ly4na

Server : LiteSpeed
System : Linux server51.dnsbootclub.com 4.18.0-553.62.1.lve.el8.x86_64 #1 SMP Mon Jul 21 17:50:35 UTC 2025 x86_64
User : nandedex ( 1060)
PHP Version : 8.1.33
Disable Function : NONE
Directory : /opt/cppython/lib/python3.8/site-packages/cryptography/x509/__pycache__/
Upload File :
Current File : //opt/cppython/lib/python3.8/site-packages/cryptography/x509/__pycache__/ocsp.cpython-38.pyc
U

O��g~,�@sddlmZddlZddlZddlmZmZddlmZddl	m
Z
ddlmZddl
mZmZmZGdd	�d	ej�ZGd
d�dej�Ze
je
je
je
je
jfZdd
d�dd�ZGdd�dej�ZGdd�d�ZejZejZejZGdd�d�Z Gdd�d�Z!ej"Z"ej#Z#dS)�)�annotationsN)�utils�x509)�ocsp)�hashes)� CertificateIssuerPrivateKeyTypes)�_EARLIEST_UTC_TIME�_convert_to_naive_utc_time�_reject_duplicate_extensionc@seZdZdZdZdS)�OCSPResponderEncodingzBy HashzBy NameN)�__name__�
__module__�__qualname__�HASH�NAME�rr�C/opt/cppython/lib/python3.8/site-packages/cryptography/x509/ocsp.pyrsrc@s$eZdZdZdZdZdZdZdZdS)�OCSPResponseStatusr�����N)	rr
r�
SUCCESSFULZMALFORMED_REQUEST�INTERNAL_ERRORZ	TRY_LATERZSIG_REQUIRED�UNAUTHORIZEDrrrrrsr�hashes.HashAlgorithm�None)�	algorithm�returncCst|t�std��dS)Nz9Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512)�
isinstance�_ALLOWED_HASHES�
ValueError)rrrr�_verify_algorithm.s
�r#c@seZdZdZdZdZdS)�OCSPCertStatusrrrN)rr
rZGOOD�REVOKED�UNKNOWNrrrrr$5sr$c	@s(eZdZddddddddd�dd	�Zd
S)�_SingleResponse�x509.Certificaterr$�datetime.datetime�datetime.datetime | None�x509.ReasonFlags | None)�cert�issuerr�cert_status�this_update�next_update�revocation_time�revocation_reasonc		Cst|tj�rt|tj�s td��t|�t|tj�s<td��|dk	rXt|tj�sXtd��||_||_||_||_	||_
t|t�s�td��|tjk	r�|dk	r�t
d��|dk	r�t
d��nHt|tj�s�td��t|�}|tkr�t
d��|dk	r�t|tj�s�td	��||_||_||_dS)
N�%cert and issuer must be a Certificatez%this_update must be a datetime objectz-next_update must be a datetime object or Nonez8cert_status must be an item from the OCSPCertStatus enumzBrevocation_time can only be provided if the certificate is revokedzDrevocation_reason can only be provided if the certificate is revokedz)revocation_time must be a datetime objectz7The revocation_time must be on or after 1950 January 1.zCrevocation_reason must be an item from the ReasonFlags enum or None)r r�Certificate�	TypeErrorr#�datetimeZ_certZ_issuer�
_algorithmZ_this_updateZ_next_updater$r%r"r	rZReasonFlagsZ_cert_statusZ_revocation_timeZ_revocation_reason)	�selfr,r-rr.r/r0r1r2rrr�__init__<s`�
�
�
���
��z_SingleResponse.__init__N)rr
rr9rrrrr';sr'c@sreZdZddgfddddd�dd�Zd	d	d
dd�dd
�Zdddd
dd�dd�Zdddd�dd�Zdd�dd�ZdS)�OCSPRequestBuilderNzFtuple[x509.Certificate, x509.Certificate, hashes.HashAlgorithm] | Nonez5tuple[bytes, bytes, int, hashes.HashAlgorithm] | None�(list[x509.Extension[x509.ExtensionType]]r)�request�request_hash�
extensionsrcCs||_||_||_dS�N)�_request�
_request_hash�_extensions)r8r<r=r>rrrr9�s
zOCSPRequestBuilder.__init__r(r)r,r-rrcCsZ|jdk	s|jdk	rtd��t|�t|tj�r<t|tj�sDtd��t|||f|j|j	�S)N�.Only one certificate can be added to a requestr3)
r@rAr"r#r rr4r5r:rB)r8r,r-rrrr�add_certificate�s��z"OCSPRequestBuilder.add_certificate�bytes�int)�issuer_name_hash�issuer_key_hash�
serial_numberrrcCs�|jdk	s|jdk	rtd��t|t�s.td��t|�t�d|�t�d|�|j	t
|�ksj|j	t
|�krrtd��t|j||||f|j�S)NrCz serial_number must be an integerrGrHz`issuer_name_hash and issuer_key_hash must be the same length as the digest size of the algorithm)
r@rAr"r rFr5r#r�_check_bytes�digest_size�lenr:rB)r8rGrHrIrrrr�add_certificate_by_hash�s(
���
�z*OCSPRequestBuilder.add_certificate_by_hash�x509.ExtensionType�bool��extval�criticalrcCsHt|tj�std��t�|j||�}t||j�t|j	|j
|j|f��S�Nz"extension must be an ExtensionType)r r�
ExtensionTyper5�	Extension�oidr
rBr:r@rA�r8rQrR�	extensionrrr�
add_extension�s
�z OCSPRequestBuilder.add_extension�OCSPRequest)rcCs&|jdkr|jdkrtd��t�|�S)Nz*You must add a certificate before building)r@rAr"rZcreate_ocsp_request)r8rrr�build�szOCSPRequestBuilder.build)rr
rr9rDrMrYr[rrrrr:�s�
r:c
@s�eZdZdddgfddddd�dd�Zd	d	d
ddd
d
ddd�	dd�Zdd	dd�dd�Zddd�dd�Zdddd�dd�Zdd d!d"�d#d$�Ze	d%d!d&�d'd(��Z
dS))�OCSPResponseBuilderNz_SingleResponse | Nonez5tuple[x509.Certificate, OCSPResponderEncoding] | Nonezlist[x509.Certificate] | Noner;)�response�responder_id�certsr>cCs||_||_||_||_dSr?)�	_response�
_responder_id�_certsrB)r8r]r^r_r>rrrr9�szOCSPResponseBuilder.__init__r(rr$r)r*r+)	r,r-rr.r/r0r1r2rc	
	Cs<|jdk	rtd��t||||||||�}	t|	|j|j|j�S)Nz#Only one response per OCSPResponse.)r`r"r'r\rarbrB)
r8r,r-rr.r/r0r1r2Z
singleresprrr�add_response�s$
�
�z OCSPResponseBuilder.add_responser)�encoding�responder_certrcCsP|jdk	rtd��t|tj�s&td��t|t�s8td��t|j||f|j	|j
�S)Nz!responder_id can only be set oncez$responder_cert must be a Certificatez6encoding must be an element from OCSPResponderEncoding)rar"r rr4r5rr\r`rbrB)r8rdrerrrr^s

��z OCSPResponseBuilder.responder_idz!typing.Iterable[x509.Certificate])r_rcCs\|jdk	rtd��t|�}t|�dkr.td��tdd�|D��sHtd��t|j|j||j	�S)Nz!certificates may only be set oncerzcerts must not be an empty listcss|]}t|tj�VqdSr?)r rr4)�.0�xrrr�	<genexpr>"sz3OCSPResponseBuilder.certificates.<locals>.<genexpr>z$certs must be a list of Certificates)
rbr"�listrL�allr5r\r`rarB)r8r_rrr�certificatess
�z OCSPResponseBuilder.certificatesrNrOrPcCsLt|tj�std��t�|j||�}t||j�t|j	|j
|j|j|f��SrS)r rrTr5rUrVr
rBr\r`rarbrWrrrrY+s
�z!OCSPResponseBuilder.add_extensionrzhashes.HashAlgorithm | None�OCSPResponse)�private_keyrrcCs6|jdkrtd��|jdkr$td��t�tj|||�S)Nz&You must add a response before signingz*You must add a responder_id before signing)r`r"rar�create_ocsp_responserr)r8rmrrrr�sign;s

�zOCSPResponseBuilder.signr)�response_statusrcCs4t|t�std��|tjkr$td��t�|ddd�S)Nz7response_status must be an item from OCSPResponseStatusz$response_status cannot be SUCCESSFUL)r rr5rr"rrn)�clsrprrr�build_unsuccessfulIs
�
z&OCSPResponseBuilder.build_unsuccessful)rr
rr9rcr^rkrYro�classmethodrrrrrrr\�s�
r\)$�
__future__rr6�typingZcryptographyrrZ"cryptography.hazmat.bindings._rustrZcryptography.hazmat.primitivesrZ/cryptography.hazmat.primitives.asymmetric.typesrZcryptography.x509.baserr	r
�Enumrr�SHA1�SHA224�SHA256�SHA384�SHA512r!r#r$r'rZrlZOCSPSingleResponser:r\Zload_der_ocsp_requestZload_der_ocsp_responserrrr�<module>s2
�	FT}
F1le Man4ger