WwgddlZddlZddlmZddlmZddlmZmZmZddl m Z m Z ddl m Z ddlmZddlmZmZdd lmZdd lmZmZdd lmZmZmZmZmZdd lmZm Z m!Z!m"Z"m#Z#m$Z$dd l%m&Z&m'Z'm(Z(m)Z)ddl*m+Z+m,Z,m-Z-ddl.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6ddl7m8Z8ddl9m:Z:m;Z;mZ>gdZ?ejeAZBdeejfdZDdee fdZEdejdeFfdZGGddZHedddgZI dedeeIfd ZJd!eHfd"ZKd#eHd$ed%eLfd&ZMd'ZN d2d#eHd(ee d)ee d*ee d+eed,ee8d-eLd.ee>de;fd/ZO d3d#eHd0ee d+eed-eLde:f d1ZPy)4N) namedtuple)datetime)ListOptionalUnion)cmsx509)ValidationContext)ValidationPath)genericmisc)pdf_name) PdfFileReaderprocess_data_at_eof)DEFAULT_DIFF_POLICY DiffPolicy DiffResultModificationLevelSuspiciousModification) FieldMDPSpecMDPPermSeedLockDocumentSigSeedSubFilterSigSeedValFlagsSigSeedValueSpec)SignedDataCertsUnacceptableSignerErrorbyte_range_digestextract_signer_info)SignatureValidationErrorSigSeedValueValidationErrorValidationInfoReadingError)cms_basic_validationcollect_signer_attr_statuscollect_timing_infocompute_signature_tst_digestextract_certs_for_validationextract_self_reported_tsextract_tst_datavalidate_tst_signed_data)KeyUsageConstraints)DocumentTimestampStatusPdfSignatureStatusSignatureCoverageLevel)CMSAlgorithmUsagePolicy)EmbeddedPdfSignature DocMDPInforead_certification_dataasync_validate_pdf_signatureasync_validate_pdf_timestampreport_seed_value_validationextract_contentsreturnct |d}|D]}|j}|d|k(s|cSy#t$rYywxYw)Nz /Referencez/TransformMethod)KeyError get_object) signature_objmethodsig_refsrefs [/var/www/horilla/myenv/lib/python3.12/site-packages/pyhanko/sign/validation/pdf_embedded.py_extract_reference_dictrAIsZ .nn ! "f ,J  s + 77ct|d}|y |djd}t|S#ttf$r}t d|d}~wwxYw)N/DocMDP/TransformParams/Pz#Failed to read document permissions)rAraw_getr ValueErrorr:r!)r<r? raw_permses r@_extract_docmdp_for_sigrJWsd !- ;C {*+33D9 y!!  !& 1  s0A A  A sig_objectc4 |jdtjj}t|tjtjfst j d|jS#t$rt j dwxYw)z Internal function to extract the (DER-encoded) signature bytes from a PDF signature dictionary. :param sig_object: A signature dictionary. :return: The extracted contents as a byte string. z /Contents)decryptz+Could not read /Contents entry in signaturez/Contents must be string-like) rFr EncryptedObjAccessRAWr:r PdfReadError isinstanceTextStringObjectByteStringObjectoriginal_bytes)rK cms_contents r@r7r7dsO (( !;!;!?!?) g..0H0HI  ?@@  % %% O MNNOs +A88BcheZdZUdZej ed< ej ed< ejed< de dej de fdZ de fd Z edeej fd Zedeej&fd Zedej&fd Zedej,fd ZedZedeefdZedeejfdZddZdefdZedee fdZ!edee"fdZ#edee$fdZ%de&fdZ'dee&fdZ(de)fdZ*dZ+de,de-e.e/ffdZ0y)r1zA Class modelling a signature embedded in a PDF document. sig_fieldrK signed_datareaderfq_namec,||_t|tjr|j }||_|j d}|j x|_}t|tjsJ |j d|_ t|x|_}tj j#|}|d}||_t'||_d|_|j(d} | dj,j/|_|d} | dj,} | d k(r|j0|_n.| d k(r)| dj4d } | d dj,|_|jj6j9|j:|_d|_d|_ d|_!d|_"d|_#d x|_$|_%d|_&d|_'d |_(||_)y#t$rtjdwxYw)Nz/Vz /ByteRangez,Could not read /ByteRange entry in signaturecontentdigest_algorithm algorithmencap_content_info content_typedatatst_infomessage_imprinthash_algorithmF)*rYrQr IndirectObjectr;rWrFrKDictionaryObject byte_ranger:r rPr7 pkcs7_contentr ContentInfoloadrXr signer_info _sd_cert_infonativelower md_algorithmexternal_md_algorithmparsedxrefsget_last_change referencesigned_revisioncoverageexternal_digest total_len_docmdp _fieldmdp_docmdp_queried_fieldmdp_queriedtst_signature_digest diff_result_integrity_checkedrZ) selfrYrWrZsig_object_refrKrUmessagerX digest_algoecir`mis r@__init__zEmbeddedPdfSignature.__init__s  i!7!7 8!,,.I""**40'5'@'@'BB**g&>&>??? (00>DO ,*11 6 !)-):):D & Z 'Y&&'89B)+,<)=*f  & ${{00@@  $ $  04(,*. 158==t559!"' w ##>  s >G44Hr8cf|jt|j|_|jS)N)rlr(rXrs r@_init_cert_infoz$EmbeddedPdfSignature._init_cert_infos-    %!=d>N>N!OD !!!cHt|jjS)z2 Embedded attribute certificates. )listrattribute_certsrs r@embedded_attr_certsz(EmbeddedPdfSignature.embedded_attr_certss D((*::;;rcHt|jjS)zQ Embedded X.509 certificates, excluding than that of the signer. )rr other_certsrs r@other_embedded_certsz)EmbeddedPdfSignature.other_embedded_certss D((*6677rc6|jjS)z, Certificate of the signer. )r signer_certrs r@rz EmbeddedPdfSignature.signer_certs ##%111rcL|jjdtdS)a Returns the type of the embedded signature object. For ordinary signatures, this will be ``/Sig``. In the case of a document timestamp, ``/DocTimeStamp`` is returned. :return: A PDF name object describing the type of signature. z/Type/Sig)rKgetrrs r@sig_object_typez$EmbeddedPdfSignature.sig_object_types ""7HV,<==rc|jS)zC :return: Name of the signature field. )rZrs r@ field_namezEmbeddedPdfSignature.field_names ||rct|j}||S |jd}tj||j j S#t$rYywxYw)z :return: The signing time as reported by the signer, if embedded in the signature's signed attributes or provided as part of the signature object in the PDF document. Nz/M)strict)r)rkrKr parse_pdf_daterYrr:)rtsst_as_pdf_dates r@self_reported_timestampz,EmbeddedPdfSignature.self_reported_timestampsg&d&6&6 7 >I !__T2N))t{{'9'9   s9A A! A!c,t|jS)z :return: The signed data component of the timestamp token embedded in this signature, if present. )r*rkrs r@attached_timestamp_dataz,EmbeddedPdfSignature.attached_timestamp_data"s  0 011rNc|j|j|j|j|_|xst }|s|j ||_d|_y)a Compute the various integrity indicators of this signature. :param diff_policy: Policy to evaluate potential incremental updates that were appended to the signed revision of the document. Defaults to :const:`~pyhanko.sign.diff_analysis.DEFAULT_DIFF_POLICY`. :param skip_diff: If ``True``, skip the difference analysis step entirely. TN) _enforce_hybrid_xref_policycompute_digestcompute_tst_digestevaluate_signature_coveragervrevaluate_modificationsr~r)r diff_policy skip_diffs r@compute_integrity_infoz+EmbeddedPdfSignature.compute_integrity_info+sc ((*  !88: !8%8 #::;GD "&rc|js td|j}|j}|j}d}|bt |t r |jntj}|tjk(xs|duxr|j|jkD }n&|tjk7r|tjk(}|||d}|S)a Compile the integrity information for this signature into a dictionary that can later be passed to :class:`.PdfSignatureStatus` as kwargs. This method is only available after calling :meth:`.EmbeddedPdfSignature.compute_integrity_info`. zGCall compute_integrity_info() before invokingsummarise_integrity_info()N)rv docmdp_okr~)rr! docmdp_levelr~rvrQrmodification_levelrOTHERvaluer/ENTIRE_REVISION ENTIRE_FILE)rdocmdpr~rvr mod_level status_kwargss r@summarise_integrity_infoz-EmbeddedPdfSignature.summarise_integrity_infoDs&&*-  ""&& ==   "k:6..&,,  .444K$&I9??V\\+II/?? ? !$:$F$FFI!"& rcj |jd}tj|S#t$rYywxYw)Nz/SV)rWr:rfrom_pdf_object)r sig_sv_dicts r@seed_value_specz$EmbeddedPdfSignature.seed_value_specqs< ../K // <<  s & 22c|jr |jSt|j}| |jd}t |d}||_d|_|S#t $rYwxYw)av :return: The document modification policy required by this signature or its Lock dictionary. .. warning:: This does not take into account the DocMDP requirements of earlier signatures (if present). The specification forbids signing with a more lenient DocMDP than the one currently in force, so this should not happen in a compliant document. That being said, any potential violations will still invalidate the earlier signature with the stricter DocMDP policy. )r<z/LockrET)r{ryrJrKrWrr:)rr lock_dicts r@rz!EmbeddedPdfSignature.docmdp_levelysu$   << (tG >  NN73  41 #   sA A+*A+c|jr |jSt|jd}d|_|y t j |d}||_|S#t tf$r}td|d}~wwxYw)z :return: Read the field locking policy of this signature, if applicable. See also :class:`~.pyhanko.sign.fields.FieldMDPSpec`. z /FieldMDPTNrDz!Failed to read /FieldMDP settings) r|rzrArKrrrGr:r!)rref_dictsprIs r@fieldmdpzEmbeddedPdfSignature.fieldmdps  ! !>> !*4??KH!%   --h7I.JKB  H% *3  sAA;* A66A;c|j |jSt|jj|j|j \|_}||_|S)z Compute the ``/ByteRange`` digest of this signature. The result will be cached. :return: The digest value. )rgro)rwrrYstreamrgrprxrdigests r@rz#EmbeddedPdfSignature.compute_digestsY    +'' '!2 KK  33"  & rcn|j |jSt|jx|_}|S)a Compute the digest of the signature needed to validate its timestamp token (if present). .. warning:: This computation is only relevant for timestamp tokens embedded inside a regular signature. If the signature in question is a document timestamp (where the entire signature object is a timestamp token), this method does not apply. :return: The digest value, or ``None`` if there is no timestamp token. )r}r'rkrs r@rz'EmbeddedPdfSignature.compute_tst_digests@  $ $ 0,, ,-I   .  !F rc|jj}|jj}t|jdk7s|jddk7rt j S|j\}}}}|jdtjt|jdzdz}||z|z}|j|k(} | rt jS|||zk(} | st j S|j||j} t|} |j| } | | k7rt j S t'| dzD]4}|j)|}|j*|kDs$t j cSt j,S#t"j$$rt j cYSwxYw)z Internal method used to evaluate the coverage level of a signature. :return: The coverage level of the signature. rr )rYrrrlenrgr/UNCLEARseekosSEEK_ENDrhtellrrurget_startxref_for_revisionCONTIGUOUS_BLOCK_FROM_STARTr rPrangeget_xref_container_info end_locationr)r xref_cacher_len1start2len2embedded_sig_contentsigned_zone_len file_covered contiguous signed_rev startxrefexpectedrevision xref_metas r@rz0EmbeddedPdfSignature.evaluate_signature_coverages[[&& ## t 1 $(:a(?)11 1 $4  Ar{{# #4#5#56:Q>+(<<{{}7 )55 5t&::: )11 1  O$))  F+F3I!<>** ?=rrcJ|jtjkr tdS|jtjk(r"t t jtS|j|j|j|j|jS)zY Internal method used to evaluate the modification level of a signature. z$Nonstandard signature coverage level)field_mdp_specdoc_mdp)rvr/rrrrrNONEset review_filerYrurr)rrs r@rz+EmbeddedPdfSignature.evaluate_modifications*s ==1AA A)6 ]]4@@ @/44ce< <&& KK  ==%% '  r)NF)1__name__ __module__ __qualname____doc__r rf__annotations__r SignedDatarstrrrrpropertyrAttributeCertificateV2rr Certificaterr NameObjectrrrrrrrdictrrrrrrrbytesrrr/rrrrrrrrr@r1r1s '''(((JJ++J JX"" !3!3 > >();&2#..)A22'2+$+Z=*:!;==hw/>(<0,&HUO.F6-CF6P % z11 2 rr1r2 permission author_sigrYct |jdd}t|}t||S#t$rYywxYw)z Read the certification information for a PDF document, if present. :param reader: Reader representing the input document. :return: A :class:`.DocMDPInfo` object containing the relevant data, or ``None``. /PermsrCN)rootr:rJr2)rYcertification_sigperms r@r3r3GsJ"KK1)< ##4 5D d- .. s + 77emb_sigc |j}|y|j}|j |jj|||s|j r t d|j}|j|jj} |jjd}|jd} | |jk(} || k7r!d} t d| |d| | d|r9|jj$} |j&} | | k7rt d | d | d |j(}|sy|d }t+|}|t,j.zr_|j0S|j0s t3d |j0d}|+||k7r&t d|j4d |j4d |t,j6zr!|j8t:j=d|t,j>zr|j@ t3d|t,jBzr|jD|j&} |jDtFjHk(r| tJjLk7r t d|jDtFjNk(r| tJjLk(r t d|jP}|t,jRzr|jTddl+m,} ||d}|jT|k7r$t d|jTrdndd|rdndd|jTr9|t*j\k7r&t dt*j\j4z|t,j^zrB|j`6|jbje}||j`vrt d|z|t,jfzrR|jhxsg}| xs|dgk(}|jkd}|r | t d|s||vrt d |d!yyy#t$r}t ||d}~wwxYw#ttj t"f$rd} YwxYw#tZ$rd}YwxYw)"NznThe seed value dictionary requires a trusted timestamp, but none was found, or the timestamp did not validate.rrCFc|rdSdS)Nza certificationz an approvalr)certifys r@_typez'_validate_sv_constraints.._typexs,3(FFrzPThe seed value dictionary's /MDP entry specifies that this field should contain z signature, but z appears to have been used.zaThe seed value dictionary specified that this certification signature should use the MDP policy 'z', but 'z' was used in the signature. /SubFilterzPThe signature encodings mandated by the seed value dictionary are not supported.rz.The seed value dictionary mandates subfilter 'zThe signature's seed value dictionary specifies the /AppearanceFilter entry as mandatory, but this constraint is impossible to validate.zpyHanko does not support legal attestations, but the seed value dictionary mandates that they be restricted to a specific subset.z,?@""' "6!78--  !55>>K**Gg%1#}HWI6-- MME l+O"?3K )))w/A/A/M!!%0  )0(:(:1(=  "{k'A-$$k&7&79  111    ( )  111  $ $ 0! P  ---    +&&  ! !%5%:%: :7----N   ! !%5%A%A A7----  %%K ,,,    *N " *; 7 M   = 0-"..BF:'BV3    /DDD->#88>>@  ---  ,**002 g44 4-)+67   &&&//'RK37se#3 {{9- 1- \8-,8; 9y']' 8-a0a 7 8"'88.I "!M "z* "!M "s;P*9Q- Q.* Q3 P??Q Q+*Q+. Q=<Q= embedded_sigr)r*c t|||d}|jdu|dS#t$r#}tjd||}Yd}~8d}~wwxYw)a Internal API function to enforce seed value constraints (if present) and report on the result(s). :param embedded_sig: The embedded signature. :param validation_path: The validation path for the signer's certificate. :param timestamp_found: Flag indicating whether a valid timestamp was found or not. :return: A ``status_kwargs`` dict. )r*NzError in seed value validation.)exc_info)has_seed_valuesseed_value_constraint_error)r:r"rrr)r;r)r*sv_errrIs r@r6r6sb& /?  (77tC'-  '81Es# AA  Ach ddlm}|||v}|st||zy#t$rd}YwxYw)Nr)rF)pyhanko.sign.fieldsrrGr!) subfilter_strpermitted_subfilterserr_msgr subfilter_oks r@_validate_subfilterrG$sJ8' 6:NN  &w'>??   s # 11signer_validation_contextts_validation_contextac_validation_contextrkey_usage_settingsralgorithm_policyc K|j}|jdk7r td|jdd} t | t j t jfd||}|j|||j} t|j||jd{} | j| d| vr|j} | | | d<tj |}t#|j$|j&|| || d{} | jd d} | duxr| j(xr | j*}t-|| d |}| j||%|j.j1|j2| jt5|j6|j8||jd  d{tdi| S7;77w)a  .. versionadded:: 0.9.0 .. versionchanged: 0.11.0 Added ``ac_validation_context`` param. Validate a PDF signature. :param embedded_sig: Embedded signature to evaluate. :param signer_validation_context: Validation context to use to validate the signature's chain of trust. :param ts_validation_context: Validation context to use to validate the timestamp's chain of trust (defaults to ``signer_validation_context``). :param ac_validation_context: Validation context to use to validate attribute certificates. If not supplied, no AC validation will be performed. .. note:: :rfc:`5755` requires attribute authority trust roots to be specified explicitly; hence why there's no default. :param diff_policy: Policy to evaluate potential incremental updates that were appended to the signed revision of the document. Defaults to :const:`~pyhanko.sign.diff_analysis.DEFAULT_DIFF_POLICY`. :param key_usage_settings: A :class:`.KeyUsageConstraints` object specifying which key usages must or must not be present in the signer's certificate. :param skip_diff: If ``True``, skip the difference analysis step entirely. :param algorithm_policy: The algorithm usage policy for the signature validation. .. warning:: This is distinct from the algorithm usage policy used for certificate validation, but the latter will be used as a fallback if this parameter is not specified. It is nonetheless recommended to align both policies unless there is a clear reason to do otherwise. :return: The status of the PDF signature in question. rz"Signature object type must be /SigrNz4%s is not a recognized SubFilter type in signatures.rr) raw_digestsigner_reported_dt)rOvalidation_contextrrKrLtimestamp_validityr) signed_attrs)sd_attr_certificatesrrQsd_signed_attrsr)rKrr!rrGrr$PADESrrr&rkrupdaterr.default_usage_constraintsr$rXrwvalidtrustedr6certificate_registryregister_multiplerr%rr)r;rHrIrJrrKrrLrKrCrts_status_kwargsrP tst_validityr* sv_updates r@r4r40s r((J##v-&'KLLNN<6M  . .0@0F0FG> $ 9''9(!99;M0  ..0 )*=0)AA  )2DM. /+EE/  //4#-) M!$$%94@LD P\%7%7PL.C)NNNNNFN)NNF)Qloggingr collectionsrrtypingrrr asn1cryptorr pyhanko_certvalidatorr pyhanko_certvalidator.pathr pyhanko.pdf_utilsr r pyhanko.pdf_utils.genericrpyhanko.pdf_utils.readerrrpyhanko.sign.diff_analysisrrrrrrBrrrrrrpyhanko.sign.generalrrrrerrorsr!r"r# generic_cmsr$r%r&r'r(r)r*r+settingsr,statusr-r.r/utilsr0__all__ getLoggerrrrfrArJrr7r1r2r3r:boolr6rGr4r5rrr@rus. "(( 35+.G   * +    8 $  g&&'  hw.? &!9!9&e&8} } @ |\&B C  /M/hz6J/$g !gT&#B @>B9=9=(,8<:>x/&x/'(9:x/$$56x/$$56 x/ *% x/ !!45 x/x/67x/x/z7;(, 34&34 !2334*%34 34  34r