o vh$@sddlZddlZddlZddlmZddlmZmZmZm Z m Z m Z ddl m Z mZddlmZddlmZddlmZmZddlmZgd Zed d Gd d d ejZGdddejZed d GdddejZde eeffddZ dS)N) dataclass)AnyIterableListOptionalSetUnion)algosx509)api)ConfigurationError)load_cert_from_pemderload_certs_from_pemder) get_and_apply) TokenCriteriaPKCS11PinEntryModePKCS11SignatureConfigT)frozenc@sBeZdZUdZdZeeed< dZee ed< e ddZ dS)rzL .. versionadded:: 0.14.0 Search criteria for a PKCS#11 token. Nlabelserialc CsNz t|d|d<WdStyYdSty&}ztd|d}~ww)NrzVsz8PKCS11PinEntryMode.parse_mode_setting...) isinstancer$r __members__upperrr joinPROMPTSKIP)r(rrrparse_mode_settingNs  z%PKCS11PinEntryMode.parse_mode_settingN) r r!r"r#enumautor5DEFERr6 staticmethodrr7rrrrr.s rcsfeZdZUdZeed< dZeeed< dZee ed< dZ ee j ed< dZ eeed< dZeee j ed< dZeeed < dZee ed < dZeeed < dZeeed < ejZeed < dZeeeed< dZeed< dZeed< dZeed< dZeed< dZ ee!j"ed< e#de$effdd Z%e#fddZ&Z'S)rz Configuration for a PKCS#11 signature. This class is used to load PKCS#11 setup information from YAML configuration. module_pathN cert_labelcert_idsigning_certificatetoken_criteria other_certs key_labelkey_idslot_nouser_pin prompt_pinrother_certs_to_pullT bulk_fetchF prefer_pss raw_mechanismonly_resident_certssignature_mechanism keys_suppliedcstdd|DdS)NcSsh|]}|dvr|qS)) token_labelz token-labelr)r-krrr s z:PKCS11SignatureConfig.check_config_keys..)supercheck_config_keys)rrM __class__rrrRs z'PKCS11SignatureConfig.check_config_keyscs~t||dd}t|tr|f}tt||d<|dd}|dur,t||d<d|vr8t|d|d<d|vrDt|d|d<d|vrld|vrld|vrXd|vrXt dd|vrb|d|d<d|vrl|d|d<d|vrd|vrd|vrd|vr|d|d<d|vr|d|d<t |d t j t j d |d <d |vrtd t|d }d |vrd|i|d <dS|d d|dSdS)NrArr?rCr>rBr=zYEither 'key_id', 'key_label', 'cert_label' or 'cert_id',must be provided in PKCS#11 setuprF)defaultrNz?'token_label' is deprecated, use 'token_criteria.label' insteadr@r)rQrgetr1r$listrr _process_pkcs11_id_valuer rrr7r5warningswarnDeprecationWarningpop setdefault)rrrA cert_filelblrSrrrsd          z%PKCS11SignatureConfig.process_entries)(r r!r"r#r$r%r=rr>r&r?r Certificater@rrArrBrCrDintrErr5rFrGrrHboolrIrJrKrLr SignedDigestAlgorithmr'rrRr __classcell__rrrSrr_sP         rr.cCst|tr t|gSt|Sr*)r1rar&rr)r.rrrrX$s   rX)!rr8rY dataclassesrtypingrrrrrr asn1cryptor r pyhanko.configr pyhanko.config.errorsr pyhanko.keysr rpyhanko.pdf_utils.miscr__all__ConfigurableMixinrEnumrrr$rarXrrrrs$     1E