# h~,SSKJr SSKrSSKrSSKJrJr SSKJr SSK J r SSK J r SSK JrJrJr "SS \R"5r"S S \R"5r\ R(\ R*\ R,\ R.\ R04rSS jr"S S\R"5r"SS5r\R:r\R<r\R>r"SS5r "SS5r!\RDr"\RFr#g)) annotationsN)utilsx509)ocsp)hashes) CertificateIssuerPrivateKeyTypes)_EARLIEST_UTC_TIME_convert_to_naive_utc_time_reject_duplicate_extensionc\rSrSrSrSrSrg)OCSPResponderEncodingzBy HashzBy NameN)__name__ __module__ __qualname____firstlineno__HASHNAME__static_attributes__rH/var/www/html/env/lib/python3.13/site-packages/cryptography/x509/ocsp.pyr r s D Drr c,\rSrSrSrSrSrSrSrSr Sr g ) OCSPResponseStatusrrN) rrrr SUCCESSFULMALFORMED_REQUESTINTERNAL_ERROR TRY_LATER SIG_REQUIRED UNAUTHORIZEDrrrrrrs!JNILLrrcD[U[5(d [S5eg)Nz9Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512) isinstance_ALLOWED_HASHES ValueError) algorithms r_verify_algorithmr,.s$ i 1 1 G   2rc \rSrSrSrSrSrSrg)OCSPCertStatus5rrrrN)rrrrGOODREVOKEDUNKNOWNrrrrr.r.5s DGGrr.c>\rSrSrSSjrSrg)_SingleResponse;c H[U[R5(a[U[R5(d [S5e[ U5 [U[ R 5(d [S5eUb*[U[ R 5(d [S5eXlX lX0lXPl X`l [U[5(d [S5eU[RLaUb [S5eUb [S5eOw[U[ R 5(d [S5e[U5nU[:a [S5eUb*[U[R 5(d [S 5eX@lXplXlg) N%cert and issuer must be a Certificatez%this_update must be a datetime objectz-next_update must be a datetime object or Nonez8cert_status must be an item from the OCSPCertStatus enumzBrevocation_time can only be provided if the certificate is revokedzDrevocation_reason can only be provided if the certificate is revokedz)revocation_time must be a datetime objectz7The revocation_time must be on or after 1950 January 1.zCrevocation_reason must be an item from the ReasonFlags enum or None)r(r Certificate TypeErrorr,datetime_cert_issuer _algorithm _this_update _next_updater.r1r*r r ReasonFlags _cert_status_revocation_time_revocation_reason) selfcertissuerr+ cert_status this_update next_updaterevocation_timerevocation_reasons r__init___SingleResponse.__init__<s$ 0 011 D$$: : CD D)$+x'8'899CD D  ": **, , KL L  #''+~66J  n44 4* !!, "- ox/@/@AA KLL8IO!33 ' !,Z!4#3#366 # ( /"3r)r=r;rAr<r?rCrBr>N)rEx509.CertificaterFrNr+hashes.HashAlgorithmrGr.rHdatetime.datetimerIdatetime.datetime | NonerJrQrKx509.ReasonFlags | None)rrrrrLrrrrr4r4;s^B4B4!B4( B4 $ B4 ' B4.B42B43B4rr4c\rSrSrSS/4S SjjrS SjrS SjrS SjrS SjrSr g)OCSPRequestBuilderNc(XlX lX0lgN)_request _request_hash _extensions)rDrequest request_hash extensionss rrLOCSPRequestBuilder.__init__s )%rc:URc URb [S5e[U5 [ U[ R 5(a[ U[ R 5(d [S5e[XU4URUR5$)N.Only one certificate can be added to a requestr7) rXrYr*r,r(rr8r9rTrZ)rDrErFr+s radd_certificate"OCSPRequestBuilder.add_certificates == $(:(:(FMN N)$$ 0 011 D$$: : CD D! 9 %t'9'94;K;K  rcURc URb [S5e[U[5(d [ S5e[ U5 [R"SU5 [R"SU5 UR[U5:wdUR[U5:wa [S5e[URXX44UR5$)Nr`z serial_number must be an integerissuer_name_hashissuer_key_hashz`issuer_name_hash and issuer_key_hash must be the same length as the digest size of the algorithm) rXrYr*r(intr9r,r _check_bytes digest_sizelenrTrZ)rDrdre serial_numberr+s radd_certificate_by_hash*OCSPRequestBuilder.add_certificate_by_hashs == $(:(:(FMN N--->? ?)$ -/?@ ,o>  C %   " "c/&: :6  " MM  I     rc [U[R5(d [S5e[R"UR X!5n[ X0R5 [URUR/URQUP5$Nz"extension must be an ExtensionType) r(r ExtensionTyper9 Extensionoidr rZrTrXrYrDextvalcritical extensions r add_extension OCSPRequestBuilder.add_extensionst&$"4"455@A ANN6::x@ #I/?/?@! MM4--/M1A1A/M9/M  rcxURcURc [S5e[R"U5$)Nz*You must add a certificate before building)rXrYr*rcreate_ocsp_request)rDs rbuildOCSPRequestBuilder.builds4 == T%7%7%?IJ J''--r)rZrXrY)r[zFtuple[x509.Certificate, x509.Certificate, hashes.HashAlgorithm] | Noner\z5tuple[bytes, bytes, int, hashes.HashAlgorithm] | Noner](list[x509.Extension[x509.ExtensionType]]returnNone)rErNrFrNr+rOr}rT) rdbytesrerrjrfr+rOr}rT)rsx509.ExtensionTypertboolr}rT)r} OCSPRequest) rrrrrLrarkrvrzrrrrrTrTs ?A & &  &= &  &  ! (    &     (    <  (  48    .rrTc\rSrSrSSS/4S SjjrS SjrS SjrSSjrSSjrSSjr \ SS j5r S r g)OCSPResponseBuilderNc4XlX lX0lX@lgrW) _response _responder_id_certsrZ)rDresponse responder_idcertsr]s rrLOCSPResponseBuilder.__init__s") %rc URb [S5e[UUUUUUUU5n [U URUR UR 5$)Nz#Only one response per OCSPResponse.)rr*r4rrrrZ) rDrErFr+rGrHrIrJrK singleresps r add_response OCSPResponseBuilder.add_responsesg >> %BC C$          #     KK      rc URb [S5e[U[R5(d [ S5e[U[ 5(d [ S5e[URX!4URUR5$)Nz!responder_id can only be set oncez$responder_cert must be a Certificatez6encoding must be an element from OCSPResponderEncoding) rr*r(rr8r9r rrrrZ)rDencodingresponder_certs rr OCSPResponseBuilder.responder_ids    )@A A.$*:*:;;BC C($9::H # NN  & KK      rcURb [S5e[U5n[U5S:Xa [S5e[ SU55(d [ S5e[ URURUUR5$)Nz!certificates may only be set oncerzcerts must not be an empty listc3V# UHn[U[R5v M! g7frW)r(rr8).0xs r 3OCSPResponseBuilder.certificates.."s BEq:a!1!122Es')z$certs must be a list of Certificates) rr*listriallr9rrrrZ)rDrs r certificates OCSPResponseBuilder.certificatess ;; "@A AU  u:?>? ?BEBBBBC C" NN          rc6[U[R5(d [S5e[R"UR X!5n[ X0R5 [URURUR/URQUP5$rn) r(rror9rprqr rZrrrrrrs rrv!OCSPResponseBuilder.add_extension+s|&$"4"455@A ANN6::x@ #I/?/?@" NN    KK *d * *   rcURc [S5eURc [S5e[R"[ R XU5$)Nz&You must add a response before signingz*You must add a responder_id before signing)rr*rrcreate_ocsp_responserr!)rD private_keyr+s rsignOCSPResponseBuilder.sign;sR >> !EF F    %IJ J((  ) )4i  rc[U[5(d [S5eU[RLa [ S5e[ R "USSS5$)Nz7response_status must be an item from OCSPResponseStatusz$response_status cannot be SUCCESSFUL)r(rr9r!r*rr)clsresponse_statuss rbuild_unsuccessful&OCSPResponseBuilder.build_unsuccessfulIsV/+=>>I  0;; ;CD D(($dKKr)rrZrr)rz_SingleResponse | Nonerz5tuple[x509.Certificate, OCSPResponderEncoding] | Nonerzlist[x509.Certificate] | Noner]r|)rErNrFrNr+rOrGr.rHrPrIrQrJrQrKrRr}r)rr rrNr}r)rz!typing.Iterable[x509.Certificate]r}r)rsrrtrr}r)rrr+zhashes.HashAlgorithm | Noner} OCSPResponse)rrr}r) rrrrrLrrrrvr classmethodrrrrrrrs0,0/3?A &( & & - & = &  ! (  $  '  . 2 3   > - ?O  & 6  " ( 48   5  /      L0 L  L Lrr)r+rOr}r~)$ __future__rr:typing cryptographyrr"cryptography.hazmat.bindings._rustrcryptography.hazmat.primitivesr/cryptography.hazmat.primitives.asymmetric.typesrcryptography.x509.baser r r Enumr rSHA1SHA224SHA256SHA384SHA512r)r,r.r4rrOCSPSingleResponserTrload_der_ocsp_requestload_der_ocsp_responserrrrs # $31EJJ  KK MM MM MM MM  UZZ C4C4L   ,,Q.Q.hzLzLz2244r