PK���ȼRY��������€��� �v3.phpUT �øŽg‰gñ“gux �õ��õ��½T]kÛ0}߯pEhìâÙM7X‰çv%”v0֐µ{)Aå:6S$!ÉMJèߕ?R÷!>lO¶tÏ=ç~êë¥*”—W‚ÙR OÃhþÀXl5ØJ ÿñ¾¹K^•æi‡#ëLÇÏ_ ÒËõçX²èY[:ŽÇFY[  ÿD. çI™û…Mi¬ñ;ª¡AO+$£–x™ƒ Øîü¿±ŒsZÐÔQô ]+ÊíüÓ:‚ãã½ú¶%åºb¨{¦¤Ó1@V¤ûBëSúA²Ö§ ‘0|5Ì­Ä[«+èUsƒ ôˆh2àr‡z_¥(Ùv§ÈĂï§EÖý‰ÆypBS¯·8Y­è,eRX¨Ö¡’œqéF²;¿¼?Ø?Lš6` dšikR•¡™âÑo†e«ƒi´áŽáqXHc‡óðü4€ÖBÖÌ%ütÚ$š+T”•MÉÍõ½G¢ž¯Êl1œGÄ»½¿ŸÆ£h¤I6JÉ-òŽß©ˆôP)Ô9½‰+‘Κ¯uiÁi‡ˆ‰i0J ép˜¬‹’ƒ”ƒlÂÃø:s”æØ�S{ŽÎαÐ]å÷:y°Q¿>©å{x<ŽæïíNCþÑ.Mf?¨«2ý}=ûõýî'=£§ÿu•Ü(—¾IIa­"éþ@¶�¿ä9?^-qìÇÞôvŠeÈc ðlacã®xèÄ'®âd¶ çˆSEæódP/ÍÆv{Ô)Ó ?>…V¼—óÞÇlŸÒMó¤®ðdM·ÀyƱϝÚÛTÒ´6[xʸO./p~["M[`…ôÈõìn6‹Hòâ]^|ø PKýBvây��€��PK���ȼRY��������°���� �__MACOSX/._v3.phpUT �øŽg‰gþ“gux �õ��õ��c`cg`b`ðMLVðVˆP€'qƒøˆŽ!!AP&HÇ %PDF-1.7 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R >> >> /MediaBox [0.000 0.000 595.280 841.890] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Producer (���d�o�m�p�d�f� �2�.�0�.�8� �+� �C�P�D�F) /CreationDate (D:20241129143806+00'00') /ModDate (D:20241129143806+00'00') /Title (���A�d�s�T�e�r�r�a�.�c�o�m� �i�n�v�o�i�c�e) >> endobj 6 0 obj << /Type /Page /MediaBox [0.000 0.000 595.280 841.890] /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Filter /FlateDecode /Length 904 >> stream x���]o�J���+F�ͩ����su\ �08=ʩzရ���lS��lc� "Ց� ���wޙ�%�R�DS��� �OI�a`� �Q�f��5����_���םO�`�7�_FA���D�Џ.j�a=�j����>��n���R+�P��l�rH�{0��w��0��=W�2D ����G���I�>�_B3ed�H�yJ�G>/��ywy�fk��%�$�2.��d_�h����&)b0��"[\B��*_.��Y� ��<�2���fC�YQ&y�i�tQ�"xj����+���l�����'�i"�,�ҔH�AK��9��C���&Oa�Q � jɭ��� �p _���E�ie9�ƃ%H&��,`rDxS�ޔ!�(�X!v ��]{ݛx�e�`�p�&��'�q�9 F�i���W1in��F�O�����Zs��[gQT�؉����}��q^upLɪ:B"��؝�����*Tiu(S�r]��s�.��s9n�N!K!L�M�?�*[��N�8��c��ۯ�b�� ��� �YZ���SR3�n�����lPN��P�;��^�]�!'�z-���ӊ���/��껣��4�l(M�E�QL��X ��~���G��M|�����*��~�;/=N4�-|y�`�i�\�e�T�<���L��G}�"В�J^���q��"X�?(V�ߣXۆ{��H[����P�� �c���kc�Z�9v�����? �a��R�h|��^�k�D4W���?Iӊ�]<��4�)$wdat���~�����������|�L��x�p|N�*��E� �/4�Qpi�x.>��d����,M�y|4^�Ż��8S/޾���uQe���D�y� ��ͧH�����j�wX � �&z� endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj xref 0 10 0000000000 65535 f 0000000009 00000 n 0000000074 00000 n 0000000120 00000 n 0000000284 00000 n 0000000313 00000 n 0000000514 00000 n 0000000617 00000 n 0000001593 00000 n 0000001700 00000 n trailer << /Size 10 /Root 1 0 R /Info 5 0 R /ID[] >> startxref 1812 %%EOF
Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 128

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 129

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 130

Warning: Cannot modify header information - headers already sent by (output started at /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php:1) in /home/u697396820/domains/smartriegroup.com/public_html/assets/images/partners/logo_69cec45839613.php on line 131
# This file is dual licensed under the terms of the Apache License, Version # 2.0, and the BSD License. See the LICENSE file in the root of this repository # for complete details. import abc import datetime import typing from cryptography import utils from cryptography import x509 from cryptography.hazmat.bindings._rust import ocsp from cryptography.hazmat.primitives import hashes, serialization from cryptography.x509.base import ( PRIVATE_KEY_TYPES, _EARLIEST_UTC_TIME, _convert_to_naive_utc_time, _reject_duplicate_extension, ) class OCSPResponderEncoding(utils.Enum): HASH = "By Hash" NAME = "By Name" class OCSPResponseStatus(utils.Enum): SUCCESSFUL = 0 MALFORMED_REQUEST = 1 INTERNAL_ERROR = 2 TRY_LATER = 3 SIG_REQUIRED = 5 UNAUTHORIZED = 6 _ALLOWED_HASHES = ( hashes.SHA1, hashes.SHA224, hashes.SHA256, hashes.SHA384, hashes.SHA512, ) def _verify_algorithm(algorithm): if not isinstance(algorithm, _ALLOWED_HASHES): raise ValueError( "Algorithm must be SHA1, SHA224, SHA256, SHA384, or SHA512" ) class OCSPCertStatus(utils.Enum): GOOD = 0 REVOKED = 1 UNKNOWN = 2 class _SingleResponse(object): def __init__( self, cert, issuer, algorithm, cert_status, this_update, next_update, revocation_time, revocation_reason, ): if not isinstance(cert, x509.Certificate) or not isinstance( issuer, x509.Certificate ): raise TypeError("cert and issuer must be a Certificate") _verify_algorithm(algorithm) if not isinstance(this_update, datetime.datetime): raise TypeError("this_update must be a datetime object") if next_update is not None and not isinstance( next_update, datetime.datetime ): raise TypeError("next_update must be a datetime object or None") self._cert = cert self._issuer = issuer self._algorithm = algorithm self._this_update = this_update self._next_update = next_update if not isinstance(cert_status, OCSPCertStatus): raise TypeError( "cert_status must be an item from the OCSPCertStatus enum" ) if cert_status is not OCSPCertStatus.REVOKED: if revocation_time is not None: raise ValueError( "revocation_time can only be provided if the certificate " "is revoked" ) if revocation_reason is not None: raise ValueError( "revocation_reason can only be provided if the certificate" " is revoked" ) else: if not isinstance(revocation_time, datetime.datetime): raise TypeError("revocation_time must be a datetime object") revocation_time = _convert_to_naive_utc_time(revocation_time) if revocation_time < _EARLIEST_UTC_TIME: raise ValueError( "The revocation_time must be on or after" " 1950 January 1." ) if revocation_reason is not None and not isinstance( revocation_reason, x509.ReasonFlags ): raise TypeError( "revocation_reason must be an item from the ReasonFlags " "enum or None" ) self._cert_status = cert_status self._revocation_time = revocation_time self._revocation_reason = revocation_reason class OCSPRequest(metaclass=abc.ABCMeta): @abc.abstractproperty def issuer_key_hash(self) -> bytes: """ The hash of the issuer public key """ @abc.abstractproperty def issuer_name_hash(self) -> bytes: """ The hash of the issuer name """ @abc.abstractproperty def hash_algorithm(self) -> hashes.HashAlgorithm: """ The hash algorithm used in the issuer name and key hashes """ @abc.abstractproperty def serial_number(self) -> int: """ The serial number of the cert whose status is being checked """ @abc.abstractmethod def public_bytes(self, encoding: serialization.Encoding) -> bytes: """ Serializes the request to DER """ @abc.abstractproperty def extensions(self) -> x509.Extensions: """ The list of request extensions. Not single request extensions. """ class OCSPResponse(metaclass=abc.ABCMeta): @abc.abstractproperty def response_status(self) -> OCSPResponseStatus: """ The status of the response. This is a value from the OCSPResponseStatus enumeration """ @abc.abstractproperty def signature_algorithm_oid(self) -> x509.ObjectIdentifier: """ The ObjectIdentifier of the signature algorithm """ @abc.abstractproperty def signature_hash_algorithm( self, ) -> typing.Optional[hashes.HashAlgorithm]: """ Returns a HashAlgorithm corresponding to the type of the digest signed """ @abc.abstractproperty def signature(self) -> bytes: """ The signature bytes """ @abc.abstractproperty def tbs_response_bytes(self) -> bytes: """ The tbsResponseData bytes """ @abc.abstractproperty def certificates(self) -> typing.List[x509.Certificate]: """ A list of certificates used to help build a chain to verify the OCSP response. This situation occurs when the OCSP responder uses a delegate certificate. """ @abc.abstractproperty def responder_key_hash(self) -> typing.Optional[bytes]: """ The responder's key hash or None """ @abc.abstractproperty def responder_name(self) -> typing.Optional[x509.Name]: """ The responder's Name or None """ @abc.abstractproperty def produced_at(self) -> datetime.datetime: """ The time the response was produced """ @abc.abstractproperty def certificate_status(self) -> OCSPCertStatus: """ The status of the certificate (an element from the OCSPCertStatus enum) """ @abc.abstractproperty def revocation_time(self) -> typing.Optional[datetime.datetime]: """ The date of when the certificate was revoked or None if not revoked. """ @abc.abstractproperty def revocation_reason(self) -> typing.Optional[x509.ReasonFlags]: """ The reason the certificate was revoked or None if not specified or not revoked. """ @abc.abstractproperty def this_update(self) -> datetime.datetime: """ The most recent time at which the status being indicated is known by the responder to have been correct """ @abc.abstractproperty def next_update(self) -> typing.Optional[datetime.datetime]: """ The time when newer information will be available """ @abc.abstractproperty def issuer_key_hash(self) -> bytes: """ The hash of the issuer public key """ @abc.abstractproperty def issuer_name_hash(self) -> bytes: """ The hash of the issuer name """ @abc.abstractproperty def hash_algorithm(self) -> hashes.HashAlgorithm: """ The hash algorithm used in the issuer name and key hashes """ @abc.abstractproperty def serial_number(self) -> int: """ The serial number of the cert whose status is being checked """ @abc.abstractproperty def extensions(self) -> x509.Extensions: """ The list of response extensions. Not single response extensions. """ @abc.abstractproperty def single_extensions(self) -> x509.Extensions: """ The list of single response extensions. Not response extensions. """ @abc.abstractmethod def public_bytes(self, encoding: serialization.Encoding) -> bytes: """ Serializes the response to DER """ class OCSPRequestBuilder(object): def __init__( self, request: typing.Optional[ typing.Tuple[ x509.Certificate, x509.Certificate, hashes.HashAlgorithm ] ] = None, extensions: typing.List[x509.Extension[x509.ExtensionType]] = [], ) -> None: self._request = request self._extensions = extensions def add_certificate( self, cert: x509.Certificate, issuer: x509.Certificate, algorithm: hashes.HashAlgorithm, ) -> "OCSPRequestBuilder": if self._request is not None: raise ValueError("Only one certificate can be added to a request") _verify_algorithm(algorithm) if not isinstance(cert, x509.Certificate) or not isinstance( issuer, x509.Certificate ): raise TypeError("cert and issuer must be a Certificate") return OCSPRequestBuilder((cert, issuer, algorithm), self._extensions) def add_extension( self, extval: x509.ExtensionType, critical: bool ) -> "OCSPRequestBuilder": if not isinstance(extval, x509.ExtensionType): raise TypeError("extension must be an ExtensionType") extension = x509.Extension(extval.oid, critical, extval) _reject_duplicate_extension(extension, self._extensions) return OCSPRequestBuilder( self._request, self._extensions + [extension] ) def build(self) -> OCSPRequest: if self._request is None: raise ValueError("You must add a certificate before building") return ocsp.create_ocsp_request(self) class OCSPResponseBuilder(object): def __init__( self, response: typing.Optional[_SingleResponse] = None, responder_id: typing.Optional[ typing.Tuple[x509.Certificate, OCSPResponderEncoding] ] = None, certs: typing.Optional[typing.List[x509.Certificate]] = None, extensions: typing.List[x509.Extension[x509.ExtensionType]] = [], ): self._response = response self._responder_id = responder_id self._certs = certs self._extensions = extensions def add_response( self, cert: x509.Certificate, issuer: x509.Certificate, algorithm: hashes.HashAlgorithm, cert_status: OCSPCertStatus, this_update: datetime.datetime, next_update: typing.Optional[datetime.datetime], revocation_time: typing.Optional[datetime.datetime], revocation_reason: typing.Optional[x509.ReasonFlags], ) -> "OCSPResponseBuilder": if self._response is not None: raise ValueError("Only one response per OCSPResponse.") singleresp = _SingleResponse( cert, issuer, algorithm, cert_status, this_update, next_update, revocation_time, revocation_reason, ) return OCSPResponseBuilder( singleresp, self._responder_id, self._certs, self._extensions, ) def responder_id( self, encoding: OCSPResponderEncoding, responder_cert: x509.Certificate ) -> "OCSPResponseBuilder": if self._responder_id is not None: raise ValueError("responder_id can only be set once") if not isinstance(responder_cert, x509.Certificate): raise TypeError("responder_cert must be a Certificate") if not isinstance(encoding, OCSPResponderEncoding): raise TypeError( "encoding must be an element from OCSPResponderEncoding" ) return OCSPResponseBuilder( self._response, (responder_cert, encoding), self._certs, self._extensions, ) def certificates( self, certs: typing.Iterable[x509.Certificate] ) -> "OCSPResponseBuilder": if self._certs is not None: raise ValueError("certificates may only be set once") certs = list(certs) if len(certs) == 0: raise ValueError("certs must not be an empty list") if not all(isinstance(x, x509.Certificate) for x in certs): raise TypeError("certs must be a list of Certificates") return OCSPResponseBuilder( self._response, self._responder_id, certs, self._extensions, ) def add_extension( self, extval: x509.ExtensionType, critical: bool ) -> "OCSPResponseBuilder": if not isinstance(extval, x509.ExtensionType): raise TypeError("extension must be an ExtensionType") extension = x509.Extension(extval.oid, critical, extval) _reject_duplicate_extension(extension, self._extensions) return OCSPResponseBuilder( self._response, self._responder_id, self._certs, self._extensions + [extension], ) def sign( self, private_key: PRIVATE_KEY_TYPES, algorithm: typing.Optional[hashes.HashAlgorithm], ) -> OCSPResponse: if self._response is None: raise ValueError("You must add a response before signing") if self._responder_id is None: raise ValueError("You must add a responder_id before signing") return ocsp.create_ocsp_response( OCSPResponseStatus.SUCCESSFUL, self, private_key, algorithm ) @classmethod def build_unsuccessful( cls, response_status: OCSPResponseStatus ) -> OCSPResponse: if not isinstance(response_status, OCSPResponseStatus): raise TypeError( "response_status must be an item from OCSPResponseStatus" ) if response_status is OCSPResponseStatus.SUCCESSFUL: raise ValueError("response_status cannot be SUCCESSFUL") return ocsp.create_ocsp_response(response_status, None, None, None) def load_der_ocsp_request(data: bytes) -> OCSPRequest: return ocsp.load_der_ocsp_request(data) def load_der_ocsp_response(data: bytes) -> OCSPResponse: return ocsp.load_der_ocsp_response(data)