bXc@`sddlmZmZmZddlZddlmZddlmZm Z m Z ddl m Z ddl mZddlmZmZmZddlmZmZmZmZmZmZdd lmZmZd Zd Zd Zd Z dZ!dZ"dZ#ej$ede%fdYZ&ej$ede%fdYZ'ej$ede%fdYZ(ej$ede%fdYZ)dS(i(tabsolute_importtdivisiontprint_functionN(tutils(tInvalidSignaturetUnsupportedAlgorithmt_Reasons(t_calculate_digest_and_algorithm(thashes(tAsymmetricSignatureContexttAsymmetricVerificationContexttrsa(tAsymmetricPaddingtMGF1tOAEPtPKCS1v15tPSStcalculate_max_pss_salt_length(tRSAPrivateKeyWithSerializationtRSAPublicKeyWithSerializationcC`s<|j}|tjks'|tjkr4t||S|SdS(N(t _salt_lengthR t MAX_LENGTHRR(tpsstkeythash_algorithmtsalt((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_get_rsa_pss_salt_lengths  cC`st|tstdnt|tr<|jj}nt|tr|jj}t|jt s~t dt j n|j |st dt jn|jdk r|jdkrtdqnt dj|jt jt|||||S(Ns1Padding must be an instance of AsymmetricPadding.s'Only MGF1 is supported by this backend.sPThis combination of padding and hash algorithm is not supported by this backend.ts*This backend does not support OAEP labels.s%{0} is not supported by this backend.(t isinstanceR t TypeErrorRt_libtRSA_PKCS1_PADDINGRtRSA_PKCS1_OAEP_PADDINGt_mgfR RRtUNSUPPORTED_MGFtrsa_padding_supportedtUNSUPPORTED_PADDINGt_labeltNonet ValueErrortformattnamet_enc_dec_rsa_pkey_ctx(tbackendRtdatatpaddingt padding_enum((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _enc_dec_rsa%s*   cC`sdt|tr*|jj}|jj}n|jj}|jj}|jj|j|j j }|j ||j j k|j j ||jj }||}|j |dk|jj||}|j |dk|jj|j} |j | dkt|tr|jjr|jj|jjjjd} |j | |j j k|jj|| }|j |dk|jj|jjjd} |j | |j j k|jj|| }|j |dkn|j jd| } |j jd| } ||| | |t|}|dkrLt||n|j j| | d S(Niitasciissize_t *sunsigned char[](Rt _RSAPublicKeyRtEVP_PKEY_encrypt_inittEVP_PKEY_encrypttEVP_PKEY_decrypt_inittEVP_PKEY_decrypttEVP_PKEY_CTX_newt _evp_pkeyt_ffitNULLtopenssl_asserttgctEVP_PKEY_CTX_freetEVP_PKEY_CTX_set_rsa_paddingt EVP_PKEY_sizeRtCryptography_HAS_RSA_OAEP_MDtEVP_get_digestbynameR!t _algorithmR)tencodetEVP_PKEY_CTX_set_rsa_mgf1_mdtEVP_PKEY_CTX_set_rsa_oaep_mdtnewtlent_handle_rsa_enc_dec_errortbuffer(R+RR,R.R-tinittcrypttpkey_ctxtrestbuf_sizetmgf1_mdtoaep_mdtoutlentbuf((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR*IsD           cC`s|j}t|tr*tdnX|jj|jj|jj|jjg}|jj rv|j |jj ntddS(NsGData too long for key size. Encrypt less data or use a larger key size.sDecryption failed.( t_consume_errorsRR1R'RtRSA_R_BLOCK_TYPE_IS_NOT_01tRSA_R_BLOCK_TYPE_IS_NOT_02tRSA_R_OAEP_DECODING_ERRORt RSA_R_DATA_TOO_LARGE_FOR_MODULUSt*Cryptography_HAS_RSA_R_PKCS_DECODING_ERRORtappendtRSA_R_PKCS_DECODING_ERROR(R+Rterrorstdecoding_errors((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRGus      cC`st|tstdn|jj|j}|j|dkt|trd|jj}nt|t rt|j t st dt jn||jddkrtdn|j|j jst dt jn|jj}nt dj|jt j|S(Ns'Expected provider of AsymmetricPadding.is'Only MGF1 is supported by this backend.isDDigest too large for key size. Use a larger key or different digest.sGWhen OpenSSL is older than 1.0.1 then only SHA1 is supported with MGF1.s%{0} is not supported by this backend.(RR RRR>R7R:RRRR!R RRR"t digest_sizeR't_pss_mgf1_hash_supportedRAtUNSUPPORTED_HASHtRSA_PKCS1_PSS_PADDINGR(R)R$(R+RR-t algorithmt pkey_sizeR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_determine_paddings, cC`s|jj|jjd}|j||jjk|jj|j|jj}|j||jjk|jj ||jj }|jj |}|j|dk|jj ||}|j|dk|jj ||}|j|dkt|tr|jj|t|||}|j|dk|jjr|jj|jjjjd} |j| |jjk|jj|| }|j|dkqn|jjd} |jj||jj| |t|}|j|dk|jjd| d} |jj|| | |t|}|dkr|j} d} | dj|jjkrd} nd} t| n|jj| S(NR0iissize_t *sunsigned char[]s@Salt length too long for key size. Try using MAX_LENGTH instead.s0Digest too large for key size. Use a larger key.(RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_sign_inittEVP_PKEY_CTX_set_signature_mdR=RRt EVP_PKEY_CTX_set_rsa_pss_saltlenRtCryptography_HAS_MGF1_MDR!RARCREt EVP_PKEY_signRFRRR&treasont!RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZER'RH(R+R-R.R`t private_keyR,tevp_mdRKRLRNtbuflenRQRZRh((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _rsa_sig_signsf                   c C`s|jj|jjd}|j||jjk|jj|j|jj}|j||jjk|jj ||jj }|jj |} |j| dk|jj ||} |j| dk|jj ||} |j| dkt|tr|jj|t|||} |j| dk|jjr|jj|jjjjd} |j| |jjk|jj|| } |j| dkqn|jj||t||t|} |j| dk| dkr|j} tndS(NR0ii(RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_verify_initRdR=RRReRRfR!RARCtEVP_PKEY_verifyRFRRR( R+R-R.R`t public_keyt signatureR,RkRKRLRNRZ((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_verifysR                t_RSASignatureContextcB`s#eZdZdZdZRS(cC`s[||_||_t|||||_||_||_tj|j|j|_dS(N( t_backendt _private_keyRbt _padding_enumt_paddingRARtHasht _hash_ctx(tselfR+RjR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt__init__>s    cC`s|jj|dS(N(Rytupdate(RzR,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR|IscC`s1t|j|j|j|j|j|jjS(N(RmRtRwRvRARuRytfinalize(Rz((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR}Ls(t__name__t __module__R{R|R}(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs<s t_RSAVerificationContextcB`s#eZdZdZdZRS(cC`sj||_||_||_||_t|||||_|}||_tj|j|j|_ dS(N( Rtt _public_keyt _signatureRwRbRvRARRxRy(RzR+RpRqR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR{Ys     cC`s|jj|dS(N(RyR|(RzR,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR|gscC`s7t|j|j|j|j|j|j|jjS(N( RrRtRwRvRARRRyR}(Rz((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifyjs(R~RR{R|R(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRWs  t_RSAPrivateKeycB`sVeZdZejdZdZdZdZdZ dZ dZ RS(cC`s||_||_||_|jjjd}|jjj|j||jjj|jjj|jj|d|jjjk|jjj |d|_ dS(Ns BIGNUM **i( Rtt _rsa_cdataR7R8RERt RSA_get0_keyR9R:t BN_num_bitst _key_size(RzR+t rsa_cdatatevp_pkeytn((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR{xs    #RcC`st|j|||S(N(RsRt(RzR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsignerscC`sSttj|jd}|t|kr=tdnt|j|||S(Ng @s,Ciphertext length must be equal to key size.(tinttmathtceiltkey_sizeRFR'R/Rt(Rzt ciphertextR-tkey_size_bytes((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytdecryptscC`s|jjj|j}|jj||jjjk|jjj||jjj}|jjj ||jjj}|jj|dk|jj |}t |j||S(Ni( RtRtRSAPublicKey_dupRR:R8R9R;tRSA_freetRSA_blinding_ont_rsa_cdata_to_evp_pkeyR1(RztctxRLR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRps!!c C`s|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjjd}|jjj|j||||jj|d|jjjk|jj|d|jjjk|jj|d|jjjk|jjj|j|||jj|d|jjjk|jj|d|jjjk|jjj |j||||jj|d|jjjk|jj|d|jjjk|jj|d|jjjkt j d|jj |dd|jj |dd|jj |dd|jj |dd|jj |dd|jj |dd t j d |jj |dd |jj |dS( Ns BIGNUM **itptqtdtdmp1tdmq1tiqmptpublic_numbersteR(RtR8RERRRR:R9tRSA_get0_factorstRSA_get0_crt_paramsR tRSAPrivateNumberst _bn_to_inttRSAPublicNumbers( RzRRRRRRRR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytprivate_numberss<##### ###  cC`s"|jj||||j|jS(N(Rtt_private_key_bytesR7R(RztencodingR(tencryption_algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt private_bytess  cC`sOt|j|||}t|j||\}}t|j|||||S(N(RbRtRRm(RzR,R-R`R.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsigns ( R~RR{Rtread_only_propertyRRRRpRRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRvs    # R1cB`sMeZdZejdZdZdZdZdZ dZ RS(cC`s||_||_||_|jjjd}|jjj|j||jjj|jjj|jj|d|jjjk|jjj |d|_ dS(Ns BIGNUM **i( RtRR7R8RERRR9R:RR(RzR+RRR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR{s    #RcC`s7t|tstdnt|j||||S(Nssignature must be bytes.(RtbytesRRRt(RzRqR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifierscC`st|j|||S(N(R/Rt(Rzt plaintextR-((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytencryptscC`s|jjjd}|jjjd}|jjj|j|||jjj|jj|d|jjjk|jj|d|jjjktj d|jj |dd|jj |dS(Ns BIGNUM **iRR( RtR8RERRRR9R:R RR(RzRR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs ## cC`s"|jj||||j|jS(N(Rtt_public_key_bytesR7R(RzRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt public_bytess  cC`sRt|j|||}t|j||\}}t|j||||||S(N(RbRtRRr(RzRqR,R-R`R.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs( R~RR{RRRRRRRR(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR1s    (*t __future__RRRRt cryptographyRtcryptography.exceptionsRRRt*cryptography.hazmat.backends.openssl.utilsRtcryptography.hazmat.primitivesRt)cryptography.hazmat.primitives.asymmetricR R R t1cryptography.hazmat.primitives.asymmetric.paddingR R RRRRt-cryptography.hazmat.primitives.asymmetric.rsaRRRR/R*RGRbRmRrtregister_interfacetobjectRsRRR1(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyts. . $ ,  ' I ;\