>wgPJdZddlmZmZmZmZddlmZddlm Z m Z ddl m Z m Z mZmZmZmZmZmZmZmZmZmZmZddlmZmZddlmZdd lmZm Z m!Z!m"Z"Gd d eZ#Gd d eZ$GddeZ%GddeZ&GddeZ'GddeZ(GddeZ)GddeZ*GddeZ+GddeZ,GddeZ-Gd d!eZ.Gd"d#eZ/Gd$d%eZ0Gd&d'eZ1Gd(d)eZ2Gd*d+eZ3Gd,d-eZ4Gd.d/eZ5Gd0d1eZ6Gd2d3e Z7Gd4d5eZ8Gd6d7eZ9Gd8d9eZ:Gd:d;e Z;Gd<d=eZ<Gd>d?eZ=Gd@dAeZ>GdBdCeZ?GdDdEeZ@GdFdGeZAGdHdIeZBGdJdKeZCGdLdMeZDGdNdOeZEGdPdQeZFGdRdSeZGGdTdUeZHyV)Wz ASN.1 type classes for the online certificate status protocol (OCSP). Exports the following items: - OCSPRequest() - OCSPResponse() Other type classes are defined that help compose the types listed above. )unicode_literalsdivisionabsolute_importprint_function)unwrap)DigestAlgorithmSignedDigestAlgorithm) BooleanChoice EnumeratedGeneralizedTime IA5StringIntegerNullObjectIdentifierOctetBitString OctetStringParsableOctetStringSequence SequenceOf)AuthorityInfoAccessSyntax CRLReason)PublicKeyAlgorithm) Certificate GeneralName GeneralNamesNameceZdZddiZy)Versionrv1N__name__ __module__ __qualname___mapF/var/www/horilla/myenv/lib/python3.12/site-packages/asn1crypto/ocsp.pyr r (s 4 Dr(r c(eZdZdefdefdefdefgZy)CertIdhash_algorithmissuer_name_hashissuer_key_hash serial_numberN)r#r$r%r rr_fieldsr'r(r)r+r+.s) ?+ [) K( '" Gr(r+ceZdZdefdefgZy)ServiceLocatorissuerlocatorN)r#r$r%rrr0r'r(r)r2r27s 4 -.Gr(r2ceZdZddiZy)RequestExtensionIdz1.3.6.1.5.5.7.48.1.7service_locatorNr"r'r(r)r6r6>s 1 Dr(r6c4eZdZdefdeddifdefgZdZdeiZ y) RequestExtensionextn_idcriticaldefaultF extn_valuer:r=r7N) r#r$r%r6r rr0 _oid_pairr2 _oid_specsr'r(r)r9r9Ds= &' Wy%01 *+G *I>Jr(r9ceZdZeZy)RequestExtensionsN)r#r$r%r9 _child_specr'r(r)rBrBQs"Kr(rBcVeZdZdefdedddfgZdZdZdZdZ e d Z e d Z y) Requestreq_certsingle_request_extensionsrTexplicitoptionalFNct|_|dD]g}|dj}d|z}t||rt |||dj |djsM|jj |id|_y)v Sets common named extensions to private attributes and creates a list of critical extensions rGr: _%s_valuer=r;TNset_critical_extensionsnativehasattrsetattrparsedadd_processed_extensionsself extensionnameattribute_names r)_set_extensionszRequest._set_extensions_s %(E!9: 4IY'..D(4/Nt^,ni .E.L.LM$++))--d3  4&*"r(cR|js|j|jSz Returns a set of the names (or OID if not a known extension) of the extensions marked as critical :return: A set of unicode strings rVr\rPrXs r)critical_extensionszRequest.critical_extensionsq%))  "(((r(cV|jdur|j|jS)z This extension is used when communicating with an OCSP responder that acts as a proxy for OCSP requests :return: None or a ServiceLocator object F)rVr\_service_locator_valuer`s r)service_locator_valuezRequest.service_locator_value*  % % .  "***r() r#r$r%r+rBr0rVrPrdr\propertyrarer'r(r)rErEUsc V $&7aUY9Z[G "!*$ ) ) + +r(rEceZdZeZy)RequestsN)r#r$r%rErCr'r(r)ririsKr(riceZdZddiZy) ResponseTypez1.3.6.1.5.5.7.48.1.1basic_ocsp_responseNr"r'r(r)rkrks 5 Dr(rkceZdZeZy)AcceptableResponsesN)r#r$r%rkrCr'r(r)rnrnsKr(rnc"eZdZdefdeddifgZy)PreferredSignatureAlgorithmsig_identifiercert_identifierrJTN)r#r$r%r rr0r'r(r)rprps" 01 .T0BCGr(rpceZdZeZy)PreferredSignatureAlgorithmsN)r#r$r%rprCr'r(r)rtrts-Kr(rtceZdZddddZy)TBSRequestExtensionIdnonceacceptable_responsespreferred_signature_algorithms)1.3.6.1.5.5.7.48.1.2z1.3.6.1.5.5.7.48.1.4z1.3.6.1.5.5.7.48.1.8Nr"r'r(r)rvrvs ' 6 @ Dr(rvc8eZdZdefdeddifdefgZdZee e dZ y) TBSRequestExtensionr:r;r<Fr=r>)rwrxryN) r#r$r%rvr rr0r?rrnrtr@r'r(r)r|r|sA )* Wy%01 *+G *I 3*FJr(r|ceZdZeZy)TBSRequestExtensionsN)r#r$r%r|rCr'r(r)r~r~s%Kr(r~c@eZdZdedddfdedddfd efd ed ddfgZy ) TBSRequestversionrr!rIr<requestor_namerTrH request_listrequest_extensionsN)r#r$r%r rrir~r0r'r(r)rrs@ G!=> ;QD(IJ " 3!QU5VW Gr(rceZdZeZy) CertificatesN)r#r$r%rrCr'r(r)rrsKr(rc*eZdZdefdefdedddfgZy) Signaturesignature_algorithm signaturecertsrTrHN)r#r$r%r rrr0r'r(r)rrs)  56 n% ,QD ABGr(rc~eZdZdefdedddfgZdZdZdZdZ dZ dZ e d Z e d Ze d Ze d Zy) OCSPRequest tbs_requestoptional_signaturerTrHFNct|_|ddD]g}|dj}d|z}t||rt |||dj |djsM|jj |id|_y) rLrrr:rMr=r;TNrNrWs r)r\zOCSPRequest._set_extensionss %(E!m,-AB 4IY'..D(4/Nt^,ni .E.L.LM$++))--d3  4&*"r(cR|js|j|jSr^r_r`s r)razOCSPRequest.critical_extensionsrbr(cV|jdur|j|jS)z This extension is used to prevent replay attacks by including a unique, random value with each request/response pair :return: None or an OctetString object FrVr\ _nonce_valuer`s r) nonce_valuezOCSPRequest.nonce_value*  % % .  "   r(cV|jdur|j|jS)a( This extension is used to allow the client and server to communicate with alternative response formats other than just basic_ocsp_response, although no other formats are defined in the standard. :return: None or an AcceptableResponses object F)rVr\_acceptable_responses_valuer`s r)acceptable_responses_valuez&OCSPRequest.acceptable_responses_values*  % % .  "///r(cV|jdur|j|jS)aj This extension is used by the client to define what signature algorithms are preferred, including both the hash algorithm and the public key algorithm, with a level of detail down to even the public key algorithm parameters, such as curve name. :return: None or a PreferredSignatureAlgorithms object F)rVr\%_preferred_signature_algorithms_valuer`s r)$preferred_signature_algorithms_valuez0OCSPRequest.preferred_signature_algorithms_value s*  % % .  "999r()r#r$r%rrr0rVrPrrrr\rgrarrrr'r(r)rrs  # yqd*KLG "L"&,0)*$ ) ) ! ! 0 0 : :r(rceZdZdddddddZy) OCSPResponseStatus successfulmalformed_requestinternal_error try_later sign_required unauthorized)rrrNr"r'r(r)rr1s        Dr(rc(eZdZdeddifdeddifgZy) ResponderIdby_namerIrby_keyrN)r#r$r%rr _alternativesr'r(r)rr<s% D:q/* ;Q0Mr(rc"eZdZdZedZy) StatusGoodc||3|dk7r.t|tsttdt |d|_y)z` Sets the value of the object :param value: None or 'good' NgoodzK value must be one of None, "good", not %s r( isinstancer ValueErrorrreprcontentsrXvalues r)rOzStatusGood.setEsD  &E49PVU   r(cy)Nrr'r`s r)rQzStatusGood.nativeWsr(Nr#r$r%rOrgrQr'r(r)rrDs$r(rc"eZdZdZedZy) StatusUnknownc||3|dk7r.t|tsttdt |d|_y)zc Sets the value of the object :param value: None or 'unknown' NunknownzN value must be one of None, "unknown", not %s r(rrs r)rOzStatusUnknown.set^sE  )!3Jud? _1$&GHGr(rceZdZdddddddZy) SingleResponseExtensionIdcrlarchive_cutoff crl_reasoninvalidity_datecertificate_issuer!signed_certificate_timestamp_list)z1.3.6.1.5.5.7.48.1.3z1.3.6.1.5.5.7.48.1.6z 2.5.29.21z 2.5.29.24z 2.5.29.29z1.3.6.1.4.1.11129.2.4.5Nr"r'r(r)rrs % 0"&)#F Dr(rc>eZdZdefdeddifdefgZdZee e e e e dZ y) SingleResponseExtensionr:r;r<Fr=r>)rrrrrrN)r#r$r%rr rr0r?rrrrrr@r'r(r)rrsJ -. Wy%01 *+G *I)**-8 Jr(rceZdZeZy)SingleResponseExtensionsN)r#r$r%rrCr'r(r)rrs)Kr(rc eZdZdefdefdefdedddfded ddfgZd Zd Z d Z d Z d Z d Z d Zd Zed ZedZedZedZedZedZy )SingleResponsecert_id cert_status this_update next_updaterTrHsingle_extensionsrFNct|_|dD]g}|dj}d|z}t||rt |||dj |djsM|jj |id|_y)rLrr:rMr=r;TNrNrWs r)r\zSingleResponse._set_extensionss %(E!12 4IY'..D(4/Nt^,ni .E.L.LM$++))--d3  4&*"r(cR|js|j|jSr^r_r`s r)raz"SingleResponse.critical_extensionsrbr(cV|jdur|j|jS)z This extension is used to locate the CRL that a certificate's revocation is contained within. :return: None or a CrlId object F)rVr\ _crl_valuer`s r) crl_valuezSingleResponse.crl_values(  % % .  "r(cV|jdur|j|jS)z This extension is used to indicate the date at which an archived (historical) certificate status entry will no longer be available. :return: None or a GeneralizedTime object F)rVr\_archive_cutoff_valuer`s r)archive_cutoff_valuez#SingleResponse.archive_cutoff_values*  % % .  ")))r(cV|jdur|j|jS)z This extension indicates the reason that a certificate was revoked. :return: None or a CRLReason object F)rVr\_crl_reason_valuer`s r)crl_reason_valuezSingleResponse.crl_reason_values*  % % .  "%%%r(cV|jdur|j|jS)a= This extension indicates the suspected date/time the private key was compromised or the certificate became invalid. This would usually be before the revocation date, which is when the CA processed the revocation. :return: None or a GeneralizedTime object F)rVr\_invalidity_date_valuer`s r)invalidity_date_valuez$SingleResponse.invalidity_date_value s*  % % .  "***r(cV|jdur|j|jS)z This extension indicates the issuer of the certificate in question. :return: None or an x509.GeneralNames object F)rVr\_certificate_issuer_valuer`s r)certificate_issuer_valuez'SingleResponse.certificate_issuer_values*  % % .  "---r()r#r$r%r+rrrr0rVrPrrrrrr\rgrarrrrrr'r(r)rrs F  # ( aT)JK 6QTX8YZ G"J ! $*$ ) )   * * & & + + . .r(rceZdZeZy) ResponsesN)r#r$r%rrCr'r(r)rr(s Kr(rceZdZdddZy)ResponseDataExtensionIdrwextended_revoke)rzz1.3.6.1.5.5.7.48.1.9Nr"r'r(r)rr,s ' 1 Dr(rc6eZdZdefdeddifdefgZdZee dZ y) ResponseDataExtensionr:r;r<Fr=r>)rwrN) r#r$r%rr rr0r?rrr@r'r(r)rr3s> +, Wy%01 *+G *IJr(rceZdZeZy)ResponseDataExtensionsN)r#r$r%rrCr'r(r)rrAs'Kr(rc >eZdZdedddfdefdefdefded d d fgZy ) ResponseDatarrr!r responder_id produced_at responsesresponse_extensionsrTrHN) r#r$r%r rrrrr0r'r(r)rrEsA G!=> % ( i  6QTX8YZ Gr(rc0eZdZdefdefdefdedddfgZy) BasicOCSPResponsetbs_response_datarrrrTrHN)r#r$r%rr rrr0r'r(r)rrOs1 l+  56 n% ,QD AB Gr(rc(eZdZdefdefgZdZdeiZy) ResponseBytes response_typeresponse)rrrlN) r#r$r%rkrr0r?rr@r'r(r)rrXs. ,' ()G .I0Jr(rceZdZdefdedddfgZdZdZdZdZ dZ e d Z e d Z e d Ze d Ze d Zy) OCSPResponseresponse_statusresponse_bytesrTrHFNc4t|_|ddjddD]g}|dj}d|z}t ||rt |||dj|djsM|jj |id |_y ) rLr rrrr:rMr=r;TN)rOrPrTrQrRrSrUrVrWs r)r\zOCSPResponse._set_extensionsos %(E!./ ;BBCVWXmn 4IY'..D(4/Nt^,ni .E.L.LM$++))--d3  4&*"r(cR|js|j|jSr^r_r`s r)raz OCSPResponse.critical_extensionsrbr(cV|jdur|j|jS)z This extension is used to prevent replay attacks on the request/response exchange :return: None or an OctetString object Frr`s r)rzOCSPResponse.nonce_valuerr(cV|jdur|j|jS)z This extension is used to signal that the responder will return a "revoked" status for non-issued certificates. :return: None or a Null object (if present) F)rVr\_extended_revoke_valuer`s r)extended_revoke_valuez"OCSPResponse.extended_revoke_valuerfr(c&|ddjS)z A shortcut into the BasicOCSPResponse sequence :return: None or an asn1crypto.ocsp.BasicOCSPResponse object r rrTr`s r)rlz OCSPResponse.basic_ocsp_responses$%j1888r(c,|ddjdS)z A shortcut into the parsed, ResponseData sequence :return: None or an asn1crypto.ocsp.ResponseData object r rrrr`s r) response_datazOCSPResponse.response_datas!$%j1889LMMr()r#r$r%rrr0rVrPrrr\rgrarrrlrr'r(r)r r ds ./ =qd*KLG "L!*$ ) ) ! ! + +99NNr(r N)I__doc__ __future__rrrr_errorsralgosr r corer r r rrrrrrrrrrrrrkeysrx509rrrrr r+r2r6r9rBrErirkrnrprtrvr|r~rrrrrrrrrrrrrrrrrrrrrrr r'r(r)rsSR96$>> g XX) x # #6+h6+rz# *(.:., ( &:&:W:(W:t&2D0(H  0 h$*z*u.Xu.p! !. H (Z(8 H [N8[Nr(