o 3[c @sddlZddlmZddlmZmZmZmZddlm Z ddl m Z m Z ddl mZddlmZz ddlmZmZWneyPZz dZZWYdZ[ndZ[wwdd lmZed ZGd d d ZdS) N)Path)x509pemcrlocsp)IncrementalPdfFileWriter)signers timestamps)SigSeedSubFilter)ValidationContext)open_pkcs11_session PKCS11Signer)getFile xhtml2pdfc@seZdZeddZeddZeddZeddZed d Zed d Z ed dZ eddZ eddZ eddZ eddZeddZeddZeddZeddZdS) PDFSignaturecCs*d|vr|d}t|tr|}|SdS)N passphrase) isinstancestrencode)configrrN/var/www/chikooza/env/lib/python3.10/site-packages/xhtml2pdf/builders/signs.pyget_passphrases  zPDFSignature.get_passphrasecCsg}d|vr>|d}t|ts|g}|D])}t|ts t|tr8t|}t|\}}}|t j |q||q|sBdS|S)Nca_chain) rlistrrrrunarmorgetDataappendr Certificateload)rkeychainschaincpisafile_digicert_ca_bytesrrr get_chainss  zPDFSignature.get_chainscCsVt|}d|vr%d|vr'|r)t|d}tjj|d|d||d}|SdSdSdS)Nr certr)ca_chain_fileskey_passphrase)rrr'r SimpleSignerr)rrr"signerrrrtest_simple_signer/s    zPDFSignature.test_simple_signercCs6t|}d|vr|rtjj|d|d}|SdSdS)Npfx_file)r.r)rrrr+ load_pkcs12)rrr,rrrtest_pkcs12_signer;s  zPDFSignature.test_pkcs12_signercCsxt|}t|dddddddddddd }|D]}||vr2|dkr,t|d}|||<q||||<qtdi|}|S)NFTr) pkcs11_session cert_label signing_certr key_label prefer_pss embed_rootsother_certs_to_pull bulk_fetchkey_idcert_iduse_raw_mechanismr)r get_sessiondictr'r )rsessionkeysr r"r,rrrtest_pkcs11_signerDs(     zPDFSignature.test_pkcs11_signercCs d|vrtj|dd}|SdS)Ntsa)url)r HTTPTimeStamper)r tst_clientrrrget_timestamps\szPDFSignature.get_timestampscCsld|vrdSd}|d}|dkrt|}|S|dkr+tdur$tdtt|}|S|dkr4t|}|S)Nenginepkcs12pkcs11zpyhanko.sign.pkcs11 requires pyHanko to be installed with the [pkcs11] option. You can install missing dependencies by running "pip install 'pyHanko[pkcs11]'".simple)rr0r ImportErrorer@r-)rr,rFrrr get_signersbs$    zPDFSignature.get_signerscCs(|ddkr t|||St|||S)Ntypelta)rlta_sign simple_sign) inputfileoutputrrrrsignxs zPDFSignature.signcCsTg}|D]#}t|tst|tr"t|}tj|}||q||q|SN) rrrrrCertificateListrrr)crls list_crlsxr$ cert_listrrr parse_crlss  zPDFSignature.parse_crlscCs4g}|D]}t|}tj|}||q|SrT)rr OCSPResponserrr)oscps list_oscprXr$datarrr parse_oscps  zPDFSignature.parse_oscpcCstdd}d|vrfd|dvrt|dd|dd<d|dvr/t|dd|dd<d|dvr?t|d|dd<d|dvrOt|d|dd<d|dvr_t|d|dd<||dtd i|S) NT)allow_fetchingvalidation_contextrVocsps trust_rootsextra_trust_roots other_certsr)r=rrZr_r'updater )rcontextrrrget_validation_contexts      z#PDFSignature.get_validation_contextcCs@tddddddddtjdt|d }d|vr||d|S)N Signature1sha256FT) field_name md_algorithmlocationreasonnamecertifyembed_validation_info use_pades_lta subfiltertimestamp_field_namerameta)r=r PADESrrhrf)rrurrrget_signature_metaszPDFSignature.get_signature_metacCsDt|}|r t|}t|}tj|tjdd|||ddSdS)Nri)rk)r,rR timestamperT)rrLrrErsign_pdfPdfSignatureMetadata)rQrRrr,wrxrrrrPs   zPDFSignature.simple_signcCs^t|}t|}t|}t|}tjdi|}|r+|r-tj|||||ddSdSdS)N)signature_metar,rxrRTr)rrLrErrwrrzry)rQrRrr,rxr{rur|rrrrOs    zPDFSignature.lta_signcCsp|dd}|dd}|dd}|dd}|dur2|dur4|dus(|dur6t||||d}|SdSdSdS)N lib_locationslot_no token_labeluser_pin)r~rr)getr )rr}r~rrr>rrrr<s    zPDFSignature.get_sessionN)__name__ __module__ __qualname__ staticmethodrr'r-r0r@rErLrSrZr_rhrwrPrOr<rrrrrs>               r)loggingpathlibr asn1cryptorrrr$pyhanko.pdf_utils.incremental_writerr pyhanko.signrr pyhanko.sign.fieldsr pyhanko_certvalidatorr pyhanko.sign.pkcs11r r rJrKxhtml2pdf.filesr getLoggerlogrrrrrs