk.disabled.namedCurves=zjdk.tls.legacyAlgorithms=)enabledZdisabledappend sign_not_mapKeyErrorintegersjoin hash_not_mapprotocol_not_mapkey_exchange_not_mapcipher_not_map mac_not_map group_not_mapgroup_always_disabledcipher_legacy_map) clspolicypipsepZsharedircfgsgrrrgenerate_configsx                 zJavaGenerator.generate_configcCsdSNTrr)Zconfigrrr test_configszJavaGenerator.test_configN)__name__ __module__ __qualname__ CONFIG_NAMESCOPESr!r$r(r r#r&r'rr"r% classmethodr2r5rrrrr s   Trc@s6eZdZdZhdZejZeddZ eddZ dS)JavaSystemGeneratorZ javasystemrc Csv|j}d}d}|d|jdd7}d}|dD]0}z|||j||}Wq0ty^Yq00q0|d|d7}|S)Nr r zjdk.tls.ephemeralDHKeySize=rrrzjdk.tls.namedGroups=)rrr group_mapr)r)r*r+r-r/r0r.rrrr2 s  z#JavaSystemGenerator.generate_configcCsdSr3rr4rrrr5 szJavaSystemGenerator.test_configN) r6r7r8r9r:rr&r=r;r2r5rrrrr<s r<N)Zconfiggeneratorrrr<rrrrs