a bP@sddlZddlmZmZmZddlmZddlmZm Z ddl m Z ddl mZmZmZmZmZmZmZmZmZddlmZmZmZmZejrddlmZd eejeefej e!d d d Z"d ejd e#ee#dddZ$d ejd e#e!ee#dddZ%d ejd eej&ej e!dddZ'd eej&ej ejdej(ej)ge!fdddZ*d eej de#e#dddZ+d eej de#e#dd d!d"Z,d eej&ej de#e#d#d$d%Z-Gd&ddeZ.Gd'ddeZ/dS)(N)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm)hashes serialization)utils) AsymmetricPaddingMGF1OAEPPKCS1v15PSS_Auto _DigestLength _MaxLengthcalculate_max_pss_salt_length) RSAPrivateKeyRSAPrivateNumbers RSAPublicKeyRSAPublicNumbers)Backendr)backendpsskeyhash_algorithmreturncCsV|j}t|trt||St|tr*|jSt|trNt|trFtd|j j S|SdS)Nz6PSS salt length can only be set to AUTO when verifying) Z _salt_length isinstancerrr digest_sizerr ValueError_libZRSA_PSS_SALTLEN_AUTO)rrrrsaltr!O/tmp/pip-target-98j97qn4/lib/python/cryptography/hazmat/backends/openssl/rsa.py_get_rsa_pss_salt_length+s     r#)_RSAPrivateKey _RSAPublicKey)rrdatapaddingrcCst|tstdt|tr&|jj}nVt|trh|jj}t|jt sPt dt j | |s|t dt jnt d|jt jt|||||S)Nz1Padding must be an instance of AsymmetricPadding.'Only MGF1 is supported by this backend.zPThis combination of padding and hash algorithm is not supported by this backend.${} is not supported by this backend.)rr TypeErrorr rRSA_PKCS1_PADDINGr ZRSA_PKCS1_OAEP_PADDING_mgfr rrUNSUPPORTED_MGFZrsa_padding_supportedUNSUPPORTED_PADDINGformatname_enc_dec_rsa_pkey_ctx)rrr&r' padding_enumr!r!r" _enc_dec_rsaAs*       r3)rrr&r2r'rcCst|tr|jj}|jj}n|jj}|jj}|j|j|j j }| ||j j k|j ||jj }||}| |dk|j||}| |dk|j|j} | | dkt|tr||jj} |j|| }| |dk||j} |j|| }| |dkt|tr|jdurt|jdkr|jt|j} | | |j j k|j | |jt|j|j|| t|j}| |dk|j d| } |j d| }|||| |t|}|j |d| d}|j|dkrtd|S)Nrsize_t *unsigned char[]zEncryption/decryption failed.)rr%rZEVP_PKEY_encrypt_initZEVP_PKEY_encryptZEVP_PKEY_decrypt_initZEVP_PKEY_decryptEVP_PKEY_CTX_new _evp_pkey_ffiNULLopenssl_assertgcEVP_PKEY_CTX_freeEVP_PKEY_CTX_set_rsa_padding EVP_PKEY_sizer _evp_md_non_null_from_algorithmr, _algorithmEVP_PKEY_CTX_set_rsa_mgf1_mdZEVP_PKEY_CTX_set_rsa_oaep_mdZ_labellenZOPENSSL_mallocmemmoveZ EVP_PKEY_CTX_set0_rsa_oaep_labelnewbufferERR_clear_errorr)rrr&r2r'initZcryptpkey_ctxresZbuf_sizemgf1_mdZoaep_mdZlabelptrZoutlenbufresbufr!r!r"r1esX        r1)rrr' algorithmrcCst|tstd|j|j}||dkt|trB|jj}nnt|t rt|j t sdt dt jt|tjsxtd||jddkrtd|jj}nt d|jt j|S)Nz'Expected provider of AsymmetricPadding.rr(z*Expected instance of hashes.HashAlgorithm.zDDigest too large for key size. Use a larger key or different digest.r))rr r*rr?r8r;r r+r r,r rrr-r HashAlgorithmrrZRSA_PKCS1_PSS_PADDINGr/r0r.)rrr'rNZ pkey_sizer2r!r!r"_rsa_sig_determine_paddings0        rQ)r%r$)rr'rNr init_funcc CsNt||||}|j|j|jj}|||jjk|j||jj}||}|dkrh| }t d||dur| |} |j || }|dkr| t d|jtj|j||}|dkr| t d|jtjt|trJt|tjsJ|j|t||||}||dk| |jj} |j|| }||dk|S)Nr4z#Unable to sign/verify with this keyrz4{} is not supported by this backend for RSA signing.z4{} is not supported for the RSA signature operation.)rQrr7r8r9r:r;r<r=_consume_errorsrr@ZEVP_PKEY_CTX_set_signature_mdrr/r0rZUNSUPPORTED_HASHr>r.rr rrPZ EVP_PKEY_CTX_set_rsa_pss_saltlenr#r,rArB) rr'rNrrRr2rIrJerrorsZevp_mdrKr!r!r"_rsa_sig_setupsR    rUr$)rr'rN private_keyr&rc Cst|||||jj}|jd}|j||jj||t|}||dk|jd|d}|j||||t|}|dkr| } t d| |j |ddS)Nr5r4r6rzuDigest or salt length too long for key size. Use a larger key or shorter salt length if you are specifying a PSS salt) rUrZEVP_PKEY_sign_initr9rEZ EVP_PKEY_signr:rCr;_consume_errors_with_textrrF) rr'rNrVr&rIbuflenrJrLrTr!r!r" _rsa_sig_sign s* rYr%)rr'rN public_key signaturer&rcCsVt|||||jj}|j||t||t|}||dk|dkrR|tdS)Nr)rUrZEVP_PKEY_verify_initZEVP_PKEY_verifyrCr;rSr)rr'rNrZr[r&rIrJr!r!r"_rsa_sig_verify-sr\)rr'rNrZr[rc Cst|||||jj}|j|j}||dk|jd|}|jd|}|j||||t |} |j |d|d} |j | dkrt | S)Nrr6r5r4) rUrZEVP_PKEY_verify_recover_initr?r8r;r9rEZEVP_PKEY_verify_recoverrCrFrGr) rr'rNrZr[rImaxlenrLrXrJrMr!r!r"_rsa_sig_recoverHs&  r^c@seZdZUeed<eed<eed<dedddZeedd d Z e e e d d d Z e dddZedddZejejeje dddZe e ejejejfe dddZdS)r$r8 _rsa_cdata _key_sizer)r_skip_check_keyc CsT|s|j|}|dkr*|}td||jd}|jd}|j|||||d|jjk||d|jjk|j |d} |j |d} | dks| dkr|}td||j ||jj}||dk||_ ||_ ||_ |j jd} |j j|j | |j jj|j jj|j | d|j jjk|j j| d|_dS)Nr4zInvalid private key BIGNUM **r)rZ RSA_check_keyrWrr9rERSA_get0_factorsr;r:Z BN_is_oddZRSA_blinding_on_backendr_r8 RSA_get0_key BN_num_bitsr`) selfr rsa_cdataevp_pkeyrarJrTpqZp_oddZq_oddnr!r!r"__init__qs:      z_RSAPrivateKey.__init__rcCs|jSNr`rgr!r!r"key_sizesz_RSAPrivateKey.key_size) ciphertextr'rcCs2|jdd}|t|kr"tdt|j|||S)Nz,Ciphertext length must be equal to key size.)rrrCrr3rd)rgrsr'Zkey_size_bytesr!r!r"decrypts z_RSAPrivateKey.decryptcCsV|jj|j}|j||jjjk|jj||jjj}|j |}t |j||Sro) rdrZRSAPublicKey_dupr_r;r9r:r<ZRSA_freeZ_rsa_cdata_to_evp_pkeyr%)rgctxrir!r!r"rZs  z_RSAPrivateKey.public_keyc Cs|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jj|j||||j|d|jjjk|j|d|jjjk|j|d|jjjk|jj|j|||j|d|jjjk|j|d|jjjk|jj |j||||j|d|jjjk|j|d|jjjk|j|d|jjjkt |j |d|j |d|j |d|j |d|j |d|j |dt |j |d|j |dddS)Nrbrerl)rjrkddmp1dmq1iqmppublic_numbers) rdr9rErrer_r;r:rcZRSA_get0_crt_paramsr _bn_to_intr) rgrlryrzrjrkr{r|r}r!r!r"private_numberssB z_RSAPrivateKey.private_numbers)encodingr/encryption_algorithmrcCs|j|||||j|jSro)rdZ_private_key_bytesr8r_)rgrr/rr!r!r" private_bytessz_RSAPrivateKey.private_bytes)r&r'rNrcCs t||\}}t|j||||Sro)rrYrd)rgr&r'rNr!r!r"signsz_RSAPrivateKey.signN)__name__ __module__ __qualname__object__annotations__intboolrmpropertyrrbytesr rvrrZrrrEncodingZ PrivateFormatZKeySerializationEncryptionrtypingUnion asym_utils PrehashedrrPrr!r!r!r"r$ls(  .% c@seZdZUeed<eed<eed<ddddZeedd d Ze e e d d d Z e dddZ ejeje dddZe e e ejejejfddddZe e ejeje dddZdS)r%r8r_r`r)rcCst||_||_||_|jjd}|jj|j||jjj|jjj|j|d|jjjk|jj |d|_ dS)Nrbr) rdr_r8r9rErrer:r;rfr`)rgrrhrirlr!r!r"rmsz_RSAPublicKey.__init__rncCs|jSrorprqr!r!r"rrsz_RSAPublicKey.key_size) plaintextr'rcCst|j|||Sro)r3rd)rgrr'r!r!r"encryptsz_RSAPublicKey.encryptcCs|jjd}|jjd}|jj|j|||jjj|j|d|jjjk|j|d|jjjkt|j |d|j |ddS)Nrbrrx) rdr9rErrer_r:r;rr)rgrlryr!r!r"r~sz_RSAPublicKey.public_numbers)rr/rcCs|j||||j|jSro)rdZ_public_key_bytesr8r_)rgrr/r!r!r" public_bytessz_RSAPublicKey.public_bytesN)r[r&r'rNrcCs&t||\}}t|j|||||dSro)rr\rd)rgr[r&r'rNr!r!r"verifysz_RSAPublicKey.verify)r[r'rNrcCs&t|tjrtdt|j||||S)NzoPrehashed is only supported in the sign and verify methods. It cannot be used with recover_data_from_signature.)rrrr*r^rd)rgr[r'rNr!r!r"recover_data_from_signature*s  z)_RSAPublicKey.recover_data_from_signature)rrrrrrrmrrrrr rrr~rrZ PublicFormatrrrrrrrPrOptionalrr!r!r!r"r%s.    )0rZcryptography.exceptionsrrrZ*cryptography.hazmat.backends.openssl.utilsrZcryptography.hazmat.primitivesrrZ)cryptography.hazmat.primitives.asymmetricrrZ1cryptography.hazmat.primitives.asymmetric.paddingr r r r r rrrrZ-cryptography.hazmat.primitives.asymmetric.rsarrrr TYPE_CHECKINGZ,cryptography.hazmat.backends.openssl.backendrrrPrr#rr3r1rrQCallableAnyrUrYr\r^r$r%r!r!r!r"s  ,     % D  1  6 !   $