o &zh!@sddlZddlmZddlmZmZmZmZddlm Z ddl m Z m Z ddl mZddlmZz ddlmZmZWn eyGdZZYnwdd lmZeeZGd d d ZdS) N)Path)crlocsppemx509)IncrementalPdfFileWriter)signers timestamps)SigSeedSubFilter)ValidationContext) PKCS11Signeropen_pkcs11_session)getFilec@seZdZeddZeddZeddZeddZed d Zed d Z ed dZ eddZ eddZ eddZ eddZeddZeddZeddZeddZdS) PDFSignaturecCs*d|vr|d}t|tr|}|SdS)N passphrase) isinstancestrencodeconfigrrS/var/www/html/kangema/venv/lib/python3.10/site-packages/xhtml2pdf/builders/signs.pyget_passphrases  zPDFSignature.get_passphrasecCsg}d|vr;|d}t|ts|g}|D]&}t|ttfr5t|}t|\}}}|t j |q||q|s?dS|S)Nca_chain) rlistrrrrunarmorgetDataappendr Certificateload)r_keychainschaincpisafile_digicert_ca_bytesrrr get_chainss  zPDFSignature.get_chainscCsJt|}d|vr#d|vr#|r#t|d}tjj|d|d||dSdS)Nkeycertr)ca_chain_fileskey_passphrase)rrr'r SimpleSignerr)rrr"rrrtest_simple_signer0s  zPDFSignature.test_simple_signercCs.t|}d|vr|rtjj|d|dSdS)Npfx_file)r.r)rrrr, load_pkcs12rrrrtest_pkcs12_signer=s  zPDFSignature.test_pkcs12_signerc Csrt|}|dddddddddddd }|D]}||vr1|dkr+t|d}|||<q||||<qtdi|S)NFTr) pkcs11_session cert_label signing_certr key_label prefer_pss embed_rootsother_certs_to_pull bulk_fetchkey_idcert_iduse_raw_mechanismr)r get_sessionr'r )rsessionkeysr(r"rrrtest_pkcs11_signerFs,    zPDFSignature.test_pkcs11_signercCsd|vr tj|ddSdS)Ntsa)url)r HTTPTimeStamper)rrrrget_timestampsbszPDFSignature.get_timestampscCsnd|vrdSd}|d}|dkrt|}|S|dkr,tdur%d}t|t|}|S|dkr5t|}|S)Nenginepkcs12pkcs11zpyhanko.sign.pkcs11 requires pyHanko to be installed with the [pkcs11] option. You can install missing dependencies by running "pip install 'pyHanko[pkcs11]'".simple)rr0r ImportErrorr?r-)rsignerrDmsgrrr get_signershs"    zPDFSignature.get_signerscCs(|ddkr t|||St|||S)Ntypelta)rlta_sign simple_sign) inputfileoutputrrrrsigns zPDFSignature.signcCsNg}|D] }t|ttfrt|}tj|}||q||q|SN) rrrrrCertificateListrrr)crls list_crlsxr$ cert_listrrr parse_crlss  zPDFSignature.parse_crlscCs4g}|D]}t|}tj|}||q|SrS)rr OCSPResponserrr)oscps list_oscprWr$datarrr parse_oscps  zPDFSignature.parse_oscpcCsddi}d|vred|dvrt|dd|dd<d|dvr.t|dd|dd<d|dvr>t|d|dd<d|dvrNt|d|dd<d|dvr^t|d|dd<||dtd i|S) Nallow_fetchingTvalidation_contextrUocsps trust_rootsextra_trust_roots other_certsr)rrYr^r'updater )rcontextrrrget_validation_contexts.         z#PDFSignature.get_validation_contextc Cs>ddddddddtjdt|d }d|vr||d|S)N Signature1sha256FT) field_name md_algorithmlocationreasonnamecertifyembed_validation_info use_pades_lta subfiltertimestamp_field_namer`meta)r PADESrrgre)rrtrrrget_signature_metas zPDFSignature.get_signature_metacCsDt|}|r t|}t|}tj|tjdd|||ddSdS)Nrh)rj)rIrQ timestamperT)rrKrrCrsign_pdfPdfSignatureMetadata)rPrQrrIwrwrrrrOs   zPDFSignature.simple_signcCsZt|}t|}t|}t|}tjdi|}|r+|r+tj|||||ddSdS)N)signature_metarIrwrQTr)rrKrCrrvrryrx)rPrQrrIrwrzrtr{rrrrNs   zPDFSignature.lta_signcCsh|dd}|dd}|dd}|dd}|dur2|dur2|dus(|dur0t||||dSdSdS)N lib_locationslot_no token_labeluser_pin)r}r~r)getr )rr|r}r~rrrrr<s    zPDFSignature.get_sessionN)__name__ __module__ __qualname__ staticmethodrr'r-r0r?rCrKrRrYr^rgrvrOrNr<rrrrrs>              r)loggingpathlibr asn1cryptorrrr$pyhanko.pdf_utils.incremental_writerr pyhanko.signrr pyhanko.sign.fieldsr pyhanko_certvalidatorr pyhanko.sign.pkcs11r r rHxhtml2pdf.filesr getLoggerrlogrrrrrs