U gp@sddlZddlmZddlmZddlmZddlmZddlm Z m Z m Z m Z m Z mZmZmZmZmZddlmZmZmZmZmZddlmZmZmZdd lmZdd lm Z d d l!m"Z"d dl#m$Z$m%Z%d dl&m'Z'm(Z(m)Z)ddl*m+Z+m,Z,ddl-m.Z.dddddddddddddd gZ/e0e1Z2ed!d"Gd#ddZ3ed!d"Gd$ddZ4ed!d"Gd%dde4Z5ed!d"Gd&ddZ6ed!d"Gd'dde6Z7ee8e8e9e:d(d)d*Z;Gd+ddZed!d"Gd.d d Z?ed!d"Gd/dde?e4Z@eGd0dde"ZAed!d"Gd1ddZBed!d"Gd2ddeBe@ZCed!d"Gd3ddeBe5ZDdS)4N) defaultdict) dataclass)datetime)unique) AnyClassVar CollectionDictIterableListOptionalSetTupleUnion)cmscorecrlkeysx509)PathBuildingErrorPathValidationErrorValidationError)ValidationPath)ACValidationResult) OrderedEnum) AdESFailure AdESSubIndic) DiffResultModificationLevelSuspiciousModification)SignatureValidationErrorSigSeedValueValidationError)KeyUsageConstraintsSignatureStatusTimestampSignatureStatusX509AttributeInfoCertifiedAttributeInfoClaimedAttributesCertifiedAttributesCAdESSignerAttributeAssertionsStandardCMSSignatureStatusSignatureCoverageLevelModificationInfoPdfSignatureStatusDocumentTimestampStatusRevocationDetailsSignerAttributeStatusT)frozenc@s,eZdZUdZeed<eed<ejed<dS)r2zQ Contains details about a certificate revocation related to a signature. Z ca_revokedZrevocation_dateZrevocation_reasonN) __name__ __module__ __qualname____doc__bool__annotations__rrZ CRLReasonr;r;B/tmp/pip-unpacked-wheel-owvgwkas/pyhanko/sign/validation/status.pyr2:s  c@seZdZUdZeed<eed<eeed<ej ed<e ed<e ed<ee ed<ee ed <ee ed <d hZeee ed <d Zeeee ed<ee ed<ddZeedddZeedddZde dddZed eeedddZee dddZd S)!r&zE Class describing the validity of a (general) CMS signature. intactvalidtrust_problem_indic signing_certpkcs7_signature_mechanism md_algorithmvalidation_pathrevocation_detailsZerror_time_horizonZnon_repudiation key_usageNextd_key_usageZvalidation_timeccs&|jr d}n|jrd}nd}|VdS)NZTRUSTEDZREVOKEDZ UNTRUSTED)trustedrevoked)selfZ cert_statusr;r;r<summary_fieldss zSignatureStatus.summary_fieldsreturncCs |jdk S)z Reports whether the signer's certificate has been revoked or not. If this field is ``True``, then obviously :attr:`trusted` will be ``False``. N)rDrIr;r;r<rHszSignatureStatus.revokedcCs |jo|jo|jdko|jdk S)z Reports whether the signer's certificate is trusted w.r.t. the currently relevant validation context and key usage requirements. N)r>r=r?rCrMr;r;r<rGszSignatureStatus.trusted,cCs&|jr|jrd||SdSdS)zQ Provide a textual but machine-parsable summary of the validity. zINTACT:INVALIDN)r=r>joinrJ)rI delimiterr;r;r<summarys zSignatureStatus.summary)key_usage_settingsrLcCs>|pt}t|jdkr|jn|j|jdkr0|jn|jd}|S)N)rErF)r%rErF)clsrSr;r;r<default_usage_constraintss  z)SignatureStatus.default_usage_constraintscCs$|jdk r|jd}|jjSdSdS)NrzNo path to trust anchor found.)rCsubjecthuman_friendly)rIZ trust_anchorr;r;r< _trust_anchors  zSignatureStatus._trust_anchor)rN)N)r5r6r7r8r9r:r rrZ Certificatestrrr2rrErr rFrJpropertyrHrGrR classmethodr%rUrXr;r;r;r<r&Qs6           c@s>eZdZUdZeZeeee d<dhZ e e d<ddZ dS)r'zG Signature status class used when validating timestamp tokens. rEZ time_stamping timestampc Cs\|j}d|jr|jrdndd|jjd|jd|jd|jd|j rRdndd S) Nz`This timestamp is backed by a time stamping authority. The timestamp token is cryptographically unz!sound. TSA certificate subject: "z$" TSA certificate SHA1 fingerprint: z% TSA certificate SHA256 fingerprint: z TSA cert trust anchor: "z" The TSA certificate is ztrusted.) r@r=r>rVrWsha1hexsha256rXrG)rIZtsar;r;r<describe_timestamp_trustsTz1TimestampSignatureStatus.describe_timestamp_trustN) r5r6r7r8setrErr rYr:rFrrbr;r;r;r<r's c@s*eZdZUdZejed<eej ed<dS)r(z% Info on an X.509 attribute. attr_type attr_valuesN) r5r6r7r8rAttCertAttributeTyper:r rZ Asn1Valuer;r;r;r<r(s  c@seZdZUdZeeed<dS)r)zI Info on a certified attribute, including AC validation results. validation_resultsN)r5r6r7r8r rr:r;r;r;r<r)#s  )rd attr_kinderrfatalcCsX|sdn d|d}d|d|d|jd}|rFt|tjd|ntj||d dS) Nz unknown typeztype ''zFailed to parse z of z: r)Zades_subindication)exc_info)argsr#rZFORMAT_FAILUREloggerwarning)rdrhrirjZ attr_type_strmsgr;r;r<_handle_attr_err1srqc@sneZdZdZedeedddZddddZe e d d d Z d d Z ddZ ddZe ed ddZdS)r+zJ Container class for extracted attribute certificate information. F)resultsc Cstdd}|D]}|jD]z}|dj}zt|d}Wn:tk rv}zt|d||dWYqW5d}~XYnX||\} } | || |qqt } | D].\}\} } t t |t| t| d| j|<q| S)NcSsggfSNr;r;r;r;r<Iz2CertifiedAttributes.from_results..typevalueszcertified attributerj)rdrerg)rZapproved_attributesrwnativelist ValueErrorrqextendappendr+itemsr)rrftuple_attrs) rTrrparse_error_fatalby_typeresultattrrdrwe type_valuesZ type_resultsinfosr;r;r< from_resultsCs4    z CertifiedAttributes.from_resultsrMcCs i|_dSrsrrMr;r;r<__init__fszCertifiedAttributes.__init__itemrLcCs |j|SrsrrIrr;r;r< __getitem__iszCertifiedAttributes.__getitem__cCs t|jSrslenrrMr;r;r<__len__lszCertifiedAttributes.__len__cCs t|jSrsr9rrMr;r;r<__bool__oszCertifiedAttributes.__bool__cCst|jSrsiterrrwrMr;r;r<__iter__rszCertifiedAttributes.__iter__cCs ||jkSrsrrr;r;r< __contains__usz CertifiedAttributes.__contains__N)F)r5r6r7r8r[r rrrrYr)rrrrr9rr;r;r;r<r+>s"c@speZdZdZedeejdddZddddZ e e d d d Z d d Z ddZddZe ed ddZdS)r*z| Container class for extracted information on attributes asserted by a signer without an attribute certificate. F)attrsc Cst}tt}|D]l}d}z|dj}t|d}Wn:tk rn}zt|d||dWYqW5d}~XYnX|||q|D]$\}} tt |t | d|j |<q|S)Nrvrwzclaimed attributerx)rdre) r*rrzryr{rqr|r~r(rrfrr) rTrrrrrrdrwrrr;r;r< from_iterables, zClaimedAttributes.from_iterablerMcCs i|_dSrsrrMr;r;r<rszClaimedAttributes.__init__rcCs |j|Srsrrr;r;r<rszClaimedAttributes.__getitem__cCs t|jSrsrrMr;r;r<rszClaimedAttributes.__len__cCs t|jSrsrrMr;r;r<rszClaimedAttributes.__bool__cCst|jSrsrrMr;r;r<rszClaimedAttributes.__iter__cCs ||jkSrsrrr;r;r<rszClaimedAttributes.__contains__N)F)r5r6r7r8r[r rZAttCertAttributerrrYr(rrrrr9rr;r;r;r<r*ysc@s^eZdZUdZeed<dZeeed<dZ ee e e e fed<dZeed<edd ZdS) r,z Value type describing information extracted (and, if relevant, validated) from a ``signer-attrs-v2`` signed attribute. Z claimed_attrsNcertified_attrsac_validation_errsFunknown_attrs_presentcCs|j Srs)rrMr;r;r<r>sz$CAdESSignerAttributeAssertions.valid)r5r6r7r8r*r:rr r+rrrrrrr9rZr>r;r;r;r<r,s   c@sJeZdZUdZeeed<dZeee e e fed<dZ ee ed<dS)r3Nac_attrsrcades_signer_attrs)r5r6r7rr r+r:rrrrrrr,r;r;r;r<r3s  cseZdZUdZdZeeed<dZee ed<dZ ee ed<e e dddZ fd d Zd d Zeeeefdd dZZS)r-zs Status of a standard "end-entity" CMS signature, potentially with timing information embedded inside. Nsigner_reported_dttimestamp_validitycontent_timestamp_validityrKcCsf|j}|dkrd}n|jo$|jo$|j}|j}|dkr:d}n|joJ|joJ|j}|jod|jod|jod|od|S)ab Formulates a general judgment on the validity of this signature. This takes into account the cryptographic validity of the signature, the signature's chain of trust and the validity of the timestamp token (if present). :return: ``True`` if all constraints are satisfied, ``False`` otherwise. NT)rr>r=rGr)rItsZ timestamp_okZ content_tsZcontent_timestamp_okr;r;r< bottom_lines$ z&StandardCMSSignatureStatus.bottom_linec#shtEdH|jdk r.d|jjddV|jdk rLd|jjddV|jdk rd|jjsddVdS)NzTIMESTAMP_TOKEN<%s>|)rQzCONTENT_TIMESTAMP_TOKEN<%s>ZCERTIFIED_SIGNER_ATTRS_INVALID)superrJrrRrrr>rM __class__r;r<rJ?s    z)StandardCMSSignatureStatus.summary_fieldscsLdd|}d|jrdndd}|d|fdfd d |DS) NcSsd|dt||dfS)N -)rPr)hdrbodyr;r;r< fmt_sectionQszDStandardCMSSignatureStatus.pretty_print_details..fmt_sectionzThe signature is judged r]INzVALID.z Bottom linerc3s|]\}}||VqdSrsr;).0rrrr;r< YszBStandardCMSSignatureStatus.pretty_print_details..)pretty_print_sectionsrr}rP)rIsectionsrr;rr<pretty_print_detailsPs z/StandardCMSSignatureStatus.pretty_print_detailsc Cs~|j}|jrd}n|jrd}nd}d|jjd|jd|jd|jd|d }d |j rj|j rjd nd d |j d|j d}d|j kr|j dd}|jdkr|j}|d|jd|jd7}g}|j}|dk r|d||j} | dk r | j} |d| d| |j} | dk rT| j} |d| d| |s^dnd|} d|fd|fd | fgS)!NrGrHZ untrustedzCertificate subject: "z " Certificate SHA1 fingerprint: z! Certificate SHA256 fingerprint: z Trust anchor: "z" The signer's certificate is .z#The signature is cryptographically r]r^z'sound. The digest algorithm used was 'z%'. The signature mechanism used was 'z'.Zecdsa algorithm parametersnamedz@ The elliptic curve used for the signer's ECDSA public key was 'z' (OID: z).z$Signing time as reported by signer: zSignature timestamp token: z9 The token is guaranteed to be newer than the signature. zContent timestamp token: z9 The token is guaranteed to be older than the signature. z0No available information about the signing time.z z Signer infoZ Integrityz Signing time)r@rGrHrVrWr_r`rarXr=r>rBrAZ public_keynameZchosenryZdottedrr} isoformatrr\rbrrP) rIcertZ trust_statusZ about_signerZ validity_infoZ ec_paramsZ curve_oidZ timing_infosZ reported_tsZ tst_statusrZcontent_tst_statusZ timing_infor;r;r<r[sZ4 *     z0StandardCMSSignatureStatus.pretty_print_sections)r5r6r7r8rr rr:rr'rrZr9rrJrr rrYr __classcell__r;r;rr<r-s !  c@s eZdZdZdZdZdZdZdS)r.a" Indicate the extent to which a PDF signature (cryptographically) covers a document. Note that this does *not* pass judgment on whether uncovered updates are legitimate or not, but as a general rule, a legitimate signature will satisfy at least :attr:`ENTIRE_REVISION`. rr"rrN)r5r6r7r8ZUNCLEARZCONTIGUOUS_BLOCK_FROM_STARTENTIRE_REVISION ENTIRE_FILEr;r;r;r<r.s c@s\eZdZUdZeeed<dZeee e fed<dZ ee ed<e eedddZdS)r/Ncoverage diff_result docmdp_okrKcCsR|j}|jdkr4|tjkrdS|tjkr.tjStjSt|jt rH|jj StjSdS)z Indicates the degree to which the document was modified after the signature was applied. Will be ``None`` if difference analysis results are not available; an instance of :class:`.ModificationLevel` otherwise. N) rrr.rrr NONEOTHER isinstancermodification_level)rIrr;r;r<rs    z#ModificationInfo.modification_level)r5r6r7rr r.r:rrrr!rr9rZr rr;r;r;r<r/s   csreZdZUdZdZeed<dZee ed<e edfdd Z e edd d Z fd d Z fd dZZS)r0z;Class to indicate the validation status of a PDF signature.Fhas_seed_valuesNseed_value_constraint_errorrKcs"tj}|o |jo |jp |jdkS)a Formulates a general judgment on the validity of this signature. This takes into account the cryptographic validity of the signature, the signature's chain of trust, compliance with the document modification policy, seed value constraint compliance and the validity of the timestamp token (if present). :return: ``True`` if all constraints are satisfied, ``False`` otherwise. N)rr seed_value_okrr)rIZgeneric_checks_okrr;r<r s zPdfSignatureStatus.bottom_linecCs |jdkS)a Indicates whether the signature satisfies all mandatory constraints in the seed value dictionary of the associated form field. .. warning:: Currently, not all seed value entries are recognised by the signer and/or the validator, so this judgment may not be entirely accurate in some cases. See :class:`~.pyhanko.sign.fields.SigSeedValueSpec`. N)rrMr;r;r<r!sz PdfSignatureStatus.seed_value_okc#s|tEdH|jtjkr$dVn4|jtjkrR|jdk rJd|jjVqXdVndV|jrr|jtjkrxdVndVdS)NZ UNTOUCHEDZEXTENDED_WITH_ZEXTENDEDZNONSTANDARD_COVERAGEZACCEPTABLE_MODIFICATIONSZILLEGAL_MODIFICATIONS) rrJrr.rrrrrrMrr;r<rJ1s    z!PdfSignatureStatus.summary_fieldscst}|jtjkrd}nT|jdk rl|jtjkr8d}n|jtjkrJd}nd}d|d|j r`dndd }nd }| d |f|j r|j rd }n d |j j}| d|f|S)Nz%The signature covers the entire file.z1All modifications relate to signature maintenancez?All modifications relate to signing and form filling operationsz&Some modifications may be illegitimatez.The signature does not cover the entire file. z, and they appear to be r]inz9compatible with the current document modification policy.z'Incremental update analysis was skippedZ Modificationsz4There were no SV issues detected for this signature.zXThe signature did not satisfy the SV constraints on the signature field. Error message: zSeed value constraints)rrrr.rrr Z LTA_UPDATESZ FORM_FILLINGrr}rrrZfailure_message)rIrZmodification_strZ modlvl_stringZsv_inforr;r<rBs0     z(PdfSignatureStatus.pretty_print_sections)r5r6r7r8rr9r:rr r$rZrrrJrrr;r;rr<r0s   c@seZdZdZdS)r1zDClass to indicate the validation status of a PDF document timestamp.N)r5r6r7r8r;r;r;r<r1ks)Elogging collectionsrZ dataclassesrrenumrtypingrrrr r r r r rrZ asn1cryptorrrrrZpyhanko_certvalidator.errorsrrrZpyhanko_certvalidator.pathrZpyhanko_certvalidator.validaterZpdf_utils.miscrZ ades.reportrrZ diff_analysisrr r!errorsr#r$settingsr%__all__ getLoggerr5rnr2r&r'r(r)rYr{r9rqr+r*r,r3r-r.r/r0r1r;r;r;r<s~    0      % ;3.' $5l