HOME


Mini Shell 1.0
DIR: /usr/lib/python3/dist-packages/cryptography/x509/__pycache__/
Upload File :
Current File : //usr/lib/python3/dist-packages/cryptography/x509/__pycache__/ocsp.cpython-312.pyc
�

�3TffH��<�ddlmZddlZddlZddlZddlmZmZddlm	Z	ddl
mZmZddl
mZddlmZmZmZGd�d	ej&�ZGd
�dej&�Zej,ej.ej0ej2ej4fZdd�ZGd
�dej&�ZGd�d�ZGd�dej>��Z Gd�dej>��Z!Gd�dej>��Z"Gd�d�Z#Gd�d�Z$dd�Z%d d�Z&y)!�)�annotationsN)�utils�x509)�ocsp)�hashes�
serialization)� CertificateIssuerPrivateKeyTypes)�_EARLIEST_UTC_TIME�_convert_to_naive_utc_time�_reject_duplicate_extensionc��eZdZdZdZy)�OCSPResponderEncodingzBy HashzBy NameN)�__name__�
__module__�__qualname__�HASH�NAME���8/usr/lib/python3/dist-packages/cryptography/x509/ocsp.pyrrs���D��Drrc�$�eZdZdZdZdZdZdZdZy)�OCSPResponseStatusr�����N)	rrr�
SUCCESSFUL�MALFORMED_REQUEST�INTERNAL_ERROR�	TRY_LATER�SIG_REQUIRED�UNAUTHORIZEDrrrrrs!���J����N��I��L��Lrrc�:�t|t�std��y)Nz9Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512)�
isinstance�_ALLOWED_HASHES�
ValueError)�	algorithms r�_verify_algorithmr)/s!���i��1��G�
�	
�2rc��eZdZdZdZdZy)�OCSPCertStatusrrrN)rrr�GOOD�REVOKED�UNKNOWNrrrr+r+6s���D��G��Grr+c�4�eZdZ																dd�Zy)�_SingleResponsec	��t|tj�rt|tj�std��t	|�t|t
j
�std��|�%t|t
j
�std��||_||_||_||_	||_
t|t�std��|tjur|�td��|�vtd��t|t
j
�std��t|�}|tkrtd��|�%t|tj �std	��||_||_||_y)
N�%cert and issuer must be a Certificatez%this_update must be a datetime objectz-next_update must be a datetime object or Nonez8cert_status must be an item from the OCSPCertStatus enumzBrevocation_time can only be provided if the certificate is revokedzDrevocation_reason can only be provided if the certificate is revokedz)revocation_time must be a datetime objectz7The revocation_time must be on or after 1950 January 1.zCrevocation_reason must be an item from the ReasonFlags enum or None)r%r�Certificate�	TypeErrorr)�datetime�_cert�_issuer�
_algorithm�_this_update�_next_updater+r-r'rr
�ReasonFlags�_cert_status�_revocation_time�_revocation_reason)	�self�cert�issuerr(�cert_status�this_update�next_update�revocation_time�revocation_reasons	         r�__init__z_SingleResponse.__init__=s����$�� 0� 0�1���D�$�$�:
��C�D�D��)�$��+�x�'8�'8�9��C�D�D��"�:���*�*�,
��K�L�L���
����#���'���'����+�~�6��J��
��n�4�4�4��*� �!���!�,� �"���
�o�x�/@�/@�A�� K�L�L�8��I�O��!3�3� �'���
!�,�Z�!�4�#3�#3�6� �#���
(��� /���"3��rN)r@�x509.CertificaterArHr(�hashes.HashAlgorithmrBr+rC�datetime.datetimerD�"typing.Optional[datetime.datetime]rErKrF�!typing.Optional[x509.ReasonFlags])rrrrGrrrr0r0<s^��B4��B4�!�B4�(�	B4�
$�B4�'�
B4�8�B4�<�B4�=�B4rr0c�"�eZdZeej
dd���Zeej
dd���Zeej
d	d���Zeej
d
d���Z	ej
dd��Z
eej
dd���Zy)
�OCSPRequestc��y�z3
        The hash of the issuer public key
        Nr�r?s r�issuer_key_hashzOCSPRequest.issuer_key_hash���rc��y�z-
        The hash of the issuer name
        NrrQs r�issuer_name_hashzOCSPRequest.issuer_name_hash�rSrc��y�zK
        The hash algorithm used in the issuer name and key hashes
        NrrQs r�hash_algorithmzOCSPRequest.hash_algorithm�rSrc��y�zM
        The serial number of the cert whose status is being checked
        NrrQs r�
serial_numberzOCSPRequest.serial_number�rSrc��y)z/
        Serializes the request to DER
        Nr�r?�encodings  r�public_byteszOCSPRequest.public_bytes�rSrc��y)zP
        The list of request extensions. Not single request extensions.
        NrrQs r�
extensionszOCSPRequest.extensions�rSrN��return�bytes�rdrI�rd�int�r_zserialization.Encodingrdre�rdzx509.Extensions)rrr�property�abc�abstractmethodrRrVrYr\r`rbrrrrNrN�s���
��������
��������
��������
��������
	������
�������rrN)�	metaclassc��eZdZeej
dd���Zeej
dd���Zeej
d
d���Zeej
dd���Z	eej
dd���Z
eej
dd���Zeej
dd���Zeej
dd���Z
eej
dd	���Zy
)�OCSPSingleResponsec��y�zY
        The status of the certificate (an element from the OCSPCertStatus enum)
        NrrQs r�certificate_statusz%OCSPSingleResponse.certificate_status�rSrc��y�z^
        The date of when the certificate was revoked or None if not
        revoked.
        NrrQs rrEz"OCSPSingleResponse.revocation_time�rSrc��y�zi
        The reason the certificate was revoked or None if not specified or
        not revoked.
        NrrQs rrFz$OCSPSingleResponse.revocation_reason�rSrc��y�z�
        The most recent time at which the status being indicated is known by
        the responder to have been correct
        NrrQs rrCzOCSPSingleResponse.this_update�rSrc��y�zC
        The time when newer information will be available
        NrrQs rrDzOCSPSingleResponse.next_update�rSrc��yrPrrQs rrRz"OCSPSingleResponse.issuer_key_hash�rSrc��yrUrrQs rrVz#OCSPSingleResponse.issuer_name_hash�rSrc��yrXrrQs rrYz!OCSPSingleResponse.hash_algorithm�rSrc��yr[rrQs rr\z OCSPSingleResponse.serial_number�rSrN�rdr+�rdrK�rdrL�rdrJrcrfrg)rrrrkrlrmrsrErFrCrDrRrVrYr\rrrrprp�s2��
��������
��������������������������������
��������
��������
��������
�������rrpc�&�eZdZeej
dd���Zeej
dd���Zeej
dd���Zeej
		dd���Z	eej
dd���Z
eej
dd���Zeej
dd���Zeej
dd���Z
eej
dd	���Zeej
d d
���Zeej
d!d���Zeej
d"d���Zeej
d#d
���Zeej
d d���Zeej
d"d���Zeej
dd���Zeej
dd���Zeej
d$d���Zeej
d%d���Zeej
d&d���Zeej
d&d���Zej
d'd��Zy)(�OCSPResponsec��y)z_
        An iterator over the individual SINGLERESP structures in the
        response
        NrrQs r�	responseszOCSPResponse.responses�rSrc��y)zm
        The status of the response. This is a value from the OCSPResponseStatus
        enumeration
        NrrQs r�response_statuszOCSPResponse.response_status�rSrc��y)zA
        The ObjectIdentifier of the signature algorithm
        NrrQs r�signature_algorithm_oidz$OCSPResponse.signature_algorithm_oidrSrc��y)zX
        Returns a HashAlgorithm corresponding to the type of the digest signed
        NrrQs r�signature_hash_algorithmz%OCSPResponse.signature_hash_algorithm	rSrc��y)z%
        The signature bytes
        NrrQs r�	signaturezOCSPResponse.signaturerSrc��y)z+
        The tbsResponseData bytes
        NrrQs r�tbs_response_byteszOCSPResponse.tbs_response_bytesrSrc��y)z�
        A list of certificates used to help build a chain to verify the OCSP
        response. This situation occurs when the OCSP responder uses a delegate
        certificate.
        NrrQs r�certificateszOCSPResponse.certificates rSrc��y)z2
        The responder's key hash or None
        NrrQs r�responder_key_hashzOCSPResponse.responder_key_hash)rSrc��y)z.
        The responder's Name or None
        NrrQs r�responder_namezOCSPResponse.responder_name0rSrc��y)z4
        The time the response was produced
        NrrQs r�produced_atzOCSPResponse.produced_at7rSrc��yrrrrQs rrszOCSPResponse.certificate_status>rSrc��yrurrQs rrEzOCSPResponse.revocation_timeErSrc��yrwrrQs rrFzOCSPResponse.revocation_reasonMrSrc��yryrrQs rrCzOCSPResponse.this_updateUrSrc��yr{rrQs rrDzOCSPResponse.next_update]rSrc��yrPrrQs rrRzOCSPResponse.issuer_key_hashdrSrc��yrUrrQs rrVzOCSPResponse.issuer_name_hashkrSrc��yrXrrQs rrYzOCSPResponse.hash_algorithmrrSrc��yr[rrQs rr\zOCSPResponse.serial_numberyrSrc��y)zR
        The list of response extensions. Not single response extensions.
        NrrQs rrbzOCSPResponse.extensions�rSrc��y)zR
        The list of single response extensions. Not response extensions.
        NrrQs r�single_extensionszOCSPResponse.single_extensions�rSrc��y)z0
        Serializes the response to DER
        Nrr^s  rr`zOCSPResponse.public_bytes�rSrN)rdz#typing.Iterator[OCSPSingleResponse])rdr)rdzx509.ObjectIdentifier)rd�%typing.Optional[hashes.HashAlgorithm]rc)rdztyping.List[x509.Certificate])rdztyping.Optional[bytes])rdztyping.Optional[x509.Name]r�r�r�r�rfrgrjri)rrrrkrlrmr�r�r�r�r�r�r�r�r�r�rsrErFrCrDrRrVrYr\rbr�r`rrrr�r��s���
������������������������
�����	.�������������
��������
����������������
��������
��������
��������
��������������������������������
��������
��������
��������
��������
��������
��������
	�����rr�c�z�eZdZddgf							dd�Z								dd�Z										d	d�Z						d
d�Zdd�Zy)�OCSPRequestBuilderNc�.�||_||_||_y�N)�_request�
_request_hash�_extensions)r?�request�request_hashrbs    rrGzOCSPRequestBuilder.__init__�s�� ��
�)���%��rc�$�|j�|j�td��t|�t	|t
j�rt	|t
j�std��t|||f|j|j�S)N�.Only one certificate can be added to a requestr2)
r�r�r'r)r%rr3r4r�r�)r?r@rAr(s    r�add_certificatez"OCSPRequestBuilder.add_certificate�s����=�=�$��(:�(:�(F��M�N�N��)�$��$�� 0� 0�1���D�$�$�:
��C�D�D�!�
�6�9�%�t�'9�'9�4�;K�;K�
�	
rc��|j�|j�td��t|t�std��t
|�tjd|�tjd|�|jt|�k7s|jt|�k7rtd��t|j||||f|j�S)Nr�z serial_number must be an integerrVrRz`issuer_name_hash and issuer_key_hash must be the same length as the digest size of the algorithm)
r�r�r'r%rhr4r)r�_check_bytes�digest_size�lenr�r�)r?rVrRr\r(s     r�add_certificate_by_hashz*OCSPRequestBuilder.add_certificate_by_hash�s����=�=�$��(:�(:�(F��M�N�N��-��-��>�?�?��)�$�
���-�/?�@�
���,�o�>�� � �C��%
�
�
�
"�
"�c�/�&:�
:��6��
�
"��M�M�
��
�y�I����
�	
rc��t|tj�std��tj|j
||�}t
||j�t|j|j|j|gz�S�Nz"extension must be an ExtensionType)r%r�
ExtensionTyper4�	Extension�oidrr�r�r�r��r?�extval�critical�	extensions    r�
add_extensionz OCSPRequestBuilder.add_extension�sq���&�$�"4�"4�5��@�A�A��N�N�6�:�:�x��@�	�#�I�t�/?�/?�@�!��M�M�4�-�-�t�/?�/?�9�+�/M�
�	
rc�r�|j�|j�td��tj|�S)Nz*You must add a certificate before building)r�r�r'r�create_ocsp_requestrQs r�buildzOCSPRequestBuilder.build�s4���=�=� �T�%7�%7�%?��I�J�J��'�'��-�-r)r�zWtyping.Optional[typing.Tuple[x509.Certificate, x509.Certificate, hashes.HashAlgorithm]]r�zFtyping.Optional[typing.Tuple[bytes, bytes, int, hashes.HashAlgorithm]]rb�/typing.List[x509.Extension[x509.ExtensionType]]rd�None)r@rHrArHr(rIrdr�)
rVrerRrer\rhr(rIrdr�)r��x509.ExtensionTyper��boolrdr�)rdrN)rrrrGr�r�r�r�rrrr�r��s���
�
�FH�&�
�&�
�&�D�&�
�&� 
��
�!�
�(�	
�

�
�&
��
��
��	
�
(�
�
�

�<
�(�
�48�
�	�
�.rr�c��eZdZdddgf							d	d�Z																		d
d�Z						dd�Z				dd�Z						d
d�Z						dd�Ze					dd��Z
y)�OCSPResponseBuilderNc�<�||_||_||_||_yr�)�	_response�
_responder_id�_certsr�)r?�response�responder_id�certsrbs     rrGzOCSPResponseBuilder.__init__�s"��"���)������%��rc	
��|j�td��t||||||||�}	t|	|j|j
|j�S)Nz#Only one response per OCSPResponse.)r�r'r0r�r�r�r�)
r?r@rAr(rBrCrDrErF�
singleresps
          r�add_responsez OCSPResponseBuilder.add_response�sg���>�>�%��B�C�C�$���������	
�
�#������K�K����	
�	
rc��|j�td��t|tj�std��t|t�std��t|j||f|j|j�S)Nz!responder_id can only be set oncez$responder_cert must be a Certificatez6encoding must be an element from OCSPResponderEncoding)r�r'r%rr3r4rr�r�r�r�)r?r_�responder_certs   rr�z OCSPResponseBuilder.responder_ids������)��@�A�A��.�$�*:�*:�;��B�C�C��(�$9�:��H��
�#��N�N�
�X�&��K�K����	
�	
rc�
�|j�td��t|�}t|�dk(rtd��t	d�|D��std��t
|j|j||j�S)Nz!certificates may only be set oncerzcerts must not be an empty listc3�PK�|]}t|tj���� y�wr�)r%rr3)�.0�xs  r�	<genexpr>z3OCSPResponseBuilder.certificates.<locals>.<genexpr>4s����B�q�:�a��!1�!1�2�B�s�$&z$certs must be a list of Certificates)
r�r'�listr��allr4r�r�r�r�)r?r�s  rr�z OCSPResponseBuilder.certificates,s}���;�;�"��@�A�A��U����u�:��?��>�?�?��B�E�B�B��B�C�C�"��N�N��������	
�	
rc�.�t|tj�std��tj|j
||�}t
||j�t|j|j|j|j|gz�Sr�)r%rr�r4r�r�rr�r�r�r�r�r�s    rr�z!OCSPResponseBuilder.add_extension=sz���&�$�"4�"4�5��@�A�A��N�N�6�:�:�x��@�	�#�I�t�/?�/?�@�"��N�N�����K�K����	�{�*�	
�	
rc��|j�td��|j�td��tjt
j|||�S)Nz&You must add a response before signingz*You must add a responder_id before signing)r�r'r�r�create_ocsp_responserr)r?�private_keyr(s   r�signzOCSPResponseBuilder.signMsT��
�>�>�!��E�F�F����%��I�J�J��(�(��)�)�4��i�
�	
rc��t|t�std��|tjurt	d��tj|ddd�S)Nz7response_status must be an item from OCSPResponseStatusz$response_status cannot be SUCCESSFUL)r%rr4rr'rr�)�clsr�s  r�build_unsuccessfulz&OCSPResponseBuilder.build_unsuccessful[sS���/�+=�>��I��
��0�;�;�;��C�D�D��(�(��$��d�K�Kr)r�z typing.Optional[_SingleResponse]r�zFtyping.Optional[typing.Tuple[x509.Certificate, OCSPResponderEncoding]]r�z.typing.Optional[typing.List[x509.Certificate]]rbr�)r@rHrArHr(rIrBr+rCrJrDrKrErKrFrLrdr�)r_rr�rHrdr�)r�z!typing.Iterable[x509.Certificate]rdr�)r�r�r�r�rdr�)r�r	r(r�rdr�)r�rrdr�)rrrrGr�r�r�r�r��classmethodr�rrrr�r��s3��6:�
�@D�FH�&�2�&�
�&�>�
&�D�&�
��
�!�
�(�	
�
$�
�'�

�8�
�<�
�=�
�
�
�>
�-�
�?O�
�	�
�&
�6�
�	�
�"
�(�
�48�
�	�
� 
�5�
�9�
�
�	
��
L�0�
L�	�
L��
Lrr�c�,�tj|�Sr�)r�load_der_ocsp_request��datas rr�r�is���%�%�d�+�+rc�,�tj|�Sr�)r�load_der_ocsp_responser�s rr�r�ms���&�&�t�,�,r)r(rIrdr�)r�rerdrN)r�rerdr�)'�
__future__rrlr5�typing�cryptographyrr�"cryptography.hazmat.bindings._rustr�cryptography.hazmat.primitivesrr�/cryptography.hazmat.primitives.asymmetric.typesr	�cryptography.x509.baser
rr�Enumrr�SHA1�SHA224�SHA256�SHA384�SHA512r&r)r+r0�ABCMetarNrpr�r�r�r�r�rrr�<module>r�s���
#�
��
�$�3�@�����E�J�J��
������K�K�
�M�M�
�M�M�
�M�M�
�M�M���
��U�Z�Z��C4�C4�L(�C�K�K�(�VA�3�;�;�A�Ha�S�[�[�a�HS.�S.�l{L�{L�|,�-r