U ;g@sdZddlZddlmZddlmZmZmZddlm Z m Z m Z m Z ddl mZddlmZdd d d d d gZdeZGdddejZGdd d ejZGdd d ejZeddGdd d ZGdd d ejZdS)zF Asynchronous API for fetching OCSP responses, CRLs and certificates. N) dataclass)AsyncGeneratorIterableUnion)cmscrlocspx509) Authority) __version__ OCSPFetcher CRLFetcherCertificateFetcherFetchersFetcherBackendDEFAULT_USER_AGENTzpyhanko_certvalidator %sc@sfeZdZdZeejejfe e j dddZ e e j dddZeejejfe e j dd d Zd S) r z4Utility interface to fetch and cache OCSP responses.)cert authorityreturncstdS)ag Fetch an OCSP response for a certificate. :param cert: The certificate for which an OCSP response has to be fetched. :param authority: The issuing authority. :raises: OCSPFetchError - Raised if an OCSP response could not be obtained. :return: An OCSP response. NNotImplementedError)selfrrrF/tmp/pip-unpacked-wheel-hgp_x7fx/pyhanko_certvalidator/fetchers/api.pyfetchszOCSPFetcher.fetchrcCstdS)zD Return all responses fetched by this OCSP fetcher. Nrrrrrfetched_responses0szOCSPFetcher.fetched_responsesrrcCstdS)z Return all responses fetched by this OCSP fetcher that are relevant to determine the revocation status of the given certificate. Nrrrrrrfetched_responses_for_cert6sz&OCSPFetcher.fetched_responses_for_certN)__name__ __module__ __qualname____doc__rr CertificaterAttributeCertificateV2r r OCSPResponserrrr rrrrr s c@sneZdZdZddeejejfe e j dddZ e e j ddd Z eejejfe e j dd d ZdS) r z*Utility interface to fetch and cache CRLs.N) use_deltasrcstdS)a Fetches the CRLs for a certificate. :param cert: An asn1crypto.x509.Certificate object to get the CRL for :param use_deltas: A boolean indicating if delta CRLs should be fetched :raises: CRLFetchError - when a network/IO error or decoding error occurs :return: An iterable of CRLs fetched. Nr)rrr(rrrrCszCRLFetcher.fetchrcCstdS)z> Return all CRLs fetched by this CRL fetcher. Nrrrrr fetched_crls_szCRLFetcher.fetched_crlscCstdS)a Return all relevant fetched CRLs for the given certificate :param cert: A certificate. :return: An iterable of CRLs :raise KeyError: if no fetch operations have been performed for this certificate Nrrrrrfetched_crls_for_certes z CRLFetcher.fetched_crls_for_cert)r!r"r#r$rr r%rr&rrZCertificateListrr)r*rrrrr @s c@sbeZdZdZeejejfe ejdfdddZ e ejdfdddZ e ejdd d Z dS) rz2Utility interface to fetch and cache certificates.NrcCstdS)a Fetches certificates from the authority information access extension of a certificate. :param cert: A certificate :raises: CertificateFetchError - when a network I/O or decoding error occurs :return: An asynchronous generator yielding asn1crypto.x509.Certificate objects that were fetched. Nrrrrrfetch_cert_issuersxsz%CertificateFetcher.fetch_cert_issuersrcCstdS)a Fetches certificates from the authority information access extension of an asn1crypto.crl.CertificateList. :param certificate_list: An asn1crypto.crl.CertificateList object :raises: CertificateFetchError - when a network I/O or decoding error occurs :return: An asynchronous generator yielding asn1crypto.x509.Certificate objects that were fetched. Nr)rZcertificate_listrrrfetch_crl_issuerssz$CertificateFetcher.fetch_crl_issuerscCstdS)zP Return all certificates retrieved by this certificate fetcher. Nrrrrr fetched_certssz CertificateFetcher.fetched_certs)r!r"r#r$rr r%rr&rr+r,rr-rrrrrus  T)frozenc@s*eZdZUdZeed<eed<eed<dS)rz Models a collection of fetchers to be used by a validation context. The intention is that these can share resources (like a connection pool) in a unified, controlled manner. See also :class:`.FetcherBackend`. Z ocsp_fetcherZ crl_fetcherZ cert_fetcherN)r!r"r#r$r __annotations__r rrrrrrs c@s<eZdZdZedddZddZedddZd d Zd S) ra Generic, bare-bones interface to help abstract away instantiation logic for fetcher implementations. Intended to operate as an asynchronous context manager, with `async with backend_obj as fetchers: ...` putting the resulting :class:`.Fetchers` object in to the variable named `fetchers`. .. note:: The initialisation part of the API is necessarily synchronous, for backwards compatibility with the old ``ValidationContext`` API. If you need asynchronous resource management, handle it elsewhere, or use some form of lazy resource provisioning. Alternatively, you can pass :class:`Fetchers` objects to the validation context yourself, and forgo use of the :class:`.FetcherBackend` API altogether. rcCstdS)zl Set up fetchers synchronously. .. note:: This is a synchronous method Nrrrrr get_fetchersszFetcherBackend.get_fetcherscsdS)zf Clean up the resources associated with this fetcher backend, asynchronously. NrrrrrcloseszFetcherBackend.closecs|SN)r0rrrr __aenter__szFetcherBackend.__aenter__cs|IdHSr2)r1)rexc_typeexc_valexc_tbrrr __aexit__szFetcherBackend.__aexit__N) r!r"r#r$rr0r1r3r7rrrrrs  )r$abc dataclassesrtypingrrrZ asn1cryptorrrr Zpyhanko_certvalidator.authorityr Zpyhanko_certvalidator.versionr __all__rABCr r rrrrrrrs(    &50