Xwg!ddlZddlmZddlmZmZmZmZddlm Z ddl m Z m Z ddl mZddlmZ ddlmZmZdd lmZej.eZGd d Zy#e$rdxZZY.wxYw) N)Path)crlocsppemx509)IncrementalPdfFileWriter)signers timestamps)SigSeedSubFilter)ValidationContext) PKCS11Signeropen_pkcs11_session)getFileceZdZedZedZedZedZedZedZ edZ edZ ed Z ed Z ed Zed Zed ZedZedZy) PDFSignaturecZd|vr'|d}t|tr|j}|Sy)N passphrase) isinstancestrencodeconfigrs O/var/www/horilla/myenv/lib/python3.12/site-packages/xhtml2pdf/builders/signs.pyget_passphrasezPDFSignature.get_passphrases5 6 ! -J*c*'..0  cfg}d|vr|d}t|ts|g}|D]}t|ttfrat |}t j |j\}}}|jtjj|z|j||sy|S)Nca_chain) rlistrrrrunarmorgetDataappendr Certificateload)r_keychainschaincpisafile_digicert_ca_bytess r get_chainszPDFSignature.get_chainss  :&EeT* %a$-&qzH.1kk(:J:J:L.M+Aq+MM$"2"2"7"78I"JKMM!$  % rctj|}d|vrEd|vrA|r?tj|d}tjj |d|d||Sy)Nkeycertr)ca_chain_fileskey_passphrase)rrr+r SimpleSignerr#)rrr&s rtest_simple_signerzPDFSignature.test_simple_signer0sk!008 F?v/J ++FJ?E'',,u v$) -  rctj|}d|vr&|r$tjj |d|Sy)Npfx_file)r4r)rrr r1 load_pkcs12rs rtest_pkcs12_signerzPDFSignature.test_pkcs12_signer=sI!008  J''33 + 4 rc tj|}|dddddddddddd }|D]0}||vs|dk(rtj|d}|||<)||||<2tdi|S)NFT) pkcs11_session cert_label signing_certr key_label prefer_pss embed_rootsother_certs_to_pull bulk_fetchkey_idcert_iduse_raw_mechanismr)r get_sessionr+r )rsessionkeysr-r&s rtest_pkcs11_signerzPDFSignature.test_pkcs11_signerFs**62% #%!&   ,Cf}*$(33FJGE %DI &s DI  ,#d##rc>d|vrtj|dSy)Ntsa)url)r HTTPTimeStamper)rs rget_timestampszPDFSignature.get_timestampsbs! F?--&-@ @rcd|vryd}|d}|dk(rtj|}|S|dk(r*t d}t|tj |}|S|dk(rtj |}|S)Nenginepkcs12pkcs11zpyhanko.sign.pkcs11 requires pyHanko to be installed with the [pkcs11] option. You can install missing dependencies by running "pip install 'pyHanko[pkcs11]'".simple)rr6r ImportErrorrGr2)rsignerrNmsgs r get_signerszPDFSignature.get_signershs 6 !! X !44VU "((FFC C'' 66BBrcg}|D]s}t|ttfrJt|}tj j |j}|j|c|j|u|SN) rrrrrCertificateListr#r r!)crls list_crlsxr( cert_lists r parse_crlszPDFSignature.parse_crlssp  $A!dC[)"1://44X5E5E5GH   +  #  $rcg}|D]K}t|}tjj|j }|j |M|Sr_)rr OCSPResponser#r r!)oscps list_oscprcr(datas r parse_oscpzPDFSignature.parse_oscpsT  #AqzH$$))(*:*:*<=D   T " #rcddi}d|vrd|dvr!tj|dd|dd<d|dvr!tj|dd|dd<d|dvrtj|d|dd<d|dvrtj|d|dd<d|dvrtj|d|dd<|j |dt d i|S) Nallow_fetchingTvalidation_contextraocsps trust_rootsextra_trust_roots other_certsr8)rrerkr+updater )rcontexts rget_validation_contextz#PDFSignature.get_validation_contexts8#T* 6 ) 4557C7N7N/088+,V4&!5668D8O8O/099+,W5'; <<>J>U>UM?+,];#f-A&BB ++F4GH+,-@A'; <<>J>U>UM?+,]; NN6"67 8 +7++rc ddddddddtjdtj|d }d|vr|j |d|S)N Signature1sha256FT) field_name md_algorithmlocationreasonnamecertifyembed_validation_info use_pades_lta subfiltertimestamp_field_namernmeta)r PADESrrurs)rrs rget_signature_metazPDFSignature.get_signature_metas\'$%)!)//$("."E"Ef"M   V  KKv ' rctj|}|rOt|}tj|}t j |t j d|||yy)Nrw)ry)rSr\ timestamperT)rrUrrLr sign_pdfPdfSignatureMetadata)r[r\rrSwrs rrZzPDFSignature.simple_signs_))&1 (3A&55f=K   ,, E'  rctj|}tj|}t|}tj |}t j di|}|r|rt j|||||yy)N)signature_metarSrr\Tr8)rrUrLrrr rr)r[r\rrSrrrrs rrYzPDFSignature.lta_signsy))&1"11&9 $Y /..v6 55== k   -'  rc|jdd}|jdd}|jdd}|jdd}||||t||||Syy)N lib_locationslot_no token_labeluser_pin)rrr)getr)rrrrrs rrDzPDFSignature.get_sessionsyzz.$7 **Y-jj5 ::j$/  L$<"k&=* # +%  rN)__name__ __module__ __qualname__ staticmethodrr+r2r6rGrLrUr]rerkrurrZrYrDr8rrrrs."  $$6 ,CC   ,,<$  $rr)loggingpathlibr asn1cryptorrrr$pyhanko.pdf_utils.incremental_writerr pyhanko.signr r pyhanko.sign.fieldsr pyhanko_certvalidatorr pyhanko.sign.pkcs11r rrRxhtml2pdf.filesr getLoggerrlogrr8rrrsd++I,03.E$g!kk.)--,.sA A)(A)