o h@shdZddlZddlmZmZmZddlmZddlm Z ddl m Z m Z m Z mZdgZGd ddZdS) z Module to handle the timestamping functionality in pyHanko. Many PDF signature profiles require trusted timestamp tokens. The tools in this module allow pyHanko to obtain such tokens from :rfc:`3161`-compliant time stamping authorities. N)algoscmstsp)CertificateValidator)SimpleCertificateStore) dummy_digestextract_ts_certs get_noncehandle_tsp_response TimeStamperc@speZdZdZdddZddZddZd d Zd d Zd e j fddZ de j d e jfddZd e j fddZdS)r z .. versionchanged:: 0.9.0 Made API more asyncio-friendly _(breaking change)_ Class to make :rfc:`3161` timestamp requests. TcCsi|_i|_t|_||_dSN)_dummy_response_cache_certsr cert_registry include_nonce)selfrrR/var/www/html/pos/venv/lib/python3.10/site-packages/pyhanko/sign/timestamps/api.py__init__#s zTimeStamper.__init__cCsPdttd|i|ddd}|jrt}t||d<nd}|t|fS)a& Format the body of an :rfc:`3161` request as a CMS object. Subclasses with more specific needs may want to override this. :param message_digest: Message digest to which the timestamp will apply. :param md_algorithm: Message digest algorithm to use. .. note:: As per :rfc:`8933`, ``md_algorithm`` should also be the algorithm used to compute ``message_digest``. :return: An :class:`.asn1crypto.tsp.TimeStampReq` object. r algorithm)hash_algorithmhashed_messageT)versionmessage_imprintcert_reqnonceN) rMessageImprintrDigestAlgorithmrr rInteger TimeStampReq)rmessage_digest md_algorithmreqrrrr request_cms)s  zTimeStamper.request_cmscsNIdHfdd}t|j}t|D]}|IdHVqdS)a+ Produce validation paths for the certificates gathered by this :class:`.TimeStamper`. This is internal API. :param validation_context: The validation context to apply. :return: An asynchronous generator of validation paths. Ncs t|jd}|tdhS)N)intermediate_certsvalidation_context time_stamping)rrasync_validate_usageset)cert validatorrr&rr_validation_job[s z5TimeStamper.validation_paths.._validation_job) _ensure_dummymaprvaluesasyncio as_completed)rr&r-jobsjobrr,rvalidation_pathsMs zTimeStamper.validation_pathscCs,||j|<t||jD]}||j|j<q dSr )rr rr issuer_serial)rr"dummyr*rrr_register_dummyhs zTimeStamper._register_dummycs,|jsddlm}||IdHdSdS)Nr) DEFAULT_MD)r pyhanko.signr9async_dummy_response)rr9rrrr.ms  zTimeStamper._ensure_dummyreturncsHz|j|WSty|t||IdH}Ynw||||S)a9 Return a dummy response for use in CMS object size estimation. For every new ``md_algorithm`` passed in, this method will call the :meth:`timestamp` method exactly once, with a dummy digest. The resulting object will be cached and reused for future invocations of :meth:`dummy_response` with the same ``md_algorithm`` value. :param md_algorithm: Message digest algorithm to use. :return: A timestamp token, encoded as an :class:`.asn1crypto.cms.ContentInfo` object. N)rKeyErrorasync_timestamprr8)rr"r7rrrr;ts   z TimeStamper.async_dummy_responser#cst)aF Submit the specified timestamp request to the server. :param req: Request body to submit. :return: A timestamp response from the server. :raises IOError: Raised in case of an I/O issue in the communication with the timestamping server. )NotImplementedError)rr#rrrasync_request_tsa_responsesz&TimeStamper.async_request_tsa_responsecs,|||\}}||IdH}t||S)a+ Request a timestamp for the given message digest. :param message_digest: Message digest to which the timestamp will apply. :param md_algorithm: Message digest algorithm to use. .. note:: As per :rfc:`8933`, ``md_algorithm`` should also be the algorithm used to compute ``message_digest``. :return: A timestamp token, encoded as an :class:`.asn1crypto.cms.ContentInfo` object. :raises IOError: Raised in case of an I/O issue in the communication with the timestamping server. :raises TimestampRequestError: Raised if the timestamp server did not return a success response, or if the server's response is invalid. N)r$r@r )rr!r"rr#resrrrr>s zTimeStamper.async_timestampN)T)__name__ __module__ __qualname____doc__rr$r5r8r.r ContentInfor;rr TimeStampRespr@r>rrrrr s  $ )rEr1 asn1cryptorrrpyhanko_certvalidatorrpyhanko_certvalidator.registryr common_utilsrr r r __all__r rrrrs