HEX
Server: LiteSpeed
System: Linux php-prod-1.spaceapp.ru 5.15.0-157-generic #167-Ubuntu SMP Wed Sep 17 21:35:53 UTC 2025 x86_64
User: sport3497 (1034)
PHP: 8.1.33
Disabled: NONE
Upload Files
File: //lib/python3/dist-packages/cryptography/x509/__pycache__/ocsp.cpython-310.pyc
o

g�e�9�@snddlZddlZddlZddlmZddlmZddlmZmZddl	m
Z
mZmZm
Z
e��e��e��e��e��d�ZGdd�dej�ZGd	d
�d
ej�Zdd�eD�ZejejejejejfZd
d�ZGdd�dej�Zdd�eD�ZGdd�de�ZGdd�dejd�ZGdd�dejd�Z Gdd�de�Z!Gdd�de�Z"de#defdd �Z$de#de fd!d"�Z%dS)#�N)�utils)�x509)�hashes�
serialization)�_EARLIEST_UTC_TIME�_PRIVATE_KEY_TYPES�_convert_to_naive_utc_time�_reject_duplicate_extension)z
1.3.14.3.2.26z2.16.840.1.101.3.4.2.4z2.16.840.1.101.3.4.2.1z2.16.840.1.101.3.4.2.2z2.16.840.1.101.3.4.2.3c@seZdZdZdZdS)�OCSPResponderEncodingzBy HashzBy NameN)�__name__�
__module__�__qualname__�HASH�NAME�rr�8/usr/lib/python3/dist-packages/cryptography/x509/ocsp.pyr
sr
c@s$eZdZdZdZdZdZdZdZdS)�OCSPResponseStatusr�����N)	rrr
�
SUCCESSFUL�MALFORMED_REQUEST�INTERNAL_ERROR�	TRY_LATER�SIG_REQUIRED�UNAUTHORIZEDrrrrr#srcC�i|]}|j|�qSr��value��.0�xrrr�
<dictcomp>,�r$cCst|t�s	td��dS)Nz9Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512)�
isinstance�_ALLOWED_HASHES�
ValueError)�	algorithmrrr�_verify_algorithm6s

��r*c@seZdZdZdZdZdS)�OCSPCertStatusrrrN)rrr
�GOOD�REVOKED�UNKNOWNrrrrr+=sr+cCrrrr!rrrr$Cr%c@seZdZdd�ZdS)�_SingleResponsec		Cst|tj�rt|tj�std��t|�t|tj�std��|dur,t|tj�s,td��||_||_||_||_	||_
t|t�sDtd��|tjurZ|durQt
d��|durYt
d��n$t|tj�sdtd��t|�}|tkrpt
d��|dur~t|tj�s~td	��||_||_||_dS)
N�%cert and issuer must be a Certificatez%this_update must be a datetime objectz-next_update must be a datetime object or Nonez8cert_status must be an item from the OCSPCertStatus enumzBrevocation_time can only be provided if the certificate is revokedzDrevocation_reason can only be provided if the certificate is revokedz)revocation_time must be a datetime objectz7The revocation_time must be on or after 1950 January 1.zCrevocation_reason must be an item from the ReasonFlags enum or None)r&r�Certificate�	TypeErrorr*�datetime�_cert�_issuer�
_algorithm�_this_update�_next_updater+r-r(rr�ReasonFlags�_cert_status�_revocation_time�_revocation_reason)	�self�cert�issuerr)�cert_status�this_update�next_update�revocation_time�revocation_reasonrrr�__init__Gs\�
�
�
����
��
z_SingleResponse.__init__N)rrr
rErrrrr/Fsr/c@s�eZdZejdefdd��Zejdefdd��Zejdej	fdd��Z
ejdefdd	��Zej
d
ejdefdd��Zejdejfd
d��ZdS)�OCSPRequest�returncC�dS�z3
        The hash of the issuer public key
        Nr�r=rrr�issuer_key_hash��zOCSPRequest.issuer_key_hashcCrH�z-
        The hash of the issuer name
        NrrJrrr�issuer_name_hash�rLzOCSPRequest.issuer_name_hashcCrH�zK
        The hash algorithm used in the issuer name and key hashes
        NrrJrrr�hash_algorithm�rLzOCSPRequest.hash_algorithmcCrH�zM
        The serial number of the cert whose status is being checked
        NrrJrrr�
serial_number�rLzOCSPRequest.serial_number�encodingcCrH)z/
        Serializes the request to DER
        Nr�r=rSrrr�public_bytes�rLzOCSPRequest.public_bytescCrH)zP
        The list of request extensions. Not single request extensions.
        NrrJrrr�
extensions�rLzOCSPRequest.extensionsN)rrr
�abc�abstractproperty�bytesrKrNr�
HashAlgorithmrP�intrR�abstractmethodr�EncodingrUr�
ExtensionsrVrrrrrF�srF)�	metaclassc@s�eZdZejdefdd��Zejdejfdd��Z	ejde
jej
fdd��Zejdefdd	��Zejdefd
d��Zejde
jejfdd
��Zejde
jefdd��Zejde
jejfdd��Zejdejfdd��Zejdefdd��Zejde
jejfdd��Zejde
jejfdd��Zejdejfdd��Zejde
jejfdd��Z ejdefdd��Z!ejdefd d!��Z"ejdej
fd"d#��Z#ejde$fd$d%��Z%ejdej&fd&d'��Z'ejdej&fd(d)��Z(ej)d*e*j+defd+d,��Z,d-S).�OCSPResponserGcCrH)zm
        The status of the response. This is a value from the OCSPResponseStatus
        enumeration
        NrrJrrr�response_status�rLzOCSPResponse.response_statuscCrH)zA
        The ObjectIdentifier of the signature algorithm
        NrrJrrr�signature_algorithm_oid�rLz$OCSPResponse.signature_algorithm_oidcCrH)zX
        Returns a HashAlgorithm corresponding to the type of the digest signed
        NrrJrrr�signature_hash_algorithm�rLz%OCSPResponse.signature_hash_algorithmcCrH)z%
        The signature bytes
        NrrJrrr�	signature�rLzOCSPResponse.signaturecCrH)z+
        The tbsResponseData bytes
        NrrJrrr�tbs_response_bytes�rLzOCSPResponse.tbs_response_bytescCrH)z�
        A list of certificates used to help build a chain to verify the OCSP
        response. This situation occurs when the OCSP responder uses a delegate
        certificate.
        NrrJrrr�certificates�rLzOCSPResponse.certificatescCrH)z2
        The responder's key hash or None
        NrrJrrr�responder_key_hash�rLzOCSPResponse.responder_key_hashcCrH)z.
        The responder's Name or None
        NrrJrrr�responder_name�rLzOCSPResponse.responder_namecCrH)z4
        The time the response was produced
        NrrJrrr�produced_at�rLzOCSPResponse.produced_atcCrH)zY
        The status of the certificate (an element from the OCSPCertStatus enum)
        NrrJrrr�certificate_status�rLzOCSPResponse.certificate_statuscCrH)z^
        The date of when the certificate was revoked or None if not
        revoked.
        NrrJrrrrC�rLzOCSPResponse.revocation_timecCrH)zi
        The reason the certificate was revoked or None if not specified or
        not revoked.
        NrrJrrrrD�rLzOCSPResponse.revocation_reasoncCrH)z�
        The most recent time at which the status being indicated is known by
        the responder to have been correct
        NrrJrrrrArLzOCSPResponse.this_updatecCrH)zC
        The time when newer information will be available
        NrrJrrrrB	rLzOCSPResponse.next_updatecCrHrIrrJrrrrKrLzOCSPResponse.issuer_key_hashcCrHrMrrJrrrrNrLzOCSPResponse.issuer_name_hashcCrHrOrrJrrrrPrLzOCSPResponse.hash_algorithmcCrHrQrrJrrrrR!rLzOCSPResponse.serial_numbercCrH)zR
        The list of response extensions. Not single response extensions.
        NrrJrrrrV'rLzOCSPResponse.extensionscCrH)zR
        The list of single response extensions. Not response extensions.
        NrrJrrr�single_extensions-rLzOCSPResponse.single_extensionsrScCrH)z0
        Serializes the response to DER
        NrrTrrrrU3rLzOCSPResponse.public_bytesN)-rrr
rWrXrrar�ObjectIdentifierrb�typing�OptionalrrZrcrYrdre�Listr1rfrg�Namerhr3rir+rjrCr9rDrArBrKrNrPr[rRr^rVrkr\rr]rUrrrrr`�sZ
�r`c@s`eZdZdgfdd�Zdejdejdejddfdd	�Zd
ej	de
ddfdd
�Zdefdd�Z
dS)�OCSPRequestBuilderNcCs||_||_dS�N)�_request�_extensions)r=�requestrVrrrrE;s
zOCSPRequestBuilder.__init__r>r?r)rGcCsL|jdur	td��t|�t|tj�rt|tj�std��t|||f|j�S)Nz.Only one certificate can be added to a requestr0)	rsr(r*r&rr1r2rqrt)r=r>r?r)rrr�add_certificate?s
�z"OCSPRequestBuilder.add_certificate�extval�criticalcCsDt|tj�s
td��t�|j||�}t||j�t|j	|j|g�S�Nz"extension must be an ExtensionType)
r&r�
ExtensionTyper2�	Extension�oidr	rtrqrs�r=rwrx�	extensionrrr�
add_extensionPs�z OCSPRequestBuilder.add_extensioncCs(ddlm}|jdurtd��|�|�S)Nr��backendz*You must add a certificate before building)�,cryptography.hazmat.backends.openssl.backendr�rsr(�create_ocsp_request)r=r�rrr�build]s

zOCSPRequestBuilder.build)rrr
rErr1rrZrvrz�boolrrFr�rrrrrq:s&���
���
�
rqc@s�eZdZdddgfdd�Zdejdejdejdede	j	d	e
je	j	d
e
je	j	de
jejddfd
d�Z
dedejddfdd�Zde
jejddfdd�Zdejdeddfdd�Zdede
jejdefdd�Zededefdd��ZdS) �OCSPResponseBuilderNcCs||_||_||_||_dSrr)�	_response�
_responder_id�_certsrt)r=�response�responder_id�certsrVrrrrEgs
zOCSPResponseBuilder.__init__r>r?r)r@rArBrCrDrGc	
	Cs<|jdur	td��t||||||||�}	t|	|j|j|j�S)Nz#Only one response per OCSPResponse.)r�r(r/r�r�r�rt)
r=r>r?r)r@rArBrCrD�
singleresprrr�add_responseos$
�
�z OCSPResponseBuilder.add_responserS�responder_certcCsP|jdur	td��t|tj�std��t|t�std��t|j||f|j	|j
�S)Nz!responder_id can only be set oncez$responder_cert must be a Certificatez6encoding must be an element from OCSPResponderEncoding)r�r(r&rr1r2r
r�r�r�rt)r=rSr�rrrr��s

��z OCSPResponseBuilder.responder_idr�cCs\|jdur	td��t|�}t|�dkrtd��tdd�|D��s$td��t|j|j||j	�S)Nz!certificates may only be set oncerzcerts must not be an empty listcss�|]	}t|tj�VqdSrr)r&rr1r!rrr�	<genexpr>�s�z3OCSPResponseBuilder.certificates.<locals>.<genexpr>z$certs must be a list of Certificates)
r�r(�list�len�allr2r�r�r�rt)r=r�rrrrf�s
�z OCSPResponseBuilder.certificatesrwrxcCsLt|tj�s
td��t�|j||�}t||j�t|j	|j
|j|j|g�Sry)r&rrzr2r{r|r	rtr�r�r�r�r}rrrr�s
�z!OCSPResponseBuilder.add_extension�private_keycCsBddlm}|jdurtd��|jdurtd��|�tj|||�S)Nrr�z&You must add a response before signingz*You must add a responder_id before signing)r�r�r�r(r��create_ocsp_responserr)r=r�r)r�rrr�sign�s


�zOCSPResponseBuilder.signracCs@ddlm}t|t�std��|tjurtd��|�|ddd�S)Nrr�z7response_status must be an item from OCSPResponseStatusz$response_status cannot be SUCCESSFUL)r�r�r&rr2rr(r�)�clsrar�rrr�build_unsuccessful�s
�
z&OCSPResponseBuilder.build_unsuccessful)rrr
rErr1rrZr+r3rmrnr9r�r
r��Iterablerfrzr�rrr`r��classmethodrr�rrrrr�fsl
������
�
�
	�

���
�
�
���
��
�
���r��datarGcC�ddlm}|�|�S�Nrr�)r�r��load_der_ocsp_request�r�r�rrrr���
r�cCr�r�)r�r��load_der_ocsp_responser�rrrr��r�r�)&rWr3rm�cryptographyrr�cryptography.hazmat.primitivesrr�cryptography.x509.baserrrr	�SHA1�SHA224�SHA256�SHA384�SHA512�
_OIDS_TO_HASH�Enumr
r�_RESPONSE_STATUS_TO_ENUMr'r*r+�_CERT_STATUS_TO_ENUM�objectr/�ABCMetarFr`rqr�rYr�r�rrrr�<module>sB	�		�	F&	,|