%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /snap/core20/current/lib/python3/dist-packages/cryptography/x509/__pycache__/
Upload File :
Create Path :
Current File : //snap/core20/current/lib/python3/dist-packages/cryptography/x509/__pycache__/ocsp.cpython-38.pyc

U

�e�]�3�@s�ddlmZmZmZddlZddlZddlmZddlZddl	m
Z
ddlmZddl
mZmZddlmZmZmZe��e��e��e��e��d�ZGd	d
�d
e�ZGdd�de�Zed
d�eD��ZejejejejejfZdd�ZGdd�de�Z edd�e D��Z!dd�Z"dd�Z#Gdd�de$�Z%Gdd�de$�Z&Gdd�de$�Z'e�(ej)�Gdd�de$��Z*e�(ej)�Gd d!�d!e$��Z+dS)"�)�absolute_import�division�print_functionN)�Enum)�x509)�hashes)�ed25519�ed448)�_EARLIEST_UTC_TIME�_convert_to_naive_utc_time�_reject_duplicate_extension)z
1.3.14.3.2.26z2.16.840.1.101.3.4.2.4z2.16.840.1.101.3.4.2.1z2.16.840.1.101.3.4.2.2z2.16.840.1.101.3.4.2.3c@seZdZdZdZdS)�OCSPResponderEncodingzBy HashzBy NameN)�__name__�
__module__�__qualname__ZHASH�NAME�rr�8/usr/lib/python3/dist-packages/cryptography/x509/ocsp.pyr
sr
c@s$eZdZdZdZdZdZdZdZdS)�OCSPResponseStatusr�����N)	rrr�
SUCCESSFULZMALFORMED_REQUESTZINTERNAL_ERRORZ	TRY_LATERZSIG_REQUIREDZUNAUTHORIZEDrrrrr#srccs|]}|j|fVqdS�N��value��.0�xrrr�	<genexpr>,sr!cCst|t�std��dS)Nz9Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512)�
isinstance�_ALLOWED_HASHES�
ValueError)�	algorithmrrr�_verify_algorithm3s
�r&c@seZdZdZdZdZdS)�OCSPCertStatusrrrN)rrrZGOOD�REVOKEDZUNKNOWNrrrrr':sr'ccs|]}|j|fVqdSrrrrrrr!@scCsddlm}|�|�S�Nr��backend)�,cryptography.hazmat.backends.openssl.backendr+�load_der_ocsp_request��datar+rrrr-Csr-cCsddlm}|�|�Sr))r,r+�load_der_ocsp_responser.rrrr0Hsr0c@s2eZdZdgfdd�Zdd�Zdd�Zdd	�ZdS)
�OCSPRequestBuilderNcCs||_||_dSr)�_request�_extensions)�selfZrequest�
extensionsrrr�__init__NszOCSPRequestBuilder.__init__cCsL|jdk	rtd��t|�t|tj�r2t|tj�s:td��t|||f|j�S)Nz.Only one certificate can be added to a request�%cert and issuer must be a Certificate)	r2r$r&r"r�Certificate�	TypeErrorr1r3)r4�cert�issuerr%rrr�add_certificateRs

�
�z"OCSPRequestBuilder.add_certificatecCsDt|tj�std��t�|j||�}t||j�t|j	|j|g�S�Nz"extension must be an ExtensionType)
r"r�
ExtensionTyper9�	Extension�oidrr3r1r2�r4�	extensionZcriticalrrr�
add_extension_s
�z OCSPRequestBuilder.add_extensioncCs(ddlm}|jdkrtd��|�|�S)Nrr*z*You must add a certificate before building)r,r+r2r$Zcreate_ocsp_request)r4r+rrr�buildjs
zOCSPRequestBuilder.build)rrrr6r<rCrDrrrrr1Ms
r1c@seZdZdd�ZdS)�_SingleResponsec		Cst|tj�rt|tj�s td��t|�t|tj�s<td��|dk	rXt|tj�sXtd��||_||_||_||_	||_
t|t�s�td��|tjk	r�|dk	r�t
d��|dk	r�t
d��nHt|tj�s�td��t|�}|tkr�t
d��|dk	r�t|tj�s�td	��||_||_||_dS)
Nr7z%this_update must be a datetime objectz-next_update must be a datetime object or Nonez8cert_status must be an item from the OCSPCertStatus enumzBrevocation_time can only be provided if the certificate is revokedzDrevocation_reason can only be provided if the certificate is revokedz)revocation_time must be a datetime objectz7The revocation_time must be on or after 1950 January 1.zCrevocation_reason must be an item from the ReasonFlags enum or None)r"rr8r9r&�datetimeZ_certZ_issuerZ
_algorithmZ_this_updateZ_next_updater'r(r$rr
ZReasonFlagsZ_cert_statusZ_revocation_timeZ_revocation_reason)	r4r:r;r%�cert_status�this_update�next_update�revocation_time�revocation_reasonrrrr6ss\
�
��
�
�
���
��z_SingleResponse.__init__N)rrrr6rrrrrErsrEc@sReZdZdddgfdd�Zdd�Zdd�Zdd	�Zd
d�Zdd
�Ze	dd��Z
dS)�OCSPResponseBuilderNcCs||_||_||_||_dSr)�	_response�
_responder_id�_certsr3)r4Zresponse�responder_id�certsr5rrrr6�szOCSPResponseBuilder.__init__c	
	Cs<|jdk	rtd��t||||||||�}	t|	|j|j|j�S)Nz#Only one response per OCSPResponse.)rMr$rErLrNrOr3)
r4r:r;r%rGrHrIrJrKZ
singleresprrr�add_response�s$
��z OCSPResponseBuilder.add_responsecCsP|jdk	rtd��t|tj�s&td��t|t�s8td��t|j||f|j	|j
�S)Nz!responder_id can only be set oncez$responder_cert must be a Certificatez6encoding must be an element from OCSPResponderEncoding)rNr$r"rr8r9r
rLrMrOr3)r4�encodingZresponder_certrrrrP�s

��z OCSPResponseBuilder.responder_idcCs\|jdk	rtd��t|�}t|�dkr.td��tdd�|D��sHtd��t|j|j||j	�S)Nz!certificates may only be set oncerzcerts must not be an empty listcss|]}t|tj�VqdSr)r"rr8rrrrr!�sz3OCSPResponseBuilder.certificates.<locals>.<genexpr>z$certs must be a list of Certificates)
rOr$�list�len�allr9rLrMrNr3)r4rQrrr�certificates�s
�z OCSPResponseBuilder.certificatescCsLt|tj�std��t�|j||�}t||j�t|j	|j
|j|j|g�Sr=)r"rr>r9r?r@rr3rLrMrNrOrArrrrC�s
�z!OCSPResponseBuilder.add_extensioncCszddlm}|jdkrtd��|jdkr0td��t|tjtj	f�rT|dk	rhtd��nt|t
j�shtd��|�
tj|||�S)Nrr*z&You must add a response before signingz*You must add a responder_id before signingz8algorithm must be None when signing via ed25519 or ed448z.Algorithm must be a registered hash algorithm.)r,r+rMr$rNr"rZEd25519PrivateKeyr	ZEd448PrivateKeyrZ
HashAlgorithmr9�create_ocsp_responserr)r4Zprivate_keyr%r+rrr�sign�s(


���zOCSPResponseBuilder.signcCs@ddlm}t|t�std��|tjkr0td��|�|ddd�S)Nrr*z7response_status must be an item from OCSPResponseStatusz$response_status cannot be SUCCESSFUL)r,r+r"rr9rr$rX)�cls�response_statusr+rrr�build_unsuccessfuls
�
z&OCSPResponseBuilder.build_unsuccessful)rrrr6rRrPrWrCrY�classmethodr\rrrrrL�s�

rLc@s`eZdZejdd��Zejdd��Zejdd��Zejdd��Zej	d	d
��Z
ejdd��Zd
S)�OCSPRequestcCsdS�z3
        The hash of the issuer public key
        Nr�r4rrr�issuer_key_hashszOCSPRequest.issuer_key_hashcCsdS�z-
        The hash of the issuer name
        Nrr`rrr�issuer_name_hashszOCSPRequest.issuer_name_hashcCsdS�zK
        The hash algorithm used in the issuer name and key hashes
        Nrr`rrr�hash_algorithmszOCSPRequest.hash_algorithmcCsdS�zM
        The serial number of the cert whose status is being checked
        Nrr`rrr�
serial_number#szOCSPRequest.serial_numbercCsdS)z/
        Serializes the request to DER
        Nr)r4rSrrr�public_bytes(szOCSPRequest.public_bytescCsdS)zP
        The list of request extensions. Not single request extensions.
        Nrr`rrrr5.szOCSPRequest.extensionsN)rrr�abc�abstractpropertyrarcrerg�abstractmethodrhr5rrrrr^s




r^c@seZdZejdd��Zejdd��Zejdd��Zejdd��Zejd	d
��Z	ejdd��Z
ejd
d��Zejdd��Zejdd��Z
ejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd��Zejdd ��Zejd!d"��Zejd#d$��Zejd%d&��Zd'S)(�OCSPResponsecCsdS)zm
        The status of the response. This is a value from the OCSPResponseStatus
        enumeration
        Nrr`rrrr[7szOCSPResponse.response_statuscCsdS)zA
        The ObjectIdentifier of the signature algorithm
        Nrr`rrr�signature_algorithm_oid>sz$OCSPResponse.signature_algorithm_oidcCsdS)zX
        Returns a HashAlgorithm corresponding to the type of the digest signed
        Nrr`rrr�signature_hash_algorithmDsz%OCSPResponse.signature_hash_algorithmcCsdS)z%
        The signature bytes
        Nrr`rrr�	signatureJszOCSPResponse.signaturecCsdS)z+
        The tbsResponseData bytes
        Nrr`rrr�tbs_response_bytesPszOCSPResponse.tbs_response_bytescCsdS)z�
        A list of certificates used to help build a chain to verify the OCSP
        response. This situation occurs when the OCSP responder uses a delegate
        certificate.
        Nrr`rrrrWVszOCSPResponse.certificatescCsdS)z2
        The responder's key hash or None
        Nrr`rrr�responder_key_hash^szOCSPResponse.responder_key_hashcCsdS)z.
        The responder's Name or None
        Nrr`rrr�responder_namedszOCSPResponse.responder_namecCsdS)z4
        The time the response was produced
        Nrr`rrr�produced_atjszOCSPResponse.produced_atcCsdS)zY
        The status of the certificate (an element from the OCSPCertStatus enum)
        Nrr`rrr�certificate_statuspszOCSPResponse.certificate_statuscCsdS)z^
        The date of when the certificate was revoked or None if not
        revoked.
        Nrr`rrrrJvszOCSPResponse.revocation_timecCsdS)zi
        The reason the certificate was revoked or None if not specified or
        not revoked.
        Nrr`rrrrK}szOCSPResponse.revocation_reasoncCsdS)z�
        The most recent time at which the status being indicated is known by
        the responder to have been correct
        Nrr`rrrrH�szOCSPResponse.this_updatecCsdS)zC
        The time when newer information will be available
        Nrr`rrrrI�szOCSPResponse.next_updatecCsdSr_rr`rrrra�szOCSPResponse.issuer_key_hashcCsdSrbrr`rrrrc�szOCSPResponse.issuer_name_hashcCsdSrdrr`rrrre�szOCSPResponse.hash_algorithmcCsdSrfrr`rrrrg�szOCSPResponse.serial_numbercCsdS)zR
        The list of response extensions. Not single response extensions.
        Nrr`rrrr5�szOCSPResponse.extensionsN)rrrrirjr[rmrnrorprWrqrrrsrtrJrKrHrIrarcrergr5rrrrrl5sL

















rl),Z
__future__rrrrirF�enumrZsixZcryptographyrZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricrr	Zcryptography.x509.baser
rrZSHA1ZSHA224ZSHA256ZSHA384ZSHA512Z
_OIDS_TO_HASHr
r�dictZ_RESPONSE_STATUS_TO_ENUMr#r&r'Z_CERT_STATUS_TO_ENUMr-r0�objectr1rErLZ
add_metaclass�ABCMetar^rlrrrr�<module>sF�		�%>_
%


Zerion Mini Shell 1.0