U BB`@sdZddlmZmZmZmZddlmZddlm Z ddl m Z m Z ddl mZmZmZmZmZmZmZmZGdd d eZGd d d eZGd d d eZGdddeZGdddeZGdddeeZGdddeZGdddeZGdddeZGdddeZ GdddeZ!GdddeZ"Gd d!d!eeZ#Gd"d#d#eZ$Gd$d%d%eZ%Gd&d'd'eZ&Gd(d)d)eZ'Gd*d+d+eZ(Gd,d-d-eZ)Gd.d/d/eZ*Gd0d1d1eZ+Gd2d3d3eZ,Gd4d5d5eZ-Gd6d7d7eZ.Gd8d9d9eZ/Gd:d;d;eZ0Gdd?d?eZ2Gd@dAdAeZ3GdBdCdCeZ4GdDdEdEeeZ5GdFdGdGeZ6GdHdIdIeZ7GdJdKdKeZ8GdLdMdMeZ9e6e5j:dN<GdOdPdPeZ;GdQdRdReeZr?r@rArBrCrDrErFZshake128Zshake256Z shake128_lenZ shake256_len)z1.2.840.113549.2.2z1.2.840.113549.2.5r#r$r%r&r'z2.16.840.1.101.3.4.2.5z2.16.840.1.101.3.4.2.6z2.16.840.1.101.3.4.2.7z2.16.840.1.101.3.4.2.8z2.16.840.1.101.3.4.2.9z2.16.840.1.101.3.4.2.10z2.16.840.1.101.3.4.2.11z2.16.840.1.101.3.4.2.12z2.16.840.1.101.3.4.2.17z2.16.840.1.101.3.4.2.18NrGrrrrrJs$rJc@s"eZdZdefdeddifgZdS)DigestAlgorithmrrrTN)rrrrJr rrrrrrMs rMc@seZdZdefdefgZdS) DigestInfoZdigest_algorithmdigestN)rrrrMrrrrrrrNsrNc@seZdZddiZdS)MaskGenAlgorithmIdz1.2.840.113549.1.1.8mgf1NrGrrrrrPsrPc@s.eZdZdefdeddifgZdZdeiZdS)MaskGenAlgorithmrrrTr(rQN) rrrrPr rr)rMr+rrrrrRs rRc@seZdZddiZdS) TrailerFieldrtrailer_field_bcNrGrrrrrSsrSc@sVeZdZdedddidfdeddddid dfd ed d dfd edddfgZdS)RSASSAPSSParamshash_algorithmrrr<explicitdefaultmask_gen_algorithmrrQr(Z salt_lengthZ trailer_fieldrTN)rrrrMrRr rSrrrrrrUs6   rUc@s~eZdZdddddddddddd d d d d d d dddddddddddZdddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-d.d/d0Zd1S)2SignedDigestAlgorithmIdmd5_rsasha1_rsamd2_rsa sha224_rsa sha256_rsa sha384_rsa sha512_rsa rsassa_psssha1_dsa sha224_dsa sha256_dsa sha1_ecdsa sha224_ecdsa sha256_ecdsa sha384_ecdsa sha512_ecdsasha3_224_ecdsasha3_256_ecdsasha3_384_ecdsasha3_512_ecdsarsassa_pkcs1v15dsaecdsa)z 1.3.14.3.2.3z 1.3.14.3.2.29z1.3.14.7.2.3.11.2.840.113549.1.1.21.2.840.113549.1.1.41.2.840.113549.1.1.5r"rr r!1.2.840.113549.1.1.101.2.840.10040.4.3z 1.3.14.3.2.13z 1.3.14.3.2.272.16.840.1.101.3.4.3.12.16.840.1.101.3.4.3.21.2.840.10045.4.11.2.840.10045.4.3.11.2.840.10045.4.3.21.2.840.10045.4.3.31.2.840.10045.4.3.42.16.840.1.101.3.4.3.92.16.840.1.101.3.4.3.102.16.840.1.101.3.4.3.112.16.840.1.101.3.4.3.12r1.2.840.10040.4.11.2.840.10045.4rrrvrwrryrzr}rxr{r~r"r|rrrr rr!rrrr)rtrurar_rsrfrgrjr`rhrkrbrirlrcrmrdrnrerorprqrrN)rrrrHZ _reverse_maprrrrr^sj!r^c@sFeZdZdefdeddifgZdZdeiZe ddZ e d d Z d S) SignedDigestAlgorithmrrrTr(rfcCs`|dj}dddddddddddddddddddddddd}||krN||Sttd|dS) zx :return: A unicode string of "rsassa_pkcs1v15", "rsassa_pss", "dsa" or "ecdsa" rrsrfrtru)rar_r`rbrcrdrersrfrgrhrirtrjrkrlrmrnrorprqrrruz> Signature algorithm not known for %s Nr* ValueErrorrr.rZalgo_maprrrsignature_algo/s> z$SignedDigestAlgorithm.signature_algocCsj|dj}dddddddddddddddd }||kr>||S|d krX|d d djSttd |dS)z :return: A unicode string of "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512", "sha512_224", "sha512_256" rrKrLr<r=r>r?r@)rar_r`rbrcrdrergrhrirjrkrlrmrnrfrrVz9 Hash algorithm not known for %s Nrrrrr hash_algo\s2 zSignedDigestAlgorithm.hash_algoN) rrrr^r rr)rUr+propertyrrrrrrr$s  ,rc@seZdZdefdefgZdS) Pbkdf2SaltZ specified other_sourceN)rrrrrZ _alternativesrrrrrsrc@s8eZdZdefdefdeddifdeddd iifgZd S) Pbkdf2Paramssaltiteration_count key_lengthrTprfrYrr<N)rrrrr rIrrrrrrs  rc@seZdZddiZdS)KdfAlgorithmIdz1.2.840.113549.1.5.12pbkdf2NrGrrrrrsrc@s.eZdZdefdeddifgZdZdeiZdS) KdfAlgorithmrrrTr(rN) rrrrr rr)rr+rrrrrs rc@s,eZdZdZdefdefdeddifgZdS) DHParameterszn Original Name: DHParameter Source: ftp://ftp.rsasecurity.com/pub/pkcs/ascii/pkcs-3.asc section 9 pgZprivate_value_lengthrTN)rrrr8r rrrrrrs  rc@seZdZddiZdS)KeyExchangeAlgorithmIdz1.2.840.113549.1.3.1dhNrGrrrrrsrc@s.eZdZdefdeddifgZdZdeiZdS)KeyExchangeAlgorithmrrrTr(rN) rrrrr rr)rr+rrrrrs rc@s"eZdZdeddifdefgZdS) Rc2Paramsrc2_parameter_versionrTivN)rrrr rrrrrrrs rc@seZdZddiZdS)Rc5ParamVersionzv1-0NrGrrrrrsrc@s.eZdZdefdefdefdeddifgZdS) Rc5Paramsversionroundsblock_size_in_bitsrrTN)rrrrr rrrrrrrs  rc@seZdZdefdefgZdS) Pbes1Paramsr iterationsNrrrrr rrrrrrsrc@seZdZdefdefgZdS) CcmParamsZ aes_nonceZ aes_icvlenNrrrrrrsrc@seZdZddiZdS)PSourceAlgorithmIdz1.2.840.113549.1.1.9 p_specifiedNrGrrrrrsrc@s.eZdZdefdeddifgZdZdeiZdS)PSourceAlgorithmrrrTr(rN) rrrrr rr)rr+rrrrrs rc@sNeZdZdedddidfdeddddid dfd ed d d d dfgZdS)RSAESOAEPParamsrVrrr<rWrZrrQr(Zp_source_algorithmr[rN)rrrrMrRrrrrrrrs.  rc@s4eZdZdZdefdefgZeddZddZdS) DSASignaturea  An ASN.1 class for translating between the OS crypto library's representation of an (EC)DSA signature and the ASN.1 structure that is part of various RFCs. Original Name: DSS-Sig-Value Source: https://tools.ietf.org/html/rfc3279#section-2.2.2 rscCs>t|dt|d}t|t|dd}|||dS)a Reads a signature from a byte string encoding accordint to IEEE P1363, which is used by Microsoft's BCryptSignHash() function. :param data: A byte string from BCryptSignHash() :return: A DSASignature object rr[N)rr)r len)clsdatarrrrr from_p1363.s zDSASignature.from_p1363cCsJt|dj}t|dj}tt|t|}t||}t||}||S)z Dumps a signature to a byte string compatible with Microsoft's BCryptVerifySignature() function. :return: A byte string compatible with BCryptVerifySignature() rr)r r*maxrr)r.Zr_bytesZs_bytesZint_byte_lengthrrrto_p1363?s   zDSASignature.to_p1363N) rrrr8r r classmethodrrrrrrrs  rc-@sjeZdZddddddddd d d d d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*d+d,d-,Zd.S)/EncryptionAlgorithmIddestripledes_3keyrc2rc4rc5Z aes128_ecb aes128_cbc aes128_ofbZ aes128_cfbZ aes128_wrapZ aes128_gcm aes128_ccmZaes128_wrap_padZ aes192_ecb aes192_cbc aes192_ofbZ aes192_cfbZ aes192_wrapZ aes192_gcm aes192_ccmZaes192_wrap_padZ aes256_ecb aes256_cbc aes256_ofbZ aes256_cfbZ aes256_wrapZ aes256_gcm aes256_ccmZaes256_wrap_padpbes2 pbes1_md2_des pbes1_md5_des pbes1_md2_rc2 pbes1_md5_rc2pbes1_sha1_despbes1_sha1_rc2pkcs12_sha1_rc4_128pkcs12_sha1_rc4_40pkcs12_sha1_tripledes_3keypkcs12_sha1_tripledes_2keypkcs12_sha1_rc2_128pkcs12_sha1_rc2_40Zrsaes_pkcs1v15 rsaes_oaep),z 1.3.14.3.2.7z1.2.840.113549.3.7z1.2.840.113549.3.2z1.2.840.113549.3.4z1.2.840.113549.3.9z2.16.840.1.101.3.4.1.1z2.16.840.1.101.3.4.1.2z2.16.840.1.101.3.4.1.3z2.16.840.1.101.3.4.1.4z2.16.840.1.101.3.4.1.5z2.16.840.1.101.3.4.1.6z2.16.840.1.101.3.4.1.7z2.16.840.1.101.3.4.1.8z2.16.840.1.101.3.4.1.21z2.16.840.1.101.3.4.1.22z2.16.840.1.101.3.4.1.23z2.16.840.1.101.3.4.1.24z2.16.840.1.101.3.4.1.25z2.16.840.1.101.3.4.1.26z2.16.840.1.101.3.4.1.27z2.16.840.1.101.3.4.1.28z2.16.840.1.101.3.4.1.41z2.16.840.1.101.3.4.1.42z2.16.840.1.101.3.4.1.43z2.16.840.1.101.3.4.1.44z2.16.840.1.101.3.4.1.45z2.16.840.1.101.3.4.1.46z2.16.840.1.101.3.4.1.47z2.16.840.1.101.3.4.1.48z1.2.840.113549.1.5.13z1.2.840.113549.1.5.1z1.2.840.113549.1.5.3z1.2.840.113549.1.5.4z1.2.840.113549.1.5.6z1.2.840.113549.1.5.10z1.2.840.113549.1.5.11z1.2.840.113549.1.12.1.1z1.2.840.113549.1.12.1.2z1.2.840.113549.1.12.1.3z1.2.840.113549.1.12.1.4z1.2.840.113549.1.12.1.5z1.2.840.113549.1.12.1.6rz1.2.840.113549.1.1.7NrGrrrrrRsZrc@seZdZdefdeddifgZdZeeee eeeeeee e e e e e e e e e e e e e e e dZ eddZed d Zed d Zed dZeddZeddZeddZeddZeddZdS)EncryptionAlgorithmrrrTr()rrrrrrrrrrrrrrrrrrrrrrrrrrcCs|dj}|dkr$|dddjS|ddkrv|ddkrh|dd\}}|d kr\d S|d krhd Sttd |ttd|dS)z Returns the name of the key derivation function to use. :return: A unicode from of one of the following: "pbkdf1", "pbkdf2", "pkcs12_kdf" rrrkey_derivation_func._rZpbes1Zpbkdf1Zpkcs12Z pkcs12_kdf~ Encryption algorithm "%s" does not have a registered key derivation function zw Unrecognized encryption algorithm "%s", can not determine key derivation function Nr*findsplitrr)r.encryption_algorrrrkdfs$ zEncryptionAlgorithm.kdfcCs~|dj}|dkr,|dddddjS|ddkrl|ddkr^|dd \}}}|Sttd |ttd |d S) z Returns the HMAC algorithm to use with the KDF. :return: A unicode string of one of the following: "md2", "md5", "sha1", "sha224", "sha256", "sha384", "sha512" rrrrrrrrr[rz} Unrecognized encryption algorithm "%s", can not determine key derivation hmac algorithm Nr)r.rrZ hmac_algorrrkdf_hmacs zEncryptionAlgorithm.kdf_hmaccCs|dj}|dkrB|dddd}|jdkr|S|d krJd S|d kr`|ddjS|ddkrddd d dd ddd d d d d |Sttd|dS)al Returns the name of the symmetric encryption cipher to use. The key length can be retrieved via the .key_length property to disabiguate between different variations of TripleDES, AES, and the RC* ciphers. :return: A unicode string from one of the following: "rc2", "rc5", "des", "tripledes", "aes" rrrrrrrrrrrZ tripledesrrrrrrrrN)r*r9encryption_cipherrrrrrrrrs:  z%EncryptionAlgorithm.encryption_cipherc Cs|dj}|ddtdddgkr(dSdddd }||krD||S|d kr`|d jd jdS|d krv|d djS|ddkrddddddddddddd |Sttd|dS)z Returns the block size of the encryption cipher, in bytes. :return: An integer that is the block size in bytes rrrrrrrr)rrrrrrrrrrrrN)r*r9rencryption_block_sizerrr)r.rZ cipher_maprrrrsB  z)EncryptionAlgorithm.encryption_block_sizec Cs|dj}|tddgkr*|djdjStdddd d d d d g}||krT|djS|dkrj|ddjS|ddkr|dSttd|dS)a Returns the byte string of the initialization vector for the encryption scheme. Only the PBES2 stores the IV in the params. For PBES1, the IV is derived from the KDF and this property will return None. :return: A byte string or None rrrrrrrrrrrrrrrrrNr)r*r9r encryption_ivrrr)r.rZoctet_string_iv_oidsrrrr1s.   z!EncryptionAlgorithm.encryption_ivN)rrrrr rr)rrrrrrr+rrrrrrrrrrrrrrrsb ! ( # , ! _ ! 0 2rc@seZdZdefdefgZdS) Pbes2ParamsrrN)rrrrrrrrrrrbsrc@seZdZdefdefgZdS) Pbmac1ParamsrZmessage_auth_schemeN)rrrrrIrrrrrrisrc@seZdZddiZdS) Pkcs5MacIdz1.2.840.113549.1.5.14pbmac1NrGrrrrrpsrc@s(eZdZdefdefgZdZdeiZdS)Pkcs5MacAlgorithmrrr(rN) rrrrr rr)rr+rrrrrvsrrc@seZdZiZddZdS)AnyAlgorithmIdcCs8|jj}tttfD] }|jD]\}}|||<q qdSN)r3rHrr^rJitems)r.rH other_clsoidrrrr_setupszAnyAlgorithmId._setupN)rrrrHr rrrrrsrc@s2eZdZdefdeddifgZdZiZddZdS) AnyAlgorithmIdentifierrrrTr(cCs@t||jj}ttfD] }|jD]\}}|||<q(qdSr)rr r3r+rrr)r.specsrrspecrrrr s   zAnyAlgorithmIdentifier._setupN) rrrrr rr)r+r rrrrr s  r N)=r8 __future__rrrr_errorsr_intrutilr r corer r r rrrrrrobjectrr;rIrJrMrNrPrRrSrUr^rrrrrrrrrrrrrrrrrrrrrrrr+rr rrrrs\  (9 (<a       #35^