B #a@sdZddlmZmZmZmZddlmZddlm Z ddl m Z m Z ddl mZmZmZmZmZmZmZmZGdd d eZGd d d eZGd d d eZGdddeZGdddeZGdddeeZGdddeZGdddeZGdddeZGdddeZ GdddeZ!GdddeZ"Gd d!d!eeZ#Gd"d#d#eZ$Gd$d%d%eZ%Gd&d'd'eZ&Gd(d)d)eZ'Gd*d+d+eZ(Gd,d-d-eZ)Gd.d/d/eZ*Gd0d1d1eZ+Gd2d3d3eZ,Gd4d5d5eZ-Gd6d7d7eZ.Gd8d9d9eZ/Gd:d;d;eZ0Gdd?d?eZ2Gd@dAdAeZ3GdBdCdCeZ4GdDdEdEeeZ5GdFdGdGeZ6GdHdIdIeZ7GdJdKdKeZ8GdLdMdMeZ9e6e5j:dN<GdOdPdPeZ;GdQdRdReeZ Signature algorithm not known for %s N)r ValueErrorr)r#ralgo_maprrrsignature_algo/s: z$SignedDigestAlgorithm.signature_algocCsj|dj}dddddddddddddddd }||kr>||S|d krX|d d djSttd |dS)z :return: A unicode string of "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "sha512_224", "sha512_256" rr>r?r0r1r2r3r4)rSrQrRrTrUrVrWrYrZr[r\r]r^r_r`rXrrIz9 Hash algorithm not known for %s N)rrir)r#rrjrrr hash_algo\s. zSignedDigestAlgorithm.hash_algoN) rrrrPr rrrHr propertyrkrlrrrrrh$s  -rhc@seZdZdefdefgZdS) Pbkdf2SaltZ specified other_sourceN)rrrrrZ _alternativesrrrrrnsrnc@s8eZdZdefdefdeddifdeddd iifgZd S) Pbkdf2Paramssaltiteration_count key_lengthrTprfrKrr0N)rrrrnr r<rrrrrrps rpc@seZdZddiZdS)KdfAlgorithmIdz1.2.840.113549.1.5.12pbkdf2N)rrrr;rrrrrusruc@s.eZdZdefdeddifgZdZdeiZdS) KdfAlgorithmrrrT)rrrvN) rrrrur rrrpr rrrrrwsrwc@s,eZdZdZdefdefdeddifgZdS) DHParameterszn Original Name: DHParameter Source: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc section 9 pgZprivate_value_lengthrTN)rrrr,r rrrrrrxsrxc@seZdZddiZdS)KeyExchangeAlgorithmIdz1.2.840.113549.1.3.1dhN)rrrr;rrrrr{sr{c@s.eZdZdefdeddifgZdZdeiZdS)KeyExchangeAlgorithmrrrT)rrr|N) rrrr{r rrrxr rrrrr}sr}c@s"eZdZdeddifdefgZdS) Rc2Paramsrc2_parameter_versionrTivN)rrrr rrrrrrr~s r~c@seZdZddiZdS)Rc5ParamVersionzv1-0N)rrrr;rrrrrsrc@s.eZdZdefdefdefdeddifgZdS) Rc5Paramsversionroundsblock_size_in_bitsrrTN)rrrrr rrrrrrrsrc@seZdZdefdefgZdS) Pbes1Paramsrq iterationsN)rrrrr rrrrrrsrc@seZdZdefdefgZdS) CcmParamsZ aes_nonceZ aes_icvlenN)rrrrr rrrrrrsrc@seZdZddiZdS)PSourceAlgorithmIdz1.2.840.113549.1.1.9 p_specifiedN)rrrr;rrrrrsrc@s.eZdZdefdeddifgZdZdeiZdS)PSourceAlgorithmrrrT)rrrN) rrrrr rrrr rrrrrsrc@sNeZdZdedddidfdeddddid dfd ed d d d dfgZdS)RSAESOAEPParamsrIrrr0)rJrKrLrrD)rrZp_source_algorithmrMrN)rrrr@rErrrrrrrs rc@s4eZdZdZdefdefgZeddZddZdS) DSASignaturea  An ASN.1 class for translating between the OS crypto library's representation of an (EC)DSA signature and the ASN.1 structure that is part of various RFCs. Original Name: DSS-Sig-Value Source: https://tools.ietf.org/html/rfc3279#section-2.2.2 rscCs>t|dt|d}t|t|dd}|||dS)a Reads a signature from a byte string encoding accordint to IEEE P1363, which is used by Microsoft's BCryptSignHash() function. :param data: A byte string from BCryptSignHash() :return: A DSASignature object rrMN)rr)r len)clsdatarrrrr from_p1363.s zDSASignature.from_p1363cCsJt|dj}t|dj}tt|t|}t||}t||}||S)z Dumps a signature to a byte string compatible with Microsoft's BCryptVerifySignature() function. :return: A byte string compatible with BCryptVerifySignature() rr)r rmaxrr)r#Zr_bytesZs_bytesZint_byte_lengthrrrto_p1363?s   zDSASignature.to_p1363N) rrrr,r r classmethodrrrrrrrs   rc-@sjeZdZddddddddd d d d d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-,Zd.S)/EncryptionAlgorithmIddestripledes_3keyrc2rc4rc5Z aes128_ecb aes128_cbc aes128_ofbZ aes128_cfbZ aes128_wrapZ aes128_gcm aes128_ccmZaes128_wrap_padZ aes192_ecb aes192_cbc aes192_ofbZ aes192_cfbZ aes192_wrapZ aes192_gcm aes192_ccmZaes192_wrap_padZ aes256_ecb aes256_cbc aes256_ofbZ aes256_cfbZ aes256_wrapZ aes256_gcm aes256_ccmZaes256_wrap_padpbes2 pbes1_md2_des pbes1_md5_des pbes1_md2_rc2 pbes1_md5_rc2pbes1_sha1_despbes1_sha1_rc2pkcs12_sha1_rc4_128pkcs12_sha1_rc4_40pkcs12_sha1_tripledes_3keypkcs12_sha1_tripledes_2keypkcs12_sha1_rc2_128pkcs12_sha1_rc2_40Zrsaes_pkcs1v15 rsaes_oaep),z 1.3.14.3.2.7z1.2.840.113549.3.7z1.2.840.113549.3.2z1.2.840.113549.3.4z1.2.840.113549.3.9z2.16.840.1.101.3.4.1.1z2.16.840.1.101.3.4.1.2z2.16.840.1.101.3.4.1.3z2.16.840.1.101.3.4.1.4z2.16.840.1.101.3.4.1.5z2.16.840.1.101.3.4.1.6z2.16.840.1.101.3.4.1.7z2.16.840.1.101.3.4.1.8z2.16.840.1.101.3.4.1.21z2.16.840.1.101.3.4.1.22z2.16.840.1.101.3.4.1.23z2.16.840.1.101.3.4.1.24z2.16.840.1.101.3.4.1.25z2.16.840.1.101.3.4.1.26z2.16.840.1.101.3.4.1.27z2.16.840.1.101.3.4.1.28z2.16.840.1.101.3.4.1.41z2.16.840.1.101.3.4.1.42z2.16.840.1.101.3.4.1.43z2.16.840.1.101.3.4.1.44z2.16.840.1.101.3.4.1.45z2.16.840.1.101.3.4.1.46z2.16.840.1.101.3.4.1.47z2.16.840.1.101.3.4.1.48z1.2.840.113549.1.5.13z1.2.840.113549.1.5.1z1.2.840.113549.1.5.3z1.2.840.113549.1.5.4z1.2.840.113549.1.5.6z1.2.840.113549.1.5.10z1.2.840.113549.1.5.11z1.2.840.113549.1.12.1.1z1.2.840.113549.1.12.1.2z1.2.840.113549.1.12.1.3z1.2.840.113549.1.12.1.4z1.2.840.113549.1.12.1.5z1.2.840.113549.1.12.1.6z1.2.840.113549.1.1.1z1.2.840.113549.1.1.7N)rrrr;rrrrrRsXrc@seZdZdefdeddifgZdZeeee eeeeeee e e e e e e e e e e e e e e e dZ eddZed d Zed d Zed dZeddZeddZeddZeddZeddZdS)EncryptionAlgorithmrrrT)rr)rrrrrrrrrrrrrrrrrrrrrrrrrrcCs|dj}|dkr$|dddjS|ddkrv|ddkrh|dd\}}|d kr\d S|d krhd Sttd |ttd|dS)z Returns the name of the key derivation function to use. :return: A unicode from of one of the following: "pbkdf1", "pbkdf2", "pkcs12_kdf" rrrkey_derivation_func._rZpbes1Zpbkdf1Zpkcs12Z pkcs12_kdfz~ Encryption algorithm "%s" does not have a registered key derivation function zw Unrecognized encryption algorithm "%s", can not determine key derivation function N)rfindsplitrir)r#encryption_algorrrrkdfs zEncryptionAlgorithm.kdfcCs~|dj}|dkr,|dddddjS|ddkrl|ddkr^|dd \}}}|Sttd |ttd |d S) z Returns the HMAC algorithm to use with the KDF. :return: A unicode string of one of the following: "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512" rrrrrtrrrrMz~ Encryption algorithm "%s" does not have a registered key derivation function z} Unrecognized encryption algorithm "%s", can not determine key derivation hmac algorithm N)rrrrir)r#rrZ hmac_algorrrkdf_hmacs zEncryptionAlgorithm.kdf_hmaccCs|dj}|dkrB|dddd}|jdkr|S|d krJd S|d kr`|ddjS|ddkrddd d dd ddd d d d d |Sttd|dS)al Returns the name of the symmetric encryption cipher to use. The key length can be retrieved via the .key_length property to disabiguate between different variations of TripleDES, AES, and the RC* ciphers. :return: A unicode string from one of the following: "rc2", "rc5", "des", "tripledes", "aes" rrrrrrrrrrrZ tripledesrrrrrr) rrrrrrrrrrrrz@ Unrecognized encryption algorithm "%s" N)rr-encryption_cipherrrir)r#rrrrrs4 z%EncryptionAlgorithm.encryption_cipherc Cs|dj}|ddtdddgkr(dSdddd }||krD||S|d kr`|d jd jdS|d krv|d djS|ddkrddddddddddddd |Sttd|dS)z Returns the block size of the encryption cipher, in bytes. :return: An integer that is the block size in bytes rrrrrrrr)rrrrrrrrrr) rrrrrrrrrrrrz@ Unrecognized encryption algorithm "%s" N)rr-rencryption_block_sizerrir)r#rZ cipher_maprrrrs: z)EncryptionAlgorithm.encryption_block_sizec Cs|dj}|tddgkr*|djdjStdddd d d d d g}||krT|djS|dkrj|ddjS|ddkr|dSttd|dS)a Returns the byte string of the initialization vector for the encryption scheme. Only the PBES2 stores the IV in the params. For PBES1, the IV is derived from the KDF and this property will return None. :return: A byte string or None rrrrrrrrrrrrrrrrrNz@ Unrecognized encryption algorithm "%s" )rr-r encryption_ivrrir)r#rZoctet_string_iv_oidsrrrr1s*  z!EncryptionAlgorithm.encryption_ivN)rrrrr rrrr~rrrrr rmrrrrrsrrrrrrrrrsL ) $ - " ` " 1 3rc@seZdZdefdefgZdS) Pbes2ParamsrrN)rrrrwrrrrrrrbsrc@seZdZdefdefgZdS) Pbmac1ParamsrZmessage_auth_schemeN)rrrrwr<rrrrrrisrc@seZdZddiZdS) Pkcs5MacIdz1.2.840.113549.1.5.14pbmac1N)rrrr;rrrrrpsrc@s(eZdZdefdefgZdZdeiZdS)Pkcs5MacAlgorithmrr)rrrN) rrrrr rrrr rrrrrvs rrc@seZdZiZddZdS)AnyAlgorithmIdcCs@|jj}x2tttfD]$}x|jD]\}}|||<q$WqWdS)N)r(r;rrPr=items)r#r; other_clsoidrrrr_setupszAnyAlgorithmId._setupN)rrrr;rrrrrrsrc@s2eZdZdefdeddifgZdZiZddZdS) AnyAlgorithmIdentifierrrrT)rrcCsHt||jj}x0ttfD]$}x|jD]\}}|||<q,WqWdS)N)rrr(r rrhr)r#specsrrspecrrrrs  zAnyAlgorithmIdentifier._setupN) rrrrr rrr rrrrrrs rN)=r, __future__rrrr_errorsr_intrutilr r corer r r rrrrrrobjectrr/r<r=r@rArCrErFrHrPrhrnrprurwrxr{r}r~rrrrrrrrrrrrrrr rrrrrrs\  (9 (<a       #35^