U eZdZUdZdZeeed<dZee ed<e ddZ dS)rzL .. versionadded:: 0.14.0 Search criteria for a PKCS#11 token. Nlabelserialc CsZzt|d|d<Wn>tk r*Yn,tk rT}ztd|W5d}~XYnXdS)NrzVsz8PKCS11PinEntryMode.parse_mode_setting...) isinstancer$r __members__upperrr joinPROMPTSKIP)r(rrrparse_mode_settingOs  z%PKCS11PinEntryMode.parse_mode_settingN) r r!r"r#enumautor5ZDEFERr6 staticmethodrr7rrrrr/s   cs8eZdZUdZeed<dZeeed<dZee ed<dZ ee j ed<dZ eeed<dZeee j ed<dZeeed <dZee ed <dZeeed <dZeeed <ejZeed <dZeeeed<dZeed<dZeed<dZeed<dZee j!ed<e"e#edfdd Z$e"fddZ%Z&S)rz Configuration for a PKCS#11 signature. This class is used to load PKCS#11 setup information from YAML configuration. module_pathN cert_labelcert_idsigning_certificatetoken_criteria other_certs key_labelkey_idslot_nouser_pin prompt_pinrother_certs_to_pullT bulk_fetchF prefer_pss raw_mechanismsignature_mechanism) keys_suppliedcstdd|DdS)NcSsh|]}|dkr|qS)) token_labelz token-labelr)r-krrr sz:PKCS11SignatureConfig.check_config_keys..)supercheck_config_keys)rrK __class__rrrPs z'PKCS11SignatureConfig.check_config_keyscst||dd}t|tr(|f}tt||d<|dd}|dk rXt||d<d|krpt|d|d<d|krt|d|d<d|krd|krd|krd|krt dd|kr|d|d<d|kr|d|d<d|kr"d|kr"d|kr"d|kr |d|d<d|kr"|d|d<t |d t j t j d |d <d |krtd t|d }d |krrd|i|d <n|d d|dS)Nr@rr>rBr=rAr<zYEither 'key_id', 'key_label', 'cert_label' or 'cert_id',must be provided in PKCS#11 setuprE)defaultrLz?'token_label' is deprecated, use 'token_criteria.label' insteadr?r)rOrgetr1r$listrr _process_pkcs11_id_valuer rrr7r5warningswarnDeprecationWarningpop setdefault)rrr@ cert_fileZlblrQrrrsh              z%PKCS11SignatureConfig.process_entries)'r r!r"r#r$r%r<rr=r&r>r Certificater?rr@rrArBrCintrDrr5rErFrrGboolrHrIrJr ZSignedDigestAlgorithmr'rrPr __classcell__rrrQrr`s*       r.cCs"t|trt|gSt|SdSr*)r1r^r&rrrarrrrVs  rV)!rr8rW dataclassesrtypingrrrrrrZ asn1cryptor r Zpyhanko.configr Zpyhanko.config.errorsr Z pyhanko.keysr rZpyhanko.pdf_utils.miscr__all__ZConfigurableMixinrEnumrrr$r^rVrrrrs"      1<