bXc@`sddlmZmZmZddlZddlmZddlmZm Z m Z ddl m Z ddl mZddlmZmZmZddlmZmZmZmZmZmZdd lmZmZd Zd Zd Zd Z dZ!dZ"dZ#ej$ede%fdYZ&ej$ede%fdYZ'ej$ede%fdYZ(ej$ede%fdYZ)dS(i(tabsolute_importtdivisiontprint_functionN(tutils(tInvalidSignaturetUnsupportedAlgorithmt_Reasons(t_calculate_digest_and_algorithm(thashes(tAsymmetricSignatureContexttAsymmetricVerificationContexttrsa(tAsymmetricPaddingtMGF1tOAEPtPKCS1v15tPSStcalculate_max_pss_salt_length(tRSAPrivateKeyWithSerializationtRSAPublicKeyWithSerializationcC`s<|j}|tjks'|tjkr4t||S|SdS(N(t _salt_lengthR t MAX_LENGTHRR(tpsstkeythash_algorithmtsalt((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_get_rsa_pss_salt_lengths  cC`st|tstdnt|tr<|jj}nt|tr|jj}t|jt s~t dt j n|j |st dt jn|jdk r|jdkrtdqnt dj|jt jt|||||S(Ns1Padding must be an instance of AsymmetricPadding.s'Only MGF1 is supported by this backend.sPThis combination of padding and hash algorithm is not supported by this backend.ts*This backend does not support OAEP labels.s%{0} is not supported by this backend.(t isinstanceR t TypeErrorRt_libtRSA_PKCS1_PADDINGRtRSA_PKCS1_OAEP_PADDINGt_mgfR RRtUNSUPPORTED_MGFtrsa_padding_supportedtUNSUPPORTED_PADDINGt_labeltNonet ValueErrortformattnamet_enc_dec_rsa_pkey_ctx(tbackendRtdatatpaddingt padding_enum((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _enc_dec_rsa%s*   cC`sdt|tr*|jj}|jj}n|jj}|jj}|jj|j|j j }|j ||j j k|j j ||jj }||}|j |dk|jj||}|j |dk|jj|j} |j | dkt|tr|jjr|jj|jjjjd} |j | |j j k|jj|| }|j |dk|jj|jjjd} |j | |j j k|jj|| }|j |dkn|j jd| } |j jd| } ||| | |t|}|dkrLt||n|j j| | d S(Niitasciissize_t *sunsigned char[](Rt _RSAPublicKeyRtEVP_PKEY_encrypt_inittEVP_PKEY_encrypttEVP_PKEY_decrypt_inittEVP_PKEY_decrypttEVP_PKEY_CTX_newt _evp_pkeyt_ffitNULLtopenssl_asserttgctEVP_PKEY_CTX_freetEVP_PKEY_CTX_set_rsa_paddingt EVP_PKEY_sizeRtCryptography_HAS_RSA_OAEP_MDtEVP_get_digestbynameR!t _algorithmR)tencodetEVP_PKEY_CTX_set_rsa_mgf1_mdtEVP_PKEY_CTX_set_rsa_oaep_mdtnewtlent_handle_rsa_enc_dec_errortbuffer(R+RR,R.R-tinittcrypttpkey_ctxtrestbuf_sizetmgf1_mdtoaep_mdtoutlentbuf((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR*IsD           cC`s|j}|st|dj|jjks7tt|trt|dj|jjksett dnq|jj |jj |jj |jj g}|jjr|j|jjn|dj|kstt ddS(NisGData too long for key size. Encrypt less data or use a larger key size.sDecryption failed.(t_consume_errorstAssertionErrortlibRt ERR_LIB_RSARR1treasont!RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZER'tRSA_R_BLOCK_TYPE_IS_NOT_01tRSA_R_BLOCK_TYPE_IS_NOT_02tRSA_R_OAEP_DECODING_ERRORt RSA_R_DATA_TOO_LARGE_FOR_MODULUSt*Cryptography_HAS_RSA_R_PKCS_DECODING_ERRORtappendtRSA_R_PKCS_DECODING_ERROR(R+Rterrorstdecoding_errors((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRGus         cC`st|tstdn|jj|j}|j|dkt|trd|jj}nt|t rt|j t st dt jn||jddkrtdn|j|j jst dt jn|jj}nt dj|jt j|S(Ns'Expected provider of AsymmetricPadding.is'Only MGF1 is supported by this backend.isDDigest too large for key size. Use a larger key or different digest.sGWhen OpenSSL is older than 1.0.1 then only SHA1 is supported with MGF1.s%{0} is not supported by this backend.(RR RRR>R7R:RRRR!R RRR"t digest_sizeR't_pss_mgf1_hash_supportedRAtUNSUPPORTED_HASHtRSA_PKCS1_PSS_PADDINGR(R)R$(R+RR-t algorithmt pkey_sizeR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_determine_paddings, cC`s|jj|jjd}|j||jjk|jj|j|jj}|j||jjk|jj ||jj }|jj |}|j|dk|jj ||}|j|dk|jj ||}|j|dkt|tr|jj|t|||}|j|dk|jjr|jj|jjjjd} |j| |jjk|jj|| }|j|dkqn|jjd} |jj||jj| |t|}|j|dk|jjd| d} |jj|| | |t|}|dkr|j} | dj|jjks{td} | dj|jjkrd} n%| dj|jj kstd} | dk stt!| n|jj"| S(NR0iissize_t *sunsigned char[]s@Salt length too long for key size. Try using MAX_LENGTH instead.s0Digest too large for key size. Use a larger key.(#RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_sign_inittEVP_PKEY_CTX_set_signature_mdR=RRt EVP_PKEY_CTX_set_rsa_pss_saltlenRtCryptography_HAS_MGF1_MDR!RARCREt EVP_PKEY_signRFRRRTRURSR&RVRWt RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEYR'RH(R+R-R.Ret private_keyR,tevp_mdRKRLRNtbuflenRQR_RV((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _rsa_sig_signsn                    c C`s&|jj|jjd}|j||jjk|jj|j|jj}|j||jjk|jj ||jj }|jj |} |j| dk|jj ||} |j| dk|jj ||} |j| dkt|tr|jj|t|||} |j| dk|jjr|jj|jjjjd} |j| |jjk|jj|| } |j| dkqn|jj||t||t|} |j| dk| dkr"|j} | sttndS(NR0ii(RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_verify_initRiR=RRRjRRkR!RARCtEVP_PKEY_verifyRFRRRSR( R+R-R.Ret public_keyt signatureR,RoRKRLRNR_((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_verifysT                 t_RSASignatureContextcB`s#eZdZdZdZRS(cC`s[||_||_t|||||_||_||_tj|j|j|_dS(N( t_backendt _private_keyRgt _padding_enumt_paddingRARtHasht _hash_ctx(tselfR+RnR-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt__init__>s    cC`s|jj|dS(N(R}tupdate(R~R,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRIscC`s1t|j|j|j|j|j|jjS(N(RqRxR{RzRARyR}tfinalize(R~((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRLs(t__name__t __module__RRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRw<s t_RSAVerificationContextcB`s#eZdZdZdZRS(cC`sj||_||_||_||_t|||||_|}||_tj|j|j|_ dS(N( Rxt _public_keyt _signatureR{RgRzRARR|R}(R~R+RtRuR-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRYs     cC`s|jj|dS(N(R}R(R~R,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRgscC`s7t|j|j|j|j|j|j|jjS(N( RvRxR{RzRARRR}R(R~((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifyjs(RRRRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRWs  t_RSAPrivateKeycB`sVeZdZejdZdZdZdZdZ dZ dZ RS(cC`s||_||_||_|jjjd}|jjj|j||jjj|jjj|jj|d|jjjk|jjj |d|_ dS(Ns BIGNUM **i( Rxt _rsa_cdataR7R8RERt RSA_get0_keyR9R:t BN_num_bitst _key_size(R~R+t rsa_cdatatevp_pkeytn((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRxs    #RcC`st|j|||S(N(RwRx(R~R-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsignerscC`sSttj|jd}|t|kr=tdnt|j|||S(Ng @s,Ciphertext length must be equal to key size.(tinttmathtceiltkey_sizeRFR'R/Rx(R~t ciphertextR-tkey_size_bytes((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytdecryptscC`s|jjj|j}|jj||jjjk|jjj||jjj}|jjj ||jjj}|jj|dk|jj |}t |j||S(Ni( RxRtRSAPublicKey_dupRR:R8R9R;tRSA_freetRSA_blinding_ont_rsa_cdata_to_evp_pkeyR1(R~tctxRLR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRts!!c C`s|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjj|j||||jj|d|jjjk|jj|d|jjjk|jj|d|jjjk|jjj|j|||jj|d|jjjk|jj|d|jjjk|jjj |j||||jj|d|jjjk|jj|d|jjjk|jj|d|jjjkt j d|jj |dd|jj |dd|jj |dd|jj |dd|jj |dd|jj |dd t j d |jj |dd |jj |dS( Ns BIGNUM **itptqtdtdmp1tdmq1tiqmptpublic_numbersteR(RxR8RERRRR:R9tRSA_get0_factorstRSA_get0_crt_paramsR tRSAPrivateNumberst _bn_to_inttRSAPublicNumbers( R~RRRRRRRR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytprivate_numberss<##### ###  cC`s"|jj||||j|jS(N(Rxt_private_key_bytesR7R(R~tencodingR(tencryption_algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt private_bytess  cC`sOt|j|||}t|j||\}}t|j|||||S(N(RgRxRRq(R~R,R-ReR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsigns ( RRRRtread_only_propertyRRRRtRRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRvs    # R1cB`sMeZdZejdZdZdZdZdZ dZ RS(cC`s||_||_||_|jjjd}|jjj|j||jjj|jjj|jj|d|jjjk|jjj |d|_ dS(Ns BIGNUM **i( RxRR7R8RERRR9R:RR(R~R+RRR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs    #RcC`s7t|tstdnt|j||||S(Nssignature must be bytes.(RtbytesRRRx(R~RuR-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifierscC`st|j|||S(N(R/Rx(R~t plaintextR-((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytencryptscC`s|jjjd}|jjjd}|jjj|j|||jjj|jj|d|jjjk|jj|d|jjjktj d|jj |dd|jj |dS(Ns BIGNUM **iRR( RxR8RERRRR9R:R RR(R~RR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs ## cC`s"|jj||||j|jS(N(Rxt_public_key_bytesR7R(R~RR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt public_bytess  cC`sRt|j|||}t|j||\}}t|j||||||S(N(RgRxRRv(R~RuR,R-ReR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs( RRRRRRRRRRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR1s    (*t __future__RRRRt cryptographyRtcryptography.exceptionsRRRt*cryptography.hazmat.backends.openssl.utilsRtcryptography.hazmat.primitivesRt)cryptography.hazmat.primitives.asymmetricR R R t1cryptography.hazmat.primitives.asymmetric.paddingR R RRRRt-cryptography.hazmat.primitives.asymmetric.rsaRRRR/R*RGRgRqRvtregister_interfacetobjectRwRRR1(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyts. . $ ,  ' I ;\