U g=@sVdZddlmZmZmZmZddlmZddlm Z ddl m Z m Z ddl mZddlmZmZddlmZdd lmZdd lmZdd lmZmZmZmZdd lmZmZm Z m!Z!m"Z"dd l#m$Z$ddl%m&Z&ddl'm(Z(dgZ)ddddddZ*dddddZ+e,dddZ-e&e(dd d!Z.e&eej/d"d#d$Z0e d%d&d'Z1e&ee,d"d(dZ2d)S)*zu ETSI TS 119 102-2 reporting functionality. .. warning:: This feature is incubating and subject to API changes. )AnyDictOptionalcast)tsp)hashes)ValidationObjectValidationObjectType) XmlDateTime) ts_11910202xades) xmldsig_core) cades_asn1) AdESStatus)NonexistentAttributeErrorfind_cms_attributefind_unique_cms_attributeget_pyca_cryptography_hash)AdESBasicValidationResultAdESLTAValidationResultAdESWithTimeValidationResult$derive_validation_object_binary_data#derive_validation_object_identifier)get_signing_cert_attr)EmbeddedPdfSignature)PdfSignatureStatusgenerate_reportz&http://www.w3.org/2000/09/xmldsig#sha1z'http://www.w3.org/2001/04/xmlenc#sha256z-http://www.w3.org/2001/04/xmldsig-more#sha224z-http://www.w3.org/2001/04/xmldsig-more#sha384z'http://www.w3.org/2001/04/xmlenc#sha512)sha1sha256sha224sha384sha512z!http://uri.etsi.org/19102/v1.2.1#z!http://uri.etsi.org/01903/v1.3.2#z"http://www.w3.org/2000/09/xmldsig#z http://www.w3.org/2001/XMLSchema)ZvrZXAdESZdsxsalgocCs4z t|WStk r.td|dYnXdS)Nz3No XML signature syntax available for digest algo '')DIGEST_ALGO_URISKeyErrorNotImplementedErrorr#r)H/tmp/pip-unpacked-wheel-owvgwkas/pyhanko/sign/validation/report/tools.py_digest_algo_uri6s   r+) embedded_sig api_statusc Cs|jd}i}|jp$|jr"|jjnd}|rBtjdt|d|d<t|}|dk rg}|dD]d}t |t j rtd}n|ddj }| tjtt|t|d j |d r|d ndd q^tjdt|d |d <z0t|d} | d} tjdd| jd|d<Wntk r YnX|jrFtjdt|jjd|d<zLt|dd} | j} t | tjr| d} tj dd| jd} | |d<Wntk rYnXd|j!krtj"dt#|j!dfd|d<|j$r|j$}g}|j%D]F}tj&j'}|j(j dd)dd|j*D}| tj+||d q|j,p>d!D]F}tj&j-}|j(j d"d)d#d|j*D}| tj+||d q@tj.dt|d$|d%<|jrtjd&t|jjd|d'<z"t|d(}tj/d|j d)|d(<Wntk rYnXd*|j!kr$tj0dt#|j!d*d+|d,<d-|j!krLtj1dt#|j!d-d.|d/<d0|j!krttj2dt#|j!d0d1|d2<d3|j!krtj3dt#|j!d3d4dd5|d6<td7d|j!d8D|d9<d:|j!krtj4t#|j!d:d4dd;|d<<tj5f|S)=N signed_attrsT)signedtimeZ signing_timecertsrZhash_algorithm algorithmZ cert_hashZ issuer_serial) digest_method digest_valueZx509_issuer_serial)r/cert_idZsigning_certificateZcommitment_type_indicationZcommitment_type_idzurn:oid:)r/Zcommitment_type_identifier)r/Ztime_stamp_valueZall_data_objects_time_stampZsignature_policy_identifierr sig_policy_id)r/r6Zsig_policy_identifierz /Location)r/Zaddress_stringZsignature_production_placez: z; css|]}t|jVqdSNstrnative.0vr)r)r* sz#_summarise_attrs..)Zendorsement_typeroler) css|]}t|jVqdSr7r8r;r)r)r*r>s)r/Z role_detailsZ signer_roleFZsignature_time_stampmessage_digest)r/digestz/Reason)r/Zreason_elementreasonz/Name)r/Z name_elementnamez /ContactInfo)r/Zcontact_info_elementZ contact_infoz /SubFilter)r/Zsub_filter_elementZ sub_filtercss|]}t|VqdSr7)int)r<xr)r)r*r>sz /ByteRangeZ byte_rangez/Filter)filterrH)6 signer_infoZself_reported_timestampZtimestamp_validity timestampr ZSASigningTimeTyper from_datetimer isinstancerZ ESSCertIDr:appendZ SACertIDTyper DigestMethodr+ DigestValuedumpZSACertIDListTypetuplerZSACommitmentTypeIndicationTypeZdottedrZcontent_timestamp_validityZSATimestampTyperZchosenrZSignaturePolicyIdZSASigPolicyIdentifierTypeZ sig_objectZSASignatureProductionPlaceTyper9cades_signer_attrsZ claimed_attrsZ"SAOneSignerRoleTypeEndorsementTypeZCLAIMEDZ attr_typejoinZ attr_valuesZSAOneSignerRoleTypeZcertified_attrsZ CERTIFIEDZSASignerRoleTypeZSAMessageDigestTypeZ SAReasonTypeZ SANameTypeZSAContactInfoTypeZSASubFilterTypeZ SAFilterTypeZSignatureAttributesType)r,r-r.kwargsZ claimed_timeZsigning_cert_attrZ cert_ids_xmlr5Z hash_algoZcommitment_typeoidZsig_policy_identZactual_policy_identZ ident_xmlrRZrolesZ claimed_attrZ role_typeZ stringifiedZ cert_attrrAr)r)r*_summarise_attrs?s*              ""             rV)r,statusreturnc Cstt|j}t|j}t|}||jd | }t j t t|jt |d}tjt |jdj|ddd}t|trd}nt|trd}nd}tjd tjd tjd i|jj} |j} | dk std} t|trtj t!"|j#d d } t$t%j&|j'd} tj(|tj)t!"| | dtj*t j t t|jt |+ddt,||tj-tj.t/| fddtj0d|dtj1| d|jj2fdd} | S)Nr.)r3r4 signatureF)Zsignature_valuedigest_alg_and_valueZ hash_onlyZ doc_hash_onlyZLTAZLTVMZBasicz+urn:etsi:019102:mainindication:total-passedz+urn:etsi:019102:mainindication:total-failedz,urn:etsi:019102:mainindication:indeterminatez"urn:etsi:019102:poetype:validation)ZpoetimeZ type_of_proof) object_typevalue)validation_timebest_signature_time)rZ)Z voreference)Zsigner_certificatez"urn:etsi:019102:validationprocess:)Zsignature_validation_process_idzurn:etsi:019102:subindication:)Zmain_indicationZsub_indication)Zsignature_identifierZvalidation_time_infoZsigners_documentZsignature_attributesZsigner_informationZsignature_validation_processZsignature_validation_status)3rrr-rZ md_algorithmrZHashupdaterIrPfinalizer ZDigestAlgAndValueTyper rNr+rOr ZSignatureIdentifierTypeZSignatureValuer:rLrrrZPASSEDZFAILEDZ INDETERMINATEZ ades_subindicrWr]AssertionErrorZPOETyper rKr^rr CERTIFICATEZ signing_certSignatureValidationReportTypeZValidationTimeInfoTypeZSignersDocumentTypeZcompute_digestrVZSignerInformationTypeZVOReferenceTyperZSignatureValidationProcessTypeZValidationStatusTypeZ standard_name)r,rWr-Zmd_specZmdZ dtbsr_digestZdtbsr_digest_infoZsig_idprocessZades_main_indicr]Z best_sig_timeZsigner_cert_voZ single_reportr)r)r*_generate_report s           &re)vocCs2t|}tjt||j|r*tj|dnddS)N)base64)idr[Z validation_object_representation)rr r rr[ZurnZ"ValidationObjectRepresentationType)rfZbin_datar)r)r*_package_validation_objectdsricCsftjt||fttdd|jDd}ddlm}ddlm }|dd}||d j |t d }|S) a. Generate signature validation report in XML format according to ETSI TS 119 102-2. :param embedded_sig: PDF signature to report on. :param status: AdES validation result to turn into a report. :return: A string representation of the validation report. css|]}t|VqdSr7)ri)r<rfr)r)r*r>sz"generate_report..)Zsignature_validation_reportZsignature_validation_objectsr) XmlSerializer)SerializerConfigz )indent)config)Zns_map) r ZValidationReportreZValidationObjectListTyperQZvalidation_objectsZ$xsdata.formats.dataclass.serializersrjZ+xsdata.formats.dataclass.serializers.configrkrender NAMESPACES)r,rWreportrjrkrmZserr)r)r*rrs    N)3__doc__typingrrrrZ asn1cryptorZcryptography.hazmat.primitivesrZpyhanko_certvalidator.ltv.poerr Zxsdata.models.datatyper Zpyhanko.generated.etsir r Zpyhanko.generated.w3cr Zpyhanko.sign.adesrZpyhanko.sign.ades.reportrZpyhanko.sign.generalrrrrZpyhanko.sign.validation.adesrrrrrZ#pyhanko.sign.validation.generic_cmsrZ$pyhanko.sign.validation.pdf_embeddedrZpyhanko.sign.validation.statusr__all__r&ror9r+rVrcrerirr)r)r)r*sP            N Y