| 200 | |
| 201 | |
| 202 | class OCSPResponseBuilder: |
| 203 | def __init__( |
| 204 | self, |
| 205 | response: _SingleResponse | None = None, |
| 206 | responder_id: tuple[x509.Certificate, OCSPResponderEncoding] |
| 207 | | None = None, |
| 208 | certs: list[x509.Certificate] | None = None, |
| 209 | extensions: list[x509.Extension[x509.ExtensionType]] = [], |
| 210 | ): |
| 211 | self._response = response |
| 212 | self._responder_id = responder_id |
| 213 | self._certs = certs |
| 214 | self._extensions = extensions |
| 215 | |
| 216 | def add_response( |
| 217 | self, |
| 218 | cert: x509.Certificate, |
| 219 | issuer: x509.Certificate, |
| 220 | algorithm: hashes.HashAlgorithm, |
| 221 | cert_status: OCSPCertStatus, |
| 222 | this_update: datetime.datetime, |
| 223 | next_update: datetime.datetime | None, |
| 224 | revocation_time: datetime.datetime | None, |
| 225 | revocation_reason: x509.ReasonFlags | None, |
| 226 | ) -> OCSPResponseBuilder: |
| 227 | if self._response is not None: |
| 228 | raise ValueError("Only one response per OCSPResponse.") |
| 229 | |
| 230 | if not isinstance(cert, x509.Certificate) or not isinstance( |
| 231 | issuer, x509.Certificate |
| 232 | ): |
| 233 | raise TypeError("cert and issuer must be a Certificate") |
| 234 | |
| 235 | singleresp = _SingleResponse( |
| 236 | (cert, issuer), |
| 237 | None, |
| 238 | algorithm, |
| 239 | cert_status, |
| 240 | this_update, |
| 241 | next_update, |
| 242 | revocation_time, |
| 243 | revocation_reason, |
| 244 | ) |
| 245 | return OCSPResponseBuilder( |
| 246 | singleresp, |
| 247 | self._responder_id, |
| 248 | self._certs, |
| 249 | self._extensions, |
| 250 | ) |
| 251 | |
| 252 | def add_response_by_hash( |
| 253 | self, |
| 254 | issuer_name_hash: bytes, |
| 255 | issuer_key_hash: bytes, |
| 256 | serial_number: int, |
| 257 | algorithm: hashes.HashAlgorithm, |
| 258 | cert_status: OCSPCertStatus, |
| 259 | this_update: datetime.datetime, |
no outgoing calls
no test coverage detected