o vh@sdZddlZddlmZddlmZmZmZddlm Z m Z m Z m Z ddl mZddlmZgdZd eZGd d d ejZGd d d ejZGdddejZeddGdddZGdddejZdS)zF Asynchronous API for fetching OCSP responses, CRLs and certificates. N) dataclass)AsyncGeneratorIterableUnion)cmscrlocspx509) Authority) __version__) OCSPFetcher CRLFetcherCertificateFetcherFetchersFetcherBackendDEFAULT_USER_AGENTzpyhanko_certvalidator %sc@sleZdZdZdeejejfde de j fddZ de e j fddZdeejejfde e j fd d Zd S) r z4Utility interface to fetch and cache OCSP responses.cert authorityreturnct)ag Fetch an OCSP response for a certificate. :param cert: The certificate for which an OCSP response has to be fetched. :param authority: The issuing authority. :raises: OCSPFetchError - Raised if an OCSP response could not be obtained. :return: An OCSP response. NotImplementedError)selfrrr`/var/www/html/hyperkenya/venv/lib/python3.10/site-packages/pyhanko_certvalidator/fetchers/api.pyfetchszOCSPFetcher.fetchcCt)zD Return all responses fetched by this OCSP fetcher. rrrrrfetched_responses/zOCSPFetcher.fetched_responsescCr)z Return all responses fetched by this OCSP fetcher that are relevant to determine the revocation status of the given certificate. rrrrrrfetched_responses_for_cert5z&OCSPFetcher.fetched_responses_for_certN)__name__ __module__ __qualname____doc__rr CertificaterAttributeCertificateV2r r OCSPResponserrrr!rrrrr s r c@sreZdZdZdddeejejfde e j fddZ de e j fdd Z deejejfde e j fd d ZdS) r z*Utility interface to fetch and cache CRLs.N) use_deltasrrcr)a Fetches the CRLs for a certificate. :param cert: An asn1crypto.x509.Certificate object to get the CRL for :param use_deltas: A boolean indicating if delta CRLs should be fetched :raises: CRLFetchError - when a network/IO error or decoding error occurs :return: An iterable of CRLs fetched. r)rrr*rrrrBszCRLFetcher.fetchcCr)z> Return all CRLs fetched by this CRL fetcher. rrrrr fetched_crls^rzCRLFetcher.fetched_crlscCr)a Return all relevant fetched CRLs for the given certificate :param cert: A certificate. :return: An iterable of CRLs :raise KeyError: if no fetch operations have been performed for this certificate rr rrrfetched_crls_for_certds z CRLFetcher.fetched_crls_for_cert)r#r$r%r&rr r'rr(rrCertificateListrr+r,rrrrr ?s r c@sdeZdZdZdeejejfde ejdffddZ de ejdffddZ de ejfd d Z dS) rz2Utility interface to fetch and cache certificates.rrNcCr)a Fetches certificates from the authority information access extension of a certificate. :param cert: A certificate :raises: CertificateFetchError - when a network I/O or decoding error occurs :return: An asynchronous generator yielding asn1crypto.x509.Certificate objects that were fetched. rr rrrfetch_cert_issuerswz%CertificateFetcher.fetch_cert_issuerscCr)a Fetches certificates from the authority information access extension of an asn1crypto.crl.CertificateList. :param certificate_list: An asn1crypto.crl.CertificateList object :raises: CertificateFetchError - when a network I/O or decoding error occurs :return: An asynchronous generator yielding asn1crypto.x509.Certificate objects that were fetched. r)rcertificate_listrrrfetch_crl_issuersr/z$CertificateFetcher.fetch_crl_issuerscCr)zP Return all certificates retrieved by this certificate fetcher. rrrrr fetched_certsrz CertificateFetcher.fetched_certs)r#r$r%r&rr r'rr(rr.r1rr2rrrrrts    rT)frozenc@s*eZdZUdZeed<eed<eed<dS)rz Models a collection of fetchers to be used by a validation context. The intention is that these can share resources (like a connection pool) in a unified, controlled manner. See also :class:`.FetcherBackend`. ocsp_fetcher crl_fetcher cert_fetcherN)r#r$r%r&r __annotations__r rrrrrrs  rc@s<eZdZdZdefddZddZdefddZd d Zd S) ra Generic, bare-bones interface to help abstract away instantiation logic for fetcher implementations. Intended to operate as an asynchronous context manager, with `async with backend_obj as fetchers: ...` putting the resulting :class:`.Fetchers` object in to the variable named `fetchers`. .. note:: The initialisation part of the API is necessarily synchronous, for backwards compatibility with the old ``ValidationContext`` API. If you need asynchronous resource management, handle it elsewhere, or use some form of lazy resource provisioning. Alternatively, you can pass :class:`Fetchers` objects to the validation context yourself, and forgo use of the :class:`.FetcherBackend` API altogether. rcCr)zl Set up fetchers synchronously. .. note:: This is a synchronous method rrrrr get_fetchersr"zFetcherBackend.get_fetcherscsdS)zf Clean up the resources associated with this fetcher backend, asynchronously. NrrrrrcloseszFetcherBackend.closecs |SN)r8rrrr __aenter__szFetcherBackend.__aenter__cs|IdHSr:)r9)rexc_typeexc_valexc_tbrrr __aexit__szFetcherBackend.__aexit__N) r#r$r%r&rr8r9r;r?rrrrrs   r)r&abc dataclassesrtypingrrr asn1cryptorrrr pyhanko_certvalidator.authorityr pyhanko_certvalidator.versionr __all__rABCr r rrrrrrrs    &50