_fAU4ddlmZddlZddlZddlmZmZmZddlm Z ddl m Z m Z ddl mZddlmZmZmZmZmZmZmZmZmZddlmZmZmZmZejrdd l m!Z!d/dZ"d0dZ#d1dZ$d2dZ%d3d#Z&d4d&Z'd5d+Z(d6d,Z)Gd-d%eZ*Gd.d(eZ+dS)7) annotationsN)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm)hashes serialization)utils) MGF1OAEPPSSAsymmetricPaddingPKCS1v15_Auto _DigestLength _MaxLengthcalculate_max_pss_salt_length) RSAPrivateKeyRSAPrivateNumbers RSAPublicKeyRSAPublicNumbers)Backendbackendrpssr key)typing.Union[RSAPrivateKey, RSAPublicKey]hash_algorithmhashes.HashAlgorithmreturnintc |j}t|trt||St|tr|jSt|t r0t|trtd|j j S|S)Nz6PSS salt length can only be set to AUTO when verifying) _salt_length isinstancerrr digest_sizerr ValueError_libRSA_PSS_SALTLEN_AUTO)rrrrsalts Z/var/www/html/env/lib/python3.11/site-packages/cryptography/hazmat/backends/openssl/rsa.py_get_rsa_pss_salt_lengthr**s  D$ ## ,S.AAA D- ( ( )) D%  c= ) ) H |00 +typing.Union[_RSAPrivateKey, _RSAPublicKey]databytespaddingrct|tstdt|tr |jj}nt|t rp|jj}t|jtstdtj | |stdtjn"t|jdtjt!|||||S)Nz1Padding must be an instance of AsymmetricPadding.'Only MGF1 is supported by this backend.zPThis combination of padding and hash algorithm is not supported by this backend." is not supported by this backend.)r#r TypeErrorrr&RSA_PKCS1_PADDINGr RSA_PKCS1_OAEP_PADDING_mgfr rrUNSUPPORTED_MGFrsa_padding_supportedUNSUPPORTED_PADDINGname_enc_dec_rsa_pkey_ctx)rrr-r/ padding_enums r) _enc_dec_rsar=@s  g0 1 1MKLLL'8$$ |5 GT " " |: ',-- &9(  ,,W55 &-,  #| ? ? ?  (   !#t\7 K KKr+r<c Lt|tr|jj}|jj}n|jj}|jj}|j|j|j j }| ||j j k|j ||jj }||}| |dk|j||}| |dk|j|j} | | dkt|t r||jj} |j|| }| |dk||j} |j|| }| |dkt|t r|jt/|jdkr|jt/|j} | | |j j k|j | |jt/|j|j|| t/|j}| |dk|j d| } |j d| }|||| |t/|}|j |d| d}|j|dkrt=d|S)Nrsize_t *unsigned char[]zEncryption/decryption failed.)r# _RSAPublicKeyr&EVP_PKEY_encrypt_initEVP_PKEY_encryptEVP_PKEY_decrypt_initEVP_PKEY_decryptEVP_PKEY_CTX_new _evp_pkey_ffiNULLopenssl_assertgcEVP_PKEY_CTX_freeEVP_PKEY_CTX_set_rsa_padding EVP_PKEY_sizer _evp_md_non_null_from_algorithmr6 _algorithmEVP_PKEY_CTX_set_rsa_mgf1_mdEVP_PKEY_CTX_set_rsa_oaep_md_labellenOPENSSL_mallocmemmove EVP_PKEY_CTX_set0_rsa_oaep_labelnewbufferERR_clear_errorr%)rrr-r<r/initcryptpkey_ctxresbuf_sizemgf1_mdoaep_mdlabelptroutlenbufresbufs r)r;r;ds7#}%%.|1 -|1 -|,,S]GL/B/BCCx7<+<<=== Xw~s7>7J7JKKKl;; hGN 3 3   sax((( \  j( 3 3F ,  ,h 7 7C %#vtSYY 7 7C \  % %kq k 2F L  """ axx8999 Mr+ algorithm%typing.Optional[hashes.HashAlgorithm]ct|tstd|j|j}||dkt|tr |jj}nt|trt|j tstdtjt|tjstd||jz dz dkrt%d|jj}n"t|jdtj|S)Nz'Expected provider of AsymmetricPadding.rr1z*Expected instance of hashes.HashAlgorithm.zDDigest too large for key size. Use a larger key or different digest.r2)r#rr3r&rOrHrKrr4r r6r rrr7r HashAlgorithmr$r%RSA_PKCS1_PSS_PADDINGr:r9)rrr/rg pkey_sizer<s r)_rsa_sig_determine_paddingrnsI g0 1 1CABBB **3=99I 9q=)))'8$$ |5 GS ! ! ',-- &9(  )V%9:: JHII I y, ,q 01 4 4+  |9 "| ? ? ?  (   r++typing.Union[_RSAPublicKey, _RSAPrivateKey] init_func"typing.Callable[[typing.Any], int]c t||||}|j|j|jj}|||jjk|j||jj}||}|dkr$| }td|||| |} |j || }|dkrF| td|jt j|j||}|dkrF| td|jt jt)|t*rt)|t,jsJ|j|t3||||}||dk| |jj} |j|| }||dk|S)Nr?z#Unable to sign/verify with this keyrz4{} is not supported by this backend for RSA signing.z4{} is not supported for the RSA signature operation.)rnr&rGrHrIrJrKrLrM_consume_errorsr%rPEVP_PKEY_CTX_set_signature_mdrformatr:rUNSUPPORTED_HASHrNr9r#r rrk EVP_PKEY_CTX_set_rsa_pss_saltlenr*r6rQrR) rr/rgrrpr<r^r_errorsevp_mdras r)_rsa_sig_setuprzsO.gsGYOOL|,,S]GLGGG88CCl886JJ !88  # # % % %&FMMN)   , 3 3Hl K KC axx!!!" B I I     (    '3 ()V%9:::::l;;  $WgsI F F   sQw'''99 L #  l77'JJsQw''' Or+ private_key_RSAPrivateKeyc <t|||||jj}|jd}|j||jj||t|}||dk|jd|d}|j||||t|}|dkr$| } td| |j |ddS)Nr@r?rArzuDigest or salt length too long for key size. Use a larger key or shorter salt length if you are specifying a PSS salt) rzr&EVP_PKEY_sign_initrIrY EVP_PKEY_signrJrUrKrsr%rZ) rr/rgr{r-r^buflenr_rerxs r) _rsa_sig_signr s ' H\  j ) )F , $ $',#VT3t99  C 3!8$$$ ,  ,fQi 8 8C , $ $XsFD#d)) L LC axx((** F    <  s # #AAA &&r+ public_keyrB signatureNonec $t|||||jj}|j||t ||t |}||dk|dkr|tdS)Nr)rzr&EVP_PKEY_verify_initEVP_PKEY_verifyrUrKrsr)rr/rgrrr-r^r_s r)_rsa_sig_verifyr,s ) H , & &)S^^T3t99  C  3!8$$$ axx!!!xr+c t|||||jj}|j|j}||dk|jd|}|jd|}|j||||t|} |j |d|d} |j | dkrt| S)NrrAr@r?) rzr&EVP_PKEY_verify_recover_initrOrHrKrIrYEVP_PKEY_verify_recoverrUrZr[r) rr/rgrrr^maxlenrerr_rfs r)_rsa_sig_recoverrGs 1 H\ ' ' (< = =F 6A:&&& ,  ,f 5 5C \  j& 1 1F , . .#vy#i..  C\  % %kq k 2F L  """ axx Mr+ceZdZUded<ded<ded<d%d Zd&d Zd&dZed'dZd(dZ d)dZ d*dZ d+dZ d,d#Z d$S)-r|objectrH _rsa_cdatar _key_sizerrunsafe_skip_rsa_key_validationboolc|sV|j|}|dkr$|}td||jd}|jd}|j|||||d|jjk||d|jjk|j |d} |j |d} | dks| dkr$|}td|||_ ||_ ||_ d|_ tj|_|j jd} |j j|j | |j jj|j jj|j | d|j jjk|j j| d|_dS)Nr?zInvalid private key BIGNUM **rF)r& RSA_check_keyrsr%rIrYRSA_get0_factorsrKrJ BN_is_odd_backendrrH_blinded threadingLock_blinding_lock RSA_get0_key BN_num_bitsr) selfr rsa_cdataevp_pkeyrr_rxpqp_oddq_oddns r)__init__z_RSAPrivateKey.__init__ps. @,,,Y77Caxx 0022 !6???   --A   --A L ) ))Q : : :  " "1Q47<+<#< = = =  " "1Q47<+<#< = = =L**1Q400EL**1Q400EzzUaZZ 0022 !6??? #! 'n.. M  " "; / / '' O M  # M  #    $$QqTT]-?-D%DEEE+77!==r+rrc|js6|j5|ddddS#1swxYwYdSdSN)rr_non_threadsafe_enable_blindingrs r)_enable_blindingz_RSAPrivateKey._enable_blindings} 7$ 7 744666 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7s 155c|js[|jj|j|jjj}|j|dkd|_dSdS)Nr?T)rrr&RSA_blinding_onrrIrJrK)rr_s r)rz._RSAPrivateKey._non_threadsafe_enable_blindingsh } !-$44!3!8C M ( ( 2 2 2 DMMM  ! !r+c|jSrrrs r)key_sizez_RSAPrivateKey.key_size ~r+ ciphertextr.r/rc||jdzdz}|t|krtdt |j|||S)Nz,Ciphertext length must be equal to key size.)rrrUr%r=r)rrr/key_size_bytess r)decryptz_RSAPrivateKey.decrypts[ -!+1 S__ , ,KLL LDM4WEEEr+rcb|jj|j}|j||jjjk|jj||jjj}|j |}t|j||Sr) rr&RSAPublicKey_duprrKrIrJrLRSA_free_rsa_cdata_to_evp_pkeyrB)rctxrs r)rz_RSAPrivateKey.public_keysm 11$/BB $$SDM,>,C%CDDDm ##C);)DEE=77<<T]C:::r+rc4|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jj|j||||j|d|jjjk|j|d|jjjk|j|d|jjjk|jj|j|||j|d|jjjk|j|d|jjjk|jj |j||||j|d|jjjk|j|d|jjjk|j|d|jjjkt|j |d|j |d|j |d|j |d|j |d|j |dt|j |d|j |dS)Nrrer)rrddmp1dmq1iqmppublic_numbers) rrIrYr&rrrKrJrRSA_get0_crt_paramsr _bn_to_intr) rrrrrrrrrs r)private_numbersz_RSAPrivateKey.private_numberssE M  " "; / / M  " "; / / M  " "; / / M  " "; / / M  " "; / /}!%%k22}!%%k22}!%%k22 ''AqAAA $$QqTT]-?-D%DEEE $$QqTT]-?-D%DEEE $$QqTT]-?-D%DEEE ++DOQBBB $$QqTT]-?-D%DEEE $$QqTT]-?-D%DEEE .. OT4    $$T!W 0B0G%GHHH $$T!W 0B0G%GHHH $$T!W 0B0G%GHHH m&&qt,,m&&qt,,m&&qt,,))$q'22))$q'22))$q'22+-**1Q400-**1Q400    r+encodingserialization.Encodingruserialization.PrivateFormatencryption_algorithm(serialization.KeySerializationEncryptioncT|j|||||j|jSr)r_private_key_bytesrHr)rrrurs r) private_bytesz_RSAPrivateKey.private_bytess4 }//    N O    r+r-rg8typing.Union[asym_utils.Prehashed, hashes.HashAlgorithm]c|t||\}}t|j||||Sr)rrrr)rr-r/rgs r)signz_RSAPrivateKey.signsA 9$ JJiT]GYdKKKr+N)rrrr)rrrr )rr.r/rrr.)rr)rr)rrrurrrrr.)r-r.r/rrgrrr.)__name__ __module__ __qualname____annotations__rrrpropertyrrrrrrr+r)r|r|ksNNN/>/>/>/>b7777 ! ! ! !XFFFF;;;;! ! ! ! F     LLLLLLr+c~eZdZUded<ded<ded<d#dZed$d Zd%d Zd&dZd'dZ d(dZ d)dZ d*d!Z d"S)+rBrrHrr rrrc||_||_||_|jjd}|jj|j||jjj|jjj|j|d|jjjk|jj |d|_ dS)Nrr) rrrHrIrYr&rrJrKrr)rrrrrs r)rz_RSAPublicKey.__init__ s #! M  " "; / / '' O M  # M  #    $$QqTT]-?-D%DEEE+77!==r+rc|jSrrrs r)rz_RSAPublicKey.key_sizerr+otherrct|tstS|jj|j|jdkS)Nr?)r#rBNotImplementedrr& EVP_PKEY_cmprH)rrs r)__eq__z_RSAPublicKey.__eq__sE%// "! ! M  + +DNEO L L  r+ plaintextr.r/rc0t|j|||Sr)r=r)rrr/s r)encryptz_RSAPublicKey.encrypt%sDM4GDDDr+rcP|jjd}|jjd}|jj|j|||jjj|j|d|jjjk|j|d|jjjkt|j |d|j |dS)Nrrr) rrIrYr&rrrJrKrr)rrrs r)rz_RSAPublicKey.public_numbers(s M  " "; / / M  " "; / / '' OQ4=#5#:    $$QqTT]-?-D%DEEE $$QqTT]-?-D%DEEEm&&qt,,m&&qt,,    r+rrruserialization.PublicFormatcR|j||||j|jSr)r_public_key_bytesrHr)rrrus r) public_bytesz_RSAPublicKey.public_bytes5s- }.. fdDNDO   r+rr-rgrrc^t||\}}t|j|||||dSr)rrr)rrr-r/rgs r)verifyz_RSAPublicKey.verify>sB:$ JJi M7ItY     r+rhct|tjrtdt |j||||S)NzoPrehashed is only supported in the sign and verify methods. It cannot be used with recover_data_from_signature.)r# asym_utils Prehashedr3rr)rrr/rgs r)recover_data_from_signaturez)_RSAPublicKey.recover_data_from_signatureJsR i!5 6 6 F  M7ItY   r+N)rrr)rrrr)rr.r/rrr.)rr)rrrurrr.) rr.r-r.r/rrgrrr)rr.r/rrgrhrr.) rrrrrrrrrrrrrrr+r)rBrBsNNN > > > >X    EEEE                     r+) rrrr rrrrrr ) rrrr,r-r.r/rrr.) rrrr,r-r.r<r r/rrr.) rrrr,r/rrgrhrr ) rrr/rrgrhrrorprq) rrr/rrgrr{r|r-r.rr.)rrr/rrgrrrBrr.r-r.rr) rrr/rrgrhrrBrr.rr.), __future__rrtypingcryptography.exceptionsrrr*cryptography.hazmat.backends.openssl.utilsrcryptography.hazmat.primitivesrr )cryptography.hazmat.primitives.asymmetricr r1cryptography.hazmat.primitives.asymmetric.paddingr r r rrrrrr-cryptography.hazmat.primitives.asymmetric.rsarrrr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendrr*r=r;rnrzrrrr|rBrr+r)rs #"""""  A@@@@@@@IIIIII                       EDDDDDD,!L!L!L!LH@@@@F))))`2222j''''@6!!!!HVLVLVLVLVL]VLVLVLrS S S S S LS S S S S r+