a `Émg~,ã@sddlmZddlZddlZddlmZmZddlmZddl m Z ddl m Z ddl mZmZmZGdd „d ejƒZGd d „d ejƒZe je je je je jfZd d dœdd„ZGdd„dejƒZGdd„dƒZejZejZejZGdd„dƒZ Gdd„dƒZ!ej"Z"ej#Z#dS)é)Ú annotationsN)ÚutilsÚx509)Úocsp)Úhashes)Ú CertificateIssuerPrivateKeyTypes)Ú_EARLIEST_UTC_TIMEÚ_convert_to_naive_utc_timeÚ_reject_duplicate_extensionc@seZdZdZdZdS)ÚOCSPResponderEncodingzBy HashzBy NameN)Ú__name__Ú __module__Ú __qualname__ÚHASHÚNAME©rrúO/var/www/html/idle/venv/lib64/python3.9/site-packages/cryptography/x509/ocsp.pyr sr c@s$eZdZdZdZdZdZdZdZdS)ÚOCSPResponseStatusréééééN) r r rÚ SUCCESSFULZMALFORMED_REQUESTÚINTERNAL_ERRORZ TRY_LATERZ SIG_REQUIREDÚ UNAUTHORIZEDrrrrrs rúhashes.HashAlgorithmÚNone)Ú algorithmÚreturncCst|tƒstdƒ‚dS)Nz9Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512)Ú isinstanceÚ_ALLOWED_HASHESÚ ValueError)rrrrÚ_verify_algorithm.s ÿr#c@seZdZdZdZdZdS)ÚOCSPCertStatusrrrN)r r rZGOODÚREVOKEDÚUNKNOWNrrrrr$5sr$c @s(eZdZdddddddddœdd „Zd S) Ú_SingleResponseúx509.Certificaterr$údatetime.datetimeúdatetime.datetime | Noneúx509.ReasonFlags | None)ÚcertÚissuerrÚ cert_statusÚ this_updateÚ next_updateÚrevocation_timeÚrevocation_reasonc Cst|tjƒrt|tjƒs tdƒ‚t|ƒt|tjƒsrrrr9‡s zOCSPRequestBuilder.__init__r(r)r,r-rrcCsZ|jdus|jdurtdƒ‚t|ƒt|tjƒrcCs||_||_||_||_dSr?)Ú _responseÚ _responder_idÚ_certsrB)r8r]r^r_r>rrrr9ÛszOCSPResponseBuilder.__init__r(rr$r)r*r+) r,r-rr.r/r0r1r2rc Cs<|jdurtdƒ‚t||||||||ƒ} t| |j|j|jƒS)Nz#Only one response per OCSPResponse.)r`r"r'r\rarbrB) r8r,r-rr.r/r0r1r2Z singleresprrrÚ add_responseès$ ø üz OCSPResponseBuilder.add_responser )ÚencodingÚresponder_certrcCsP|jdurtdƒ‚t|tjƒs&tdƒ‚t|tƒs8tdƒ‚t|j||f|j |j ƒS)Nz!responder_id can only be set oncez$responder_cert must be a Certificatez6encoding must be an element from OCSPResponderEncoding) rar"r rr4r5r r\r`rbrB)r8rdrerrrr^s   ÿüz OCSPResponseBuilder.responder_idz!typing.Iterable[x509.Certificate])r_rcCs\|jdurtdƒ‚t|ƒ}t|ƒdkr.tdƒ‚tdd„|DƒƒsHtdƒ‚t|j|j||j ƒS)Nz!certificates may only be set oncerzcerts must not be an empty listcss|]}t|tjƒVqdSr?)r rr4)Ú.0ÚxrrrÚ "óz3OCSPResponseBuilder.certificates..z$certs must be a list of Certificates) rbr"ÚlistrLÚallr5r\r`rarB)r8r_rrrÚ certificatess  üz OCSPResponseBuilder.certificatesrNrOrPcCsNt|tjƒstdƒ‚t |j||¡}t||jƒt|j |j |j g|j¢|‘ƒSrS) r rrTr5rUrVr rBr\r`rarbrWrrrrY+s   üz!OCSPResponseBuilder.add_extensionrzhashes.HashAlgorithm | NoneÚ OCSPResponse)Ú private_keyrrcCs6|jdurtdƒ‚|jdur$tdƒ‚t tj|||¡S)Nz&You must add a response before signingz*You must add a responder_id before signing)r`r"rarÚcreate_ocsp_responserr)r8rnrrrrÚsign;s   ÿzOCSPResponseBuilder.signr)Úresponse_statusrcCs4t|tƒstdƒ‚|tjur$tdƒ‚t |ddd¡S)Nz7response_status must be an item from OCSPResponseStatusz$response_status cannot be SUCCESSFUL)r rr5rr"rro)ÚclsrqrrrÚbuild_unsuccessfulIs ÿ z&OCSPResponseBuilder.build_unsuccessful) r r rr9rcr^rlrYrpÚ classmethodrsrrrrr\Úsú r\)$Ú __future__rr6ÚtypingZ cryptographyrrZ"cryptography.hazmat.bindings._rustrZcryptography.hazmat.primitivesrZ/cryptography.hazmat.primitives.asymmetric.typesrZcryptography.x509.baserr r ÚEnumr rÚSHA1ÚSHA224ÚSHA256ÚSHA384ÚSHA512r!r#r$r'rZrmZOCSPSingleResponser:r\Zload_der_ocsp_requestZload_der_ocsp_responserrrrÚs2     û FT}