U <ßôgƒã @s2ddlmZmZmZmZddlZddlmZddlm Z m Z ddl m Z ddl mZddlmZd$eeeeeeeefeeeeefeeedœd d „Zejed œd d „Zejdddedejdddde dejdddeddddejdddde dgZedejdZeedœdd„Zd d!„Zd"d#„ZdS)%é)ÚIterableÚOptionalÚTypeVarÚUnionN)Ú CLIConfig)ÚloggerÚ readable_file)ÚConfigurationError)Úinit_validation_context_kwargs)Úload_certs_from_pemder)Ú cli_configÚvalidation_contextÚtrustÚ trust_replaceÚ other_certsÚretroactive_revinfoÚallow_fetchingc CsÚz<|dk rt||fƒr"t d¡‚|dkr4t d¡‚z|j|dd}WnFtk rŒ}z(d|›d} tj| |dt | ¡‚W5d}~XYnXn||s˜|rªt||||d}nb|dk rz|jdd}Wn@tk r}z d } tj| |dt | ¡‚W5d}~XYnXni}|dk r ||d <n | d d¡|r:d|d <|WStjk rX‚Yn~t k r–}z d } tj| |dt | ¡‚W5d}~XYn@t k rÔ}z d } tj| |dt | ¡‚W5d}~XYnXdS)NzC--validation-context is incompatible with --trust and --other-certszNo config file specified.T)Zas_dictzAConfiguration problem. Are you sure that the validation context 'z0' is properly defined in the configuration file?)Úexc_info)rrrrz*Failed to load default validation context.rrz+I/O problem while reading validation configz:Generic processing problem while reading validation config) ÚanyÚclickÚClickExceptionZget_validation_contextr rÚerrorr Ú setdefaultÚIOErrorÚ Exception) r r rrrrrÚresultÚeÚmsg©rú6/tmp/pip-unpacked-wheel-w101_d3s/pyhanko/cli/_trust.pyÚbuild_vc_kwargs sb  ÿ ÿ  ÿü    r )Úctxr cCs |jj}|dkrdS|j|dS)N)Úname)ÚobjÚconfigZget_signer_key_usages)r!r r rrrÚ_get_key_usage_settingsTsr%)z--validation-contextz"use validation context from configF)ÚhelpÚrequiredÚtype)z--trustz#list trust roots (multiple allowed)T)r&r'Úmultipler()z--trust-replacez4listed trust roots supersede OS-provided trust store)r&r'r(Zis_flagÚdefaultZ show_default)z --other-certsz#other certs relevant for validationÚFC)Úbound)ÚfÚreturncCs|j t¡|S)N)ÚparamsÚextendÚ TRUST_OPTIONS)r-rrrÚ trust_options„s r2cCs6|r|rt d¡‚|rd}n|r&d}nd}||d<|S)Nz<--soft-revocation-check is incompatible with --force-revinfoÚrequirez soft-failz hard-failZrevocation_mode)rr)Z vc_kwargsZsoft_revocation_checkZ force_revinfoZrev_moderrrÚ _prepare_vc‰sÿr4c CsT|sdSztt|ƒƒWSttfk rN}zt d|›¡|‚W5d}~XYnXdS)Nz!Could not load certificates from )Úlistr rÚ ValueErrorrr)ÚfilesrrrrÚ grab_certs˜sÿþr8)N)ÚtypingrrrrrZpyhanko.cli.configrZpyhanko.cli.utilsrrZpyhanko.config.errorsr Zpyhanko.config.trustr Z pyhanko.keysr ÚstrÚboolr ÚContextr%ÚOptionr1ÚCommandr+r2r4r8rrrrÚsf    ùù H üûù ûé!