IiPJSrSSKJrJrJrJr SSKJr SSKJ r J r SSK J r J r JrJrJrJrJrJrJrJrJrJrJr SSKJrJr SSKJr SS KJrJ r J!r!J"r" "S S \5r#"S S \5r$"SS\5r%"SS\5r&"SS\5r'"SS\5r("SS\5r)"SS\5r*"SS\5r+"SS\5r,"SS\5r-"S S!\5r."S"S#\5r/"S$S%\5r0"S&S'\5r1"S(S)\5r2"S*S+\5r3"S,S-\5r4"S.S/\5r5"S0S1\5r6"S2S3\ 5r7"S4S5\5r8"S6S7\5r9"S8S9\5r:"S:S;\ 5r;"S<S=\5r<"S>S?\5r="S@SA\5r>"SBSC\5r?"SDSE\5r@"SFSG\5rA"SHSI\5rB"SJSK\5rC"SLSM\5rD"SNSO\5rE"SPSQ\5rF"SRSS\5rG"STSU\5rHgV)Wz ASN.1 type classes for the online certificate status protocol (OCSP). Exports the following items: - OCSPRequest() - OCSPResponse() Other type classes are defined that help compose the types listed above. )unicode_literalsdivisionabsolute_importprint_function)unwrap)DigestAlgorithmSignedDigestAlgorithm) BooleanChoice EnumeratedGeneralizedTime IA5StringIntegerNullObjectIdentifierOctetBitString OctetStringParsableOctetStringSequence SequenceOf)AuthorityInfoAccessSyntax CRLReason)PublicKeyAlgorithm) Certificate GeneralName GeneralNamesNamec\rSrSrSS0rSrg)Version(rv1N__name__ __module__ __qualname____firstlineno___map__static_attributes__r#5/venv/lib/python3.13/site-packages/asn1crypto/ocsp.pyr r (s 4 Dr+r c0\rSrSrS\4S\4S\4S\4/rSrg)CertId.hash_algorithmissuer_name_hashissuer_key_hash serial_numberr#N) r%r&r'r(r rr_fieldsr*r#r+r,r.r..s) ?+ [) K( '" Gr+r.c$\rSrSrS\4S\4/rSrg)ServiceLocator7issuerlocatorr#N)r%r&r'r(rrr4r*r#r+r,r6r67s 4 -.Gr+r6c\rSrSrSS0rSrg)RequestExtensionId>z1.3.6.1.5.5.7.48.1.7service_locatorr#Nr$r#r+r,r;r;>s 1 Dr+r;c<\rSrSrS\4S\SS04S\4/rSrS\ 0r S r g ) RequestExtensionDextn_idcriticaldefaultF extn_valuerArDr=r#N) r%r&r'r(r;r rr4 _oid_pairr6 _oid_specsr*r#r+r,r?r?Ds= &' Wy%01 *+G *I>Jr+r?c\rSrSr\rSrg)RequestExtensionsQr#N)r%r&r'r(r? _child_specr*r#r+r,rIrIQs"Kr+rIc^\rSrSrS\4S\SSS.4/rSrSrSr S r \ S 5r \ S 5r S rg) RequestUreq_certsingle_request_extensionsrTexplicitoptionalFNc$[5UlUSHqnUSRnSU-n[X5(a[ XUSR 5 USR(dMVURR U5 Ms SUlg)^ Sets common named extensions to private attributes and creates a list of critical extensions rPrA _%s_valuerDrBTNset_critical_extensionsnativehasattrsetattrparsedadd_processed_extensionsself extensionnameattribute_names r,_set_extensionsRequest._set_extensions_s %(E!9:IY'..D(4/Nt,,i .E.L.LM$+++))--d3 ;&*"r+c\UR(dUR5 UR$z Returns a set of the names (or OID if not a known extension) of the extensions marked as critical :return: A set of unicode strings r_rerYras r,critical_extensionsRequest.critical_extensionsq%))  "(((r+cXURSLaUR5 UR$)z This extension is used when communicating with an OCSP responder that acts as a proxy for OCSP requests :return: None or a ServiceLocator object F)r_re_service_locator_valuerjs r,service_locator_valueRequest.service_locator_value*  % % .  "***r+rYr_)r%r&r'r(r.rIr4r_rYrorepropertyrkrpr*r#r+r,rMrMUsc V $&7aUY9Z[G "!*$ ) ) + +r+rMc\rSrSr\rSrg)Requestsr#N)r%r&r'r(rMrKr*r#r+r,rvrvsKr+rvc\rSrSrSS0rSrg) ResponseTypez1.3.6.1.5.5.7.48.1.1basic_ocsp_responser#Nr$r#r+r,ryrys 5 Dr+ryc\rSrSr\rSrg)AcceptableResponsesr#N)r%r&r'r(ryrKr*r#r+r,r}r}sKr+r}c*\rSrSrS\4S\SS04/rSrg)PreferredSignatureAlgorithmsig_identifiercert_identifierrSTr#N)r%r&r'r(r rr4r*r#r+r,rrs" 01 .T0BCGr+rc\rSrSr\rSrg)PreferredSignatureAlgorithmsr#N)r%r&r'r(rrKr*r#r+r,rrs-Kr+rc \rSrSrSSSS.rSrg)TBSRequestExtensionIdnonceacceptable_responsespreferred_signature_algorithms)1.3.6.1.5.5.7.48.1.2z1.3.6.1.5.5.7.48.1.4z1.3.6.1.5.5.7.48.1.8r#Nr$r#r+r,rrs ' 6 @ Dr+rc@\rSrSrS\4S\SS04S\4/rSr\ \ \ S.r S r g ) TBSRequestExtensionrArBrCFrDrE)rrrr#N)r%r&r'r(rr rr4rFrr}rrGr*r#r+r,rrsA )* Wy%01 *+G *I 3*FJr+rc\rSrSr\rSrg)TBSRequestExtensionsr#N)r%r&r'r(rrKr*r#r+r,rrs%Kr+rcH\rSrSrS\SSS.4S\SSS .4S \4S \S SS .4/rS r g) TBSRequestversionrr"rRrCrequestor_namerTrQ request_listrequest_extensionsr#N) r%r&r'r(r rrvrr4r*r#r+r,rrs@ G!=> ;QD(IJ " 3!QU5VW Gr+rc\rSrSr\rSrg) Certificatesr#N)r%r&r'r(rrKr*r#r+r,rrsKr+rc2\rSrSrS\4S\4S\SSS.4/rSrg ) Signaturesignature_algorithm signaturecertsrTrQr#N) r%r&r'r(r rrr4r*r#r+r,rrs)  56 n% ,QD ABGr+rc\rSrSrS\4S\SSS.4/rSrSrSr Sr Sr S r \ S 5r\ S 5r\ S 5r\ S 5rSrg) OCSPRequest tbs_requestoptional_signaturerTrQFNc*[5UlUSSHqnUSRnSU-n[X5(a[ XUSR 5 USR(dMVURR U5 Ms SUlg) rUrrrArVrDrBTNrWr`s r,reOCSPRequest._set_extensionss %(E!m,-ABIY'..D(4/Nt,,i .E.L.LM$+++))--d3 C&*"r+c\UR(dUR5 UR$rhrirjs r,rkOCSPRequest.critical_extensionsrmr+cXURSLaUR5 UR$)z This extension is used to prevent replay attacks by including a unique, random value with each request/response pair :return: None or an OctetString object Fr_re _nonce_valuerjs r, nonce_valueOCSPRequest.nonce_value*  % % .  "   r+cXURSLaUR5 UR$)z This extension is used to allow the client and server to communicate with alternative response formats other than just basic_ocsp_response, although no other formats are defined in the standard. :return: None or an AcceptableResponses object F)r_re_acceptable_responses_valuerjs r,acceptable_responses_value&OCSPRequest.acceptable_responses_values*  % % .  "///r+cXURSLaUR5 UR$)a2 This extension is used by the client to define what signature algorithms are preferred, including both the hash algorithm and the public key algorithm, with a level of detail down to even the public key algorithm parameters, such as curve name. :return: None or a PreferredSignatureAlgorithms object F)r_re%_preferred_signature_algorithms_valuerjs r,$preferred_signature_algorithms_value0OCSPRequest.preferred_signature_algorithms_value s*  % % .  "999r+rs)r%r&r'r(rrr4r_rYrrrrertrkrrrr*r#r+r,rrs  # yqd*KLG "L"&,0)*$ ) ) ! ! 0 0 : :r+rc&\rSrSrSSSSSSS.rS rg ) OCSPResponseStatusi1 successfulmalformed_requestinternal_error try_later sign_required unauthorized)rrrr#Nr$r#r+r,rr1s        Dr+rc0\rSrSrS\SS04S\SS04/rSrg) ResponderIdi<by_namerRrby_keyrr#N)r%r&r'r(rr _alternativesr*r#r+r,rr<s% D:q/* ;Q0Mr+rc*\rSrSrSr\S5rSrg) StatusGoodiDcUb9US:wa3[U[5(d[[S[ U555eSUlg)z@ Sets the value of the object :param value: None or 'good' NgoodzK value must be one of None, "good", not %s r+ isinstancer ValueErrorrreprcontentsravalues r,rXStatusGood.setEsG  &E49P9PVU   r+cg)Nrr#rjs r,rZStatusGood.nativeWsr+rNr%r&r'r(rXrtrZr*r#r+r,rrDs$r+rc*\rSrSrSr\S5rSrg) StatusUnknowni]cUb9US:wa3[U[5(d[[S[ U555eSUlg)zC Sets the value of the object :param value: None or 'unknown' NunknownzN value must be one of None, "unknown", not %s r+rrs r,rXStatusUnknown.set^sH  )!3Jud? _1$&GHGr+rc&\rSrSrSSSSSSS.rS rg ) SingleResponseExtensionIdicrlarchive_cutoff crl_reasoninvalidity_datecertificate_issuer!signed_certificate_timestamp_list)z1.3.6.1.5.5.7.48.1.3z1.3.6.1.5.5.7.48.1.6z 2.5.29.21z 2.5.29.24z 2.5.29.29z1.3.6.1.4.1.11129.2.4.5r#Nr$r#r+r,rrs % 0"&)#F Dr+rcF\rSrSrS\4S\SS04S\4/rSr\ \ \ \ \ \ S.rS rg ) SingleResponseExtensionirArBrCFrDrE)rrrrrrr#N)r%r&r'r(rr rr4rFrrrrrrGr*r#r+r,rrsJ -. Wy%01 *+G *I)**-8 Jr+rc\rSrSr\rSrg)SingleResponseExtensionsir#N)r%r&r'r(rrKr*r#r+r,rrs)Kr+rc \rSrSrS\4S\4S\4S\SSS.4S \S SS.4/rS r S r S r S r S r S rS rS r\S5r\S5r\S5r\S5r\S5r\S5rSrg )SingleResponseicert_id cert_status this_update next_updaterTrQsingle_extensionsrFNc$[5UlUSHqnUSRnSU-n[X5(a[ XUSR 5 USR(dMVURR U5 Ms SUlg)rUrrArVrDrBTNrWr`s r,reSingleResponse._set_extensionss %(E!12IY'..D(4/Nt,,i .E.L.LM$+++))--d3 3&*"r+c\UR(dUR5 UR$rhrirjs r,rk"SingleResponse.critical_extensionsrmr+cXURSLaUR5 UR$)z This extension is used to locate the CRL that a certificate's revocation is contained within. :return: None or a CrlId object F)r_re _crl_valuerjs r, crl_valueSingleResponse.crl_values(  % % .  "r+cXURSLaUR5 UR$)z This extension is used to indicate the date at which an archived (historical) certificate status entry will no longer be available. :return: None or a GeneralizedTime object F)r_re_archive_cutoff_valuerjs r,archive_cutoff_value#SingleResponse.archive_cutoff_values*  % % .  ")))r+cXURSLaUR5 UR$)zn This extension indicates the reason that a certificate was revoked. :return: None or a CRLReason object F)r_re_crl_reason_valuerjs r,crl_reason_valueSingleResponse.crl_reason_values*  % % .  "%%%r+cXURSLaUR5 UR$)a This extension indicates the suspected date/time the private key was compromised or the certificate became invalid. This would usually be before the revocation date, which is when the CA processed the revocation. :return: None or a GeneralizedTime object F)r_re_invalidity_date_valuerjs r,invalidity_date_value$SingleResponse.invalidity_date_value s*  % % .  "***r+cXURSLaUR5 UR$)zw This extension indicates the issuer of the certificate in question. :return: None or an x509.GeneralNames object F)r_re_certificate_issuer_valuerjs r,certificate_issuer_value'SingleResponse.certificate_issuer_values*  % % .  "---r+rs)r%r&r'r(r.rrrr4r_rYr r rrrrertrkr rrrrr*r#r+r,rrs F  # ( aT)JK 6QTX8YZ G"J ! $*$ ) )   * * & & + + . .r+rc\rSrSr\rSrg) Responsesi(r#N)r%r&r'r(rrKr*r#r+r,rr(s Kr+rc\rSrSrSSS.rSrg)ResponseDataExtensionIdi,rextended_revoke)rz1.3.6.1.5.5.7.48.1.9r#Nr$r#r+r,rr,s ' 1 Dr+rc>\rSrSrS\4S\SS04S\4/rSr\ \ S.r S r g ) ResponseDataExtensioni3rArBrCFrDrE)rr r#N) r%r&r'r(rr rr4rFrrrGr*r#r+r,r"r"3s> +, Wy%01 *+G *IJr+r"c\rSrSr\rSrg)ResponseDataExtensionsiAr#N)r%r&r'r(r"rKr*r#r+r,r$r$As'Kr+r$c F\rSrSrS\SSS.4S\4S\4S\4S \S S S .4/r S r g) ResponseDataiErrr"r responder_id produced_at responsesresponse_extensionsrTrQr#N) r%r&r'r(r rrrr$r4r*r#r+r,r&r&EsA G!=> % ( i  6QTX8YZ Gr+r&c8\rSrSrS\4S\4S\4S\SSS.4/rS r g ) BasicOCSPResponseiOtbs_response_datarrrrTrQr#N) r%r&r'r(r&r rrr4r*r#r+r,r,r,Os1 l+  56 n% ,QD AB Gr+r,c0\rSrSrS\4S\4/rSrS\0r Sr g) ResponseBytesiX response_typeresponse)r0r1r{r#N) r%r&r'r(ryrr4rFr,rGr*r#r+r,r/r/Xs. ,' ()G .I0Jr+r/c\rSrSrS\4S\SSS.4/rSrSrSr Sr S r \ S 5r \ S 5r\ S 5r\ S 5r\ S5rSrg) OCSPResponseidresponse_statusresponse_bytesrTrQFNcJ[5UlUSSRSSHqnUSRnSU-n[ X5(a[ XUSR5 USR(dMVURR U5 Ms S Ulg ) rUr5r1r-r*rArVrDrBTN)rXrYr]rZr[r\r^r_r`s r,reOCSPResponse._set_extensionsos %(E!./ ;BBCVWXmnIY'..D(4/Nt,,i .E.L.LM$+++))--d3 o&*"r+c\UR(dUR5 UR$rhrirjs r,rk OCSPResponse.critical_extensionsrmr+cXURSLaUR5 UR$)z This extension is used to prevent replay attacks on the request/response exchange :return: None or an OctetString object Frrjs r,rOCSPResponse.nonce_valuerr+cXURSLaUR5 UR$)z This extension is used to signal that the responder will return a "revoked" status for non-issued certificates. :return: None or a Null object (if present) F)r_re_extended_revoke_valuerjs r,extended_revoke_value"OCSPResponse.extended_revoke_valuerrr+c&USSR$)zr A shortcut into the BasicOCSPResponse sequence :return: None or an asn1crypto.ocsp.BasicOCSPResponse object r5r1r]rjs r,r{ OCSPResponse.basic_ocsp_responses$%j1888r+c,USSRS$)zp A shortcut into the parsed, ResponseData sequence :return: None or an asn1crypto.ocsp.ResponseData object r5r1r-rArjs r, response_dataOCSPResponse.response_datas!$%j1889LMMr+rs)r%r&r'r(rr/r4r_rYrr=rertrkrr>r{rDr*r#r+r,r3r3ds ./ =qd*KLG "L!*$ ) ) ! ! + +99NNr+r3N)I__doc__ __future__rrrr_errorsralgosr r corer r r rrrrrrrrrrrrrkeysrx509rrrrr r.r6r;r?rIrMrvryr}rrrrrrrrrrrrrrrrrrrrrrr"r$r&r,r/r3r#r+r,rMsSR96$>> g XX) x # #6+h6+rz# *(.:., ( &:&:W:(W:t&2D0(H  0 h$*z*u.Xu.p! !. H (Z(8 H [N8[Nr+