U *”}fã@s˜ddlmZmZmZddlmZddlmZddlm Z ddl m Z m Z ddl mZmZddlmZdd „Zd d „ZGd d „d eƒZGdd„deƒZdS)é)Úabsolute_importÚdivisionÚprint_function)ÚEnum)Úx509)Ú _get_backend)ÚhashesÚ serialization)ÚecÚrsa)Ú_check_byteslikecCstdƒ}| |¡S©N)rÚload_pem_pkcs7_certificates©ÚdataÚbackend©rúV/tmp/pip-unpacked-wheel-x36vw73o/cryptography/hazmat/primitives/serialization/pkcs7.pyrsrcCstdƒ}| |¡Sr )rÚload_der_pkcs7_certificatesrrrrrsrc@s>eZdZdggfdd„Zdd„Zdd„Zdd „Zd d d „ZdS) ÚPKCS7SignatureBuilderNcCs||_||_||_dSr )Ú_dataÚ_signersÚ_additional_certs)ÚselfrZsignersZadditional_certsrrrÚ__init__szPKCS7SignatureBuilder.__init__cCs(td|ƒ|jdk rtdƒ‚t||jƒS)Nrzdata may only be set once)r rÚ ValueErrorrr)rrrrrÚset_data s  zPKCS7SignatureBuilder.set_datacCsnt|tjtjtjtjtjfƒs&tdƒ‚t|tj ƒs:tdƒ‚t|t j t j fƒsTtdƒ‚t|j|j|||fgƒS)NzLhash_algorithm must be one of hashes.SHA1, SHA224, SHA256, SHA384, or SHA512ú&certificate must be a x509.Certificatez.Only RSA & EC keys are supported at this time.)Ú isinstancerÚSHA1ÚSHA224ÚSHA256ÚSHA384ÚSHA512Ú TypeErrorrÚ Certificater Z RSAPrivateKeyr ZEllipticCurvePrivateKeyrrr)rÚ certificateZ private_keyZhash_algorithmrrrÚ add_signer's.ûþ ÿ  ÿþz PKCS7SignatureBuilder.add_signercCs,t|tjƒstdƒ‚t|j|j|j|gƒS)Nr)rrr%r$rrrr)rr&rrrÚadd_certificateCs  ÿz%PKCS7SignatureBuilder.add_certificatecCsàt|jƒdkrtdƒ‚|jdkr(tdƒ‚t|ƒ}tdd„|DƒƒsJtdƒ‚|tjjtjj tjj fkrltdƒ‚t j |krˆt j |krˆtdƒ‚t j |kr®|tjj tjjfkr®td ƒ‚t j|krÊt j|krÊtd ƒ‚t|ƒ}| |||¡S) NrzMust have at least one signerzYou must add data to signcss|]}t|tƒVqdSr )rÚ PKCS7Options)Ú.0ÚxrrrÚ Qsz-PKCS7SignatureBuilder.sign..z*options must be from the PKCS7Options enumz1Must be PEM, DER, or SMIME from the Encoding enumzAWhen passing the Text option you must also pass DetachedSignaturez9The Text option is only available for SMIME serializationzFNoAttributes is a superset of NoCapabilities. Do not pass both values.)ÚlenrrrÚlistÚallr ÚEncodingZPEMZDERZSMIMEr)ÚTextÚDetachedSignatureÚ NoAttributesÚNoCapabilitiesrZ pkcs7_sign)rÚencodingÚoptionsrrrrÚsignKsL ýÿÿþÿ þÿÿþÿzPKCS7SignatureBuilder.sign)N)Ú__name__Ú __module__Ú __qualname__rrr'r(r7rrrrrs rc@s$eZdZdZdZdZdZdZdZdS)r)zAdd text/plain MIME typez5Don't translate input data into canonical MIME formatz'Don't embed data in the PKCS7 structurezDon't embed SMIME capabilitiesz#Don't embed authenticatedAttributeszDon't embed signer certificateN) r8r9r:r1ÚBinaryr2r4r3ZNoCertsrrrrr)~s r)N)Ú __future__rrrÚenumrZ cryptographyrZcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrr Z)cryptography.hazmat.primitives.asymmetricr r Zcryptography.utilsr rrÚobjectrr)rrrrÚs    d