9(Zc@`sHddlmZmZmZddlZddlZddlZddlZddlZddlm Z ddl Z ddl m Z m Z ddlmZmZddlmZmZmZmZmZmZmZmZmZmZmZmZmZddlm Z ddl!m"Z"dd l#m$Z$dd l%m&Z&dd l'm(Z(m)Z)m*Z*m+Z+dd l,m-Z-m.Z.m/Z/dd l0m1Z1m2Z2ddl3m4Z4m5Z5m6Z6m7Z7m8Z8m9Z9m:Z:ddl;m<Z<ddl=m>Z>ddl?m@Z@mAZAddlBmCZCmDZDddlEmFZFmGZGmHZHmIZIddlJmKZKddlLmMZMmNZNddlOmPZPmQZQmRZRddlSmTZTmUZUmVZVmWZWddlXmYZYmZZZm[Z[m\Z\m]Z]m^Z^m_Z_m`Z`maZaddlbmcZcmdZdmeZemfZfmgZgmhZhmiZimjZjddlkmlZlejmdddgZne joee joee joee joee joee joee joee joee joee joee joee joee jpeKjqjrjsedetfdYZud etfd!YZvd"ZweuZxdS(#i(tabsolute_importtdivisiontprint_functionN(tcontextmanager(tutilstx509(tUnsupportedAlgorithmt_Reasons( t CMACBackendt CipherBackendtDERSerializationBackendt DHBackendt DSABackendtEllipticCurveBackendt HMACBackendt HashBackendtPBKDF2HMACBackendtPEMSerializationBackendt RSABackendt ScryptBackendt X509Backend(taead(t_CipherContext(t _CMACContext(t _Integers(t _DHParameterst _DHPrivateKeyt _DHPublicKeyt_dh_params_dup(t_DSAParameterst_DSAPrivateKeyt _DSAPublicKey(t_EllipticCurvePrivateKeyt_EllipticCurvePublicKey(t$_CRL_ENTRY_EXTENSION_ENCODE_HANDLERSt_CRL_EXTENSION_ENCODE_HANDLERSt_EXTENSION_ENCODE_HANDLERSt_encode_asn1_int_gct_encode_asn1_str_gct_encode_name_gct _txt2obj_gc(t _HashContext(t _HMACContext(t_RSAPrivateKeyt _RSAPublicKey(t_X25519PrivateKeyt_X25519PublicKey(t _Certificatet_CertificateRevocationListt_CertificateSigningRequestt_RevokedCertificate(tbinding(thashest serialization(tdsatectrsa(tMGF1tOAEPtPKCS1v15tPSS( tAEStARC4tBlowfishtCAST5tCamelliatChaCha20tIDEAtSEEDt TripleDES(tCBCtCFBtCFB8tCTRtECBtGCMtOFBtXTS(tscryptt _MemoryBIOtbiotchar_ptrtBackendcB`seZdZdZdZdZdZejdZ dZ dZ dZ d Z d Zd Zd Zd ZdZdZdZdZdZdZdZdZdZdZdjdZdZdZdZ dZ!dZ"dZ#dZ$d Z%d!Z&d"Z'd#Z(d$Z)d%Z*d&Z+d'Z,d(Z-d)Z.d*Z/d+Z0d,Z1d-Z2d.Z3d/Z4d0Z5d1Z6d2Z7d3Z8d4Z9d5Z:d6Z;d7Z<d8Z=d9Z>d:Z?d;Z@d<ZAd=ZBd>ZCd?ZDd@ZEdAZFdBZGdCZHdDZIdEZJdFZKdGZLdHZMdIZNdJZOdKZPdLZQdMZRdNZSdOZTdPZUdQZVedRZWdSZXdTZYdUZZdVZ[dWZ\dXZ]dYZ^dZZ_d[Z`d\Zad]Zbd^Zcd_Zdd`ZedjdaZfdbZgdcZhddZideZjdfZkdgZldhZmdiZnRS(ks) OpenSSL API binding interfaces. topensslcC`stj|_|jj|_|jj|_i|_|j|j |jj g|_ |jj r|j j |jjndS(N(R3tBindingt_bindingtffit_ffitlibt_libt_cipher_registryt_register_default_cipherstactivate_osrandom_enginet EVP_PKEY_DHt _dh_typestCryptography_HAS_EVP_PKEY_DHXtappendt EVP_PKEY_DHX(tself((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt__init__]s    cC`stj|j|S(N(R3t_openssl_assertRY(Rbtok((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytopenssl_assertiscC`sj|jj}||jjkrf|jj||jj|jj|}|j|dkndS(Ni(RYtENGINE_get_default_RANDRWtNULLtENGINE_unregister_RANDt RAND_cleanupt ENGINE_finishRf(Rbtetres((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytactivate_builtin_randomls  cc`s|jj|jj}|j||jjk|jj|}|j|dkz |VWd|jj|}|j|dk|jj |}|j|dkXdS(Ni( RYt ENGINE_by_idRUt_osrandom_engine_idRfRWRht ENGINE_initt ENGINE_freeRk(RbRlRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_get_osurandom_enginews cC`sU|j|j,}|jj|}|j|dkWdQX|jjdS(Ni(RnRsRYtENGINE_set_default_RANDRfRj(RbRlRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyR\s  c C`s|jjdd}|jG}|jj|dt|||jjd}|j|dkWdQX|jj|j dS(Nschar[]i@tget_implementationitascii( RWtnewRsRYtENGINE_ctrl_cmdtlenRhRftstringtdecode(RbtbufRlRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytosrandom_engine_implementations cC`s+|jj|jj|jjjdS(s Friendly string name of the loaded OpenSSL library. This is not necessarily the same version as it was compiled against. Example: OpenSSL 1.0.1e 11 Feb 2013 Rv(RWRzRYtOpenSSL_versiontOPENSSL_VERSIONR{(Rb((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytopenssl_version_texts cC`s |jjS(N(RYtOpenSSL_version_num(Rb((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytopenssl_version_numberscC`st|||S(N(R*(Rbtkeyt algorithm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_hmac_ctxscC`s\|jdks|jdkrFdj|j|jdjd}n|jjd}|S(Ntblake2btblake2ss{0}{1}iRv(tnametformatt digest_sizetencode(RbRtalg((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_build_openssl_digest_names  cC`s1|j|}|jj|}||jjkS(N(RRYtEVP_get_digestbynameRWRh(RbRRtdigest((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pythash_supportedscC`s |j|S(N(R(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pythmac_supportedscC`s t||S(N(R)(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_hash_ctxscC`sZy#|jt|t|f}Wntk r7tSX||||}|jj|kS(N(RZttypetKeyErrortFalseRWRh(Rbtciphertmodetadaptert evp_cipher((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcipher_supporteds # cC`sG||f|jkr0tdj||n||j||fRtNoneRBRMt_get_xts_cipher(RbRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyR[sZ"       cC`st|||tjS(N(Rt_ENCRYPT(RbRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_symmetric_encryption_ctx scC`st|||tjS(N(Rt_DECRYPT(RbRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_symmetric_decryption_ctxscC`s |j|S(N(R(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytpbkdf2_hmac_supportedsc C`s|jjd|}|jj|jjd}|j||jjk|jj|t ||t |||||}|j|dk|jj |S(Nsunsigned char[]Rvi( RWRwRYRRRRfRhtPKCS5_PBKDF2_HMACRytbuffer( RbRtlengthtsaltt iterationst key_materialR|tevp_mdRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytderive_pbkdf2_hmacs     cC`stj|jS(N(R3t_consume_errorsRY(Rb((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyR(scC`s||jjksttjr|jj|}|jjd|}|jj||}|j |dkt j |jj || dS|jj |}|j ||jjk|jj|}|jj|t |dSdS(Nsunsigned char[]itbigi(RWRhtAssertionErrortsixtPY3RYt BN_num_bytesRwt BN_bn2binRftintt from_bytesRt BN_bn2hexRzt OPENSSL_free(Rbtbnt bn_num_bytestbin_ptrtbin_lent hex_cdatathex_str((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt _bn_to_int+s  cC`s8|d ks$||jjks$t|d kr?|jj}ntjr|jt|jddd}|j j |t ||}|j ||jjk|St |jddjd}|jjd}||d<|j j||}|j |dk|j |d|jjk|dSd S( s  Converts a python integer to a BIGNUM. The returned BIGNUM will not be garbage collected (to support adding them to structs that take ownership of the object). Be sure to register it for GC if it will be discarded after use. g @iRtLiRvs BIGNUM **iN(RRWRhRRRtto_bytesRt bit_lengthRYt BN_bin2bnRyRfthextrstripRRwt BN_hex2bn(RbtnumRtbinarytbn_ptrthex_numRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt _int_to_bn>s$  &" cC`stj|||jj}|j||jjk|jj||jj}|j |}|jj||jj }|jj ||||jj}|j|dk|j |}t |||S(Ni(R8t_verify_rsa_parametersRYtRSA_newRfRWRhtgctRSA_freeRtBN_freetRSA_generate_key_ext_rsa_cdata_to_evp_pkeyR+(Rbtpublic_exponenttkey_sizet rsa_cdataRRmtevp_pkey((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytgenerate_rsa_private_key]s cC`s&|dko%|d@dko%|dkS(Niiii((RbRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt!generate_rsa_parameters_supportedosc C`stj|j|j|j|j|j|j|jj |jj |j j }|j ||jjk|jj||j j}|j|j}|j|j}|j|j}|j|j}|j|j}|j|j}|j|jj } |j|jj } |j j|||} |j | dk|j j|| | |} |j | dk|j j||||} |j | dk|j j||jj} |j | dk|j|} t||| S(Ni(R8t_check_private_key_componentstptqtdtdmp1tdmq1tiqmptpublic_numbersRltnRYRRfRWRhRRRtRSA_set0_factorst RSA_set0_keytRSA_set0_crt_paramstRSA_blinding_onRR+( RbtnumbersRRRRRRRRlRRmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_rsa_private_numbersss<  cC`stj|j|j|jj}|j||jjk|jj ||jj }|j |j}|j |j}|jj ||||jj}|j|dk|j |}t|||S(Ni(R8t_check_public_key_componentsRlRRYRRfRWRhRRRRRR,(RbRRRlRRmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_rsa_public_numberss!cC`sG|jj}|j||jjk|jj||jj}|S(N(RYt EVP_PKEY_newRfRWRhRt EVP_PKEY_free(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_create_evp_pkey_gcscC`s8|j}|jj||}|j|dk|S(Ni(RRYtEVP_PKEY_set1_RSARf(RbRRRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs cC`sk|jjd|}|jj|t|}|j||jjkt|jj||jj |S(s Return a _MemoryBIO namedtuple of (BIO, char*). The char* is the storage for the BIO and it must stay alive until the BIO is finished with. schar[]( RWRwRYtBIO_new_mem_bufRyRfRhRORtBIO_free(Rbtdatat data_char_pRP((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt _bytes_to_bios  cC`sr|jj}|j||jjk|jj|}|j||jjk|jj||jj}|S(s. Creates an empty memory BIO. (RYt BIO_s_memRfRWRhtBIO_newRR(Rbt bio_methodRP((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_create_mem_bio_gcs cC`su|jjd}|jj||}|j|dk|j|d|jjk|jj|d|}|S(sE Reads a memory BIO. This only works on memory BIOs. schar **i(RWRwRYtBIO_get_mem_dataRfRhR(RbRPR|tbuf_lentbio_data((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt _read_mem_bios cC`s|jj|}||jjkrz|jj|}|j||jjk|jj||jj}t |||S||jj kr|jj |}|j||jjk|jj||jj }t |||S||jjkrJ|jj|}|j||jjk|jj||jj}t|||S||jkr|jj|}|j||jjk|jj||jj}t|||StddS(sd Return the appropriate type of PrivateKey given an evp_pkey cdata pointer. sUnsupported key type.N(RYt EVP_PKEY_idt EVP_PKEY_RSAtEVP_PKEY_get1_RSARfRWRhRRR+t EVP_PKEY_DSAtEVP_PKEY_get1_DSAtDSA_freeRt EVP_PKEY_ECtEVP_PKEY_get1_EC_KEYt EC_KEY_freeR R^tEVP_PKEY_get1_DHtDH_freeRR(RbRtkey_typeRt dsa_cdatatec_cdatatdh_cdata((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_evp_pkey_to_private_keys,cC`s|jj|}||jjkrz|jj|}|j||jjk|jj||jj}t |||S||jj kr|jj |}|j||jjk|jj||jj }t |||S||jjkrJ|jj|}|j||jjk|jj||jj}t|||S||jkr|jj|}|j||jjk|jj||jj}t|||StddS(sc Return the appropriate type of PublicKey given an evp_pkey cdata pointer. sUnsupported key type.N(RYRRRRfRWRhRRR,RRRRRRRR!R^R R RR(RbRR RR R R((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_evp_pkey_to_public_keys,cC`sK|jjr7t|tjtjtjtjtjfSt|tjSdS(N( RYtCryptography_HAS_RSA_OAEP_MDt isinstanceR4tSHA1tSHA224tSHA256tSHA384tSHA512(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_oaep_hash_supporteds  cC`st|trtSt|trGt|jtrG|j|jjSt|trt|jtr|j |jjo|j |jo|j dkpt |j dkp|j jdkStSdS(Nii(RR;tTrueR<t_mgfR9Rt _algorithmR:Rt_labelRRyRYtCryptography_HAS_RSA_OAEP_LABELR(Rbtpadding((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytrsa_padding_supporteds!!$cC`s|dkrtdn|jj}|j||jjk|jj||jj}|jj|||jjd|jj|jj|jj}|j|dkt ||S(Niii s+Key size must be 1024 or 2048 or 3072 bits.ii(iii ( RRYtDSA_newRfRWRhRRtDSA_generate_parameters_exR(RbRtctxRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytgenerate_dsa_parameters0s  !cC`sx|jj|j}|j||jjk|jj||jj}|jj||j |}t |||S(N( RYt DSAparams_dupt _dsa_cdataRfRWRhRRtDSA_generate_keyt_dsa_cdata_to_evp_pkeyR(Rbt parametersR"R((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytgenerate_dsa_private_keyAs cC`s|j|}|j|S(N(R#R)(RbRR(((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt'generate_dsa_private_key_and_parametersJscC`s]|jj||||}|j|dk|jj|||}|j|dkdS(Ni(RYt DSA_set0_pqgRft DSA_set0_key(RbR RRtgtpub_keytpriv_keyRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_dsa_cdata_set_valuesNsc C`stj||jj}|jj}|j||jjk|jj ||jj }|j |j }|j |j }|j |j}|j |jj}|j |j}|j|||||||j|} t||| S(N(R6t_check_dsa_private_numbersRtparameter_numbersRYR RfRWRhRRRRRR-tytxR0R'R( RbRR2R RRR-R.R/R((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_dsa_private_numbersTs  c C`stj|j|jj}|j||jjk|jj||jj }|j |jj }|j |jj }|j |jj }|j |j}|jj}|j|||||||j|}t|||S(N(R6t_check_dsa_parametersR2RYR RfRWRhRRRRRR-R3R0R'R( RbRR RRR-R.R/R((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_dsa_public_numbersgs cC`stj||jj}|j||jjk|jj||jj}|j |j }|j |j }|j |j }|jj ||||}|j|dkt||S(Ni(R6R6RYR RfRWRhRRRRRR-R+R(RbRR RRR-Rm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_dsa_parameter_numbersxs cC`s8|j}|jj||}|j|dk|S(Ni(RRYtEVP_PKEY_set1_DSARf(RbR RRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyR's cC`s |j|S(N(R(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytdsa_hash_supportedscC`stS(N(R(RbRRR-((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytdsa_parameters_supportedscC`s|j|td|jS(Nt(RRFt block_size(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcmac_algorithm_supportedscC`s t||S(N(R(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_cmac_ctxsc C`st|tjs!tdnt|tjrUt|tj rUtdn|jj |j j d}|j ||j jk|jj}|j ||j jk|j j||jj}|jj|tjjj}|j |dk|jj|t||j}|j |dk|j}|jj||j}|j |dk|jj}|j ||j jk|j j||jj}|jd|j dt!d|d|jj"d t#|jj$||}|j |dk|jj%||j|}|d krr|j&} |j | d j'|jj(|jj)td nt*||S( Ns.Algorithm must be a registered hash algorithm.s5MD5 is not a supported hash algorithm for EC/DSA CSRsRvit extensionsthandlerstx509_objtadd_funcRisDigest too big for RSA key(+RR4t HashAlgorithmt TypeErrortMD5R8t RSAPrivateKeyRRYRRRRfRWRht X509_REQ_newRt X509_REQ_freetX509_REQ_set_versionRtVersiontv1tvaluetX509_REQ_set_subject_nameR't _subject_namet public_keytX509_REQ_set_pubkeyt _evp_pkeytsk_X509_EXTENSION_new_nulltsk_X509_EXTENSION_freet_create_x509_extensionst _extensionsR$tsk_X509_EXTENSION_insertRtX509_REQ_add_extensionst X509_REQ_signRt_lib_reason_matcht ERR_LIB_RSAt RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEYR1( Rbtbuildert private_keyRRtx509_reqRmRPt sk_extensionterrors((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_x509_csrsV              c C`s"t|tjs!tdnt|tjsBtdnt|tjrvt|tj rvt dn|j j |j j d}|j||jjk|j j}|jj|tj j}|j j||jj}|j|dk|j j|t||j}|j|dk|j j||jj}|j|dkt||j}|j j ||}|j|dk|j j!|j j"|t#j$|j%j&}||jjkr|j'n|j j!|j j(|t#j$|j)j&}||jjkrE|j'n|j*d|j+dt,d|d |j j-d t.|j j/|t||j0}|j|dk|j j1||j|}|d kr|j2}|j|d j3|j j4|j j5t d nt6||S( NsBuilder type mismatch.s.Algorithm must be a registered hash algorithm.s=MD5 is not a supported hash algorithm for EC/DSA certificatesRviR@RARBRCRisDigest too big for RSA key(7RRtCertificateBuilderRER4RDRFR8RGRRYRRRRfRWRhtX509_newRtbackendt X509_freetX509_set_versiont_versionRMtX509_set_subject_nameR'ROtX509_set_pubkeyt _public_keyRRR%t_serial_numbertX509_set_serialNumbert ASN1_TIME_settX509_get_notBeforetcalendarttimegmt_not_valid_beforet timetuplet_raise_time_set_errortX509_get_notAftert_not_valid_afterRURVR$t X509_add_extRtX509_set_issuer_namet _issuer_namet X509_signRRZR[R\R/( RbR]R^RRt x509_certRmt serial_numberRa((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_x509_certificatesj                 cC`sE|j}|j|dj|jj|jjtddS(NisVInvalid time. This error can occur if you set a time too far in the future on Windows.(RRfRZRYt ERR_LIB_ASN1tASN1_R_ERROR_GETTING_TIMER(RbRa((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRtAs   c C`sXt|tjs!tdnt|tjsBtdnt|tjrvt|tj rvt dn|j j |j j d}|j||jjk|j j}|jj|tj j}|j j|d}|j|dk|j j|t||j}|j|dk|j j|jjtj|jj}|j||jjk|jj||j j}|j j||}|j|dk|j j|jjtj|j j}|j||jjk|jj||j j}|j j!||}|j|dk|j"d|j#dt$d|d |j j%d t&xg|j'D]\} |j j(| j)} |j| |jjk|j j*|| }|j|dkqW|j j+||j,|}|d krK|j-} |j| d j.|j j/|j j0t d nt1||S( NsBuilder type mismatch.s.Algorithm must be a registered hash algorithm.s5MD5 is not a supported hash algorithm for EC/DSA CRLsRviR@RARBRCRisDigest too big for RSA key(2RRt CertificateRevocationListBuilderRER4RDRFR8RGRRYRRRRfRWRht X509_CRL_newRRet X509_CRL_freetX509_CRL_set_versiontX509_CRL_set_issuer_nameR'RyRnRpRqt _last_updateRstASN1_TIME_freetX509_CRL_set_lastUpdatet _next_updatetX509_CRL_set_nextUpdateRURVR#tX509_CRL_add_extRt_revoked_certificatestCryptography_X509_REVOKED_dupt _x509_revokedtX509_CRL_add0_revokedt X509_CRL_signRRRRZR[R\R0( RbR]R^RRtx509_crlRmt last_updatet next_updatet revoked_certtrevokedRa((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_x509_crlNsh    $ $          c C`sxt|D]\}}|j||}|j||jjk|rh|jj||jj}n||||} |j| dkq WdS(Ni(t enumeratet_create_x509_extensionRfRWRhRRYtX509_EXTENSION_free( RbR@RARBRCRtit extensiontx509_extensionRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRUs  cC`sCt||jj}|jj|jj||jr9dnd|S(Nii(R(toidt dotted_stringRYtX509_EXTENSION_create_by_OBJRWRhtcritical(RbRRMtobj((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_create_raw_x509_extensions c C`sct|jtjrIt||jjt|jj}|j||St|jtjrtg|jD]}|j^qkj }t||t|}|j||Sy||j }Wn)t k rt dj |j nX|||j}|jj|j jjd}tj||jjk|jj||jrUdnd|SdS(NsExtension not supported: {0}Rvii(RRMRtUnrecognizedExtensionR&RyRt TLSFeatureRtdumpRRtNotImplementedErrorRRYt OBJ_txt2nidRRReRft NID_undeftX509V3_EXT_i2dR( RbRARRMR4tasn1Rt ext_structtnid((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs&!+   c C`sht|tjs!tdn|jj}|j||jjk|jj ||jj }t ||j }|jj ||}|j|dk|jj|jjtj|jj}|j||jjk|jj ||jj}|jj||}|j|dk|jd|jdtd|d|jjdtt|d|S(NsBuilder type mismatch.iR@RARBRCR(RRtRevokedCertificateBuilderRERYtX509_REVOKED_newRfRWRhRtX509_REVOKED_freeR%RltX509_REVOKED_set_serialNumberRnRpRqt_revocation_dateRsRtX509_REVOKED_set_revocationDateRURVR"tX509_REVOKED_add_extRR2R(RbR]t x509_revokedR|Rmtrev_date((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytcreate_x509_revoked_certificates.       cC`s|j|jj|j||S(N(t _load_keyRYtPEM_read_bio_PrivateKeyR(RbRtpassword((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_pem_private_keys  cC`s5|j|}|jj|j|jj|jj|jj}||jjkry|jj||jj}|j|S|j |jj |j}|j |dk|jj |j|jj|jj|jj}||jjkr'|jj||jj }|j|}t|||S|jdS(Ni(RRYtPEM_read_bio_PUBKEYRPRWRhRRRRt BIO_resetRftPEM_read_bio_RSAPublicKeyRRR,t_handle_key_loading_error(RbRtmem_bioRRmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_pem_public_keys  '   'cC`s|j|}|jj|j|jj|jj|jj}||jjkry|jj||jj}t||S|j dS(N( RRYtPEM_read_bio_DHparamsRPRWRhRR RR(RbRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_pem_parameterss ' cC`sW|j|}|j||}|r4|j|S|j|jj|j||SdS(N(Rt"_evp_pkey_from_der_traditional_keyRRRYtd2i_PKCS8PrivateKey_bio(RbRRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_der_private_keys  cC`s||jj|j|jj}||jjkrj|jj||jj}|dk rftdn|S|j dSdS(Ns4Password was given but private key is not encrypted.( RYtd2i_PrivateKey_bioRPRWRhRRRRER(RbRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyR1s   cC`s|j|}|jj|j|jj}||jjkrg|jj||jj}|j|S|j |jj |j}|j |dk|jj |j|jj}||jjkr|jj||jj }|j|}t|||S|jdS(Ni(RRYtd2i_PUBKEY_bioRPRWRhRRRRRRftd2i_RSAPublicKey_bioRRR,R(RbRRRRmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_der_public_key?s   cC`s|j|}|jj|j|jj}||jjkrg|jj||jj}t||S|jj r|j |jj |j}|j |dk|jj |j|jj}||jjkr|jj||jj}t||Sn|jdS(Ni(RRYtd2i_DHparams_bioRPRWRhRR RR_RRRftCryptography_d2i_DHxparams_bioR(RbRRRRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_der_parametersVs      cC`s|j|}|jj|j|jj|jj|jj}||jjkrj|jtdn|jj||jj }t ||S(NsUnable to load certificate( RRYtPEM_read_bio_X509RPRWRhRRRRfR/(RbRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_pem_x509_certificatels ' cC`s|j|}|jj|j|jj}||jjkrX|jtdn|jj||jj }t ||S(NsUnable to load certificate( RRYt d2i_X509_bioRPRWRhRRRRfR/(RbRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_der_x509_certificatexs cC`s|j|}|jj|j|jj|jj|jj}||jjkrj|jtdn|jj||jj }t ||S(NsUnable to load CRL( RRYtPEM_read_bio_X509_CRLRPRWRhRRRRR0(RbRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_pem_x509_crls ' cC`s|j|}|jj|j|jj}||jjkrX|jtdn|jj||jj }t ||S(NsUnable to load CRL( RRYtd2i_X509_CRL_bioRPRWRhRRRRR0(RbRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_der_x509_crls cC`s|j|}|jj|j|jj|jj|jj}||jjkrj|jtdn|jj||jj }t ||S(NsUnable to load request( RRYtPEM_read_bio_X509_REQRPRWRhRRRRIR1(RbRRR_((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_pem_x509_csrs ' cC`s|j|}|jj|j|jj}||jjkrX|jtdn|jj||jj }t ||S(NsUnable to load request( RRYtd2i_X509_REQ_bioRPRWRhRRRRIR1(RbRRR_((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_der_x509_csrs c C`s|j|}|dk r:t|t r:tdn|jjd}|dk r|jjd|}||_t||_ n||j |jj |jj |j jd|}||jj krT|jdkrG|j} |j| |jdkrtdqQ|jdks(ttd j|jd qT|jn|jj||j j}|dk r|jdkrtd n|dk r|jd ks|dkst||S( NsPassword must be bytessCRYPTOGRAPHY_PASSWORD_DATA *schar []tCryptography_pem_password_cbiis3Password was not given but private key is encryptedisBPasswords longer than {0} bytes are not supported by this backend.is4Password was given but private key is not encrypted.(RRRtbytesRERWRwRRyRRPRht addressofRYt _original_libterrorRRfRRRtmaxsizeRRRtcalled( Rbtopenssl_read_funct convert_funcRRRtuserdatat password_bufRRa((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRsB          c`s<j}|s!tdn|djjjjjse|djjjjjrttdn|djjjjjs|djjj jj rt dt j nktfd|Drtdn@|djjjjj jjfks,ttddS(NsCould not deserialize key data.is Bad decrypt. Incorrect password?s0PEM data is encrypted with an unsupported cipherc3`s-|]#}|jjjjjVqdS(N(RZRYt ERR_LIB_EVPt'EVP_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM(t.0R(Rb(sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pys ss!Unsupported public key algorithm.(RRRZRYRtEVP_R_BAD_DECRYPTtERR_LIB_PKCS12t!PKCS12_R_PKCS12_CIPHERFINAL_ERRORtEVP_R_UNKNOWN_PBE_ALGORITHMt ERR_LIB_PEMtPEM_R_UNSUPPORTED_ENCRYPTIONRRtUNSUPPORTED_CIPHERtanyRXR~R(RbRa((RbsR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs2           cC`sy|j|}Wntk r2|jj}nX|jj|}||jjkr|j}|j||jjkp|dj |jj |jj t S|j||jjk|jj |tSdS(Ni(t_elliptic_curve_to_nidRRYRtEC_GROUP_new_by_curve_nameRWRhRRfRZt ERR_LIB_ECtEC_R_UNKNOWN_GROUPRt EC_GROUP_freeR(Rbtcurvet curve_nidR"Ra((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytelliptic_curve_supporteds     cC`s#t|tjstS|j|S(N(RR7tECDSARR(Rbtsignature_algorithmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt,elliptic_curve_signature_algorithm_supported%scC`s|j|r|j|}|jj|}|j||jjk|jj||jj}|jj |}|j|dk|j |}t |||St dj |jtjdS(s@ Generate a new private key on the named curve. is$Backend object does not support {0}.N(RRRYtEC_KEY_new_by_curve_nameRfRWRhRRtEC_KEY_generate_keyt_ec_cdata_to_evp_pkeyR RRRRtUNSUPPORTED_ELLIPTIC_CURVE(RbRRR RmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt#generate_elliptic_curve_private_key.scC`s|j}|j|j}|jj|}|j||jjk|jj||jj }|j ||j |j }|jj|j |j|jj}|jj||}|j|dk|j|}t|||S(Ni(RRRRYRRfRWRhRRt)_ec_key_set_public_key_affine_coordinatesR4R3Rt private_valueRtEC_KEY_set_private_keyRR (RbRtpublicRR RRmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt#load_elliptic_curve_private_numbersFs  cC`s|j|j}|jj|}|j||jjk|jj||jj}|j ||j |j }|j |}t |||S(N(RRRYRRfRWRhRRRR4R3RR!(RbRRR R((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt"load_elliptic_curve_public_numbers[sc C`s|j|}|jj|}|j||jjk|jj||jj}|j|\}}|jj |}|j||jjk|jj||jj }|j |}|jj||jj }|j } |jj||||jj|jj| } |j| dk|jj| } |jj| } |||| | | } |j| dkWdQX|jj||} |j| dk|jj||j |} |j| dk|j|} t||| S(Ni(RRYRRfRWRhRRt _ec_key_determine_group_get_funct EC_POINT_newt EC_POINT_freeRRt _tmp_bn_ctxt EC_POINT_mult BN_CTX_gettEC_KEY_set_public_keyRRR (RbRRRR tget_functgrouptpointRMtbn_ctxRmtbn_xtbn_yR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt!derive_elliptic_curve_private_keyhs2 cC`s|j|ot|tjS(N(RRR7tECDH(RbRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt+elliptic_curve_exchange_algorithm_supportedscC`s8|j}|jj||}|j|dk|S(Ni(RRYtEVP_PKEY_set1_EC_KEYRf(RbR RRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs cC`s{idd6dd6}|j|j|j}|jj|j}||jjkrwtdj|jtj n|S(s/ Get the NID for a curve name. t prime192v1t secp192r1t prime256v1t secp256r1s%{0} is not a supported elliptic curve( tgetRRYt OBJ_sn2nidRRRRRR(RbRt curve_aliasest curve_nameR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs cc`st|jj}|j||jjk|jj||jj}|jj|z |VWd|jj|XdS(N( RYt BN_CTX_newRfRWRhRt BN_CTX_freet BN_CTX_startt BN_CTX_end(RbR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs cC`s|j||jjk|jjd}|j||jjk|jj|}|j||jjk|jj|}|j||jjk|jj|}|j||jjk||kr|jj r|jj }n |jj }|st ||fS(su Given an EC_KEY determine the group and what function is required to get point coordinates. scharacteristic-two-field( RfRWRhRYRRtEC_KEY_get0_grouptEC_GROUP_method_oftEC_METHOD_get_field_typetCryptography_HAS_EC2Mt$EC_POINT_get_affine_coordinates_GF2mt#EC_POINT_get_affine_coordinates_GFpR(RbR"t nid_two_fieldR tmethodRR ((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs  cC`s|dks|dkr'tdn|jj|j||jj}|jj|j||jj}|jj|||}|dkr|jtdn|S(sg Sets the public key point in the EC_KEY context to the affine x and y values. is2Invalid EC key. Both x and y must be non-negative.isInvalid EC key.(RRWRRRYRt(EC_KEY_set_public_key_affine_coordinatesR(RbR"R4R3Rm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs $$  cC`st|tjs!tdnt|tjsBtdnt|tjrod}d}|jj}nct|tjr|j j d}|j }t |}|dkrt dqn t d|j j|} |tjjkr|tjjkr|j j} |} q2|tjjks5t| |j jkrV|j j} nE| |j jkrw|j j} n$| |j jkst|j j} |} n|tjjkr&|tjjkrt|tjst d n|j| |S|tjjkst|j j} |} n td |j} | | | ||||jj|jj} |j| d k|j | S( Ns2format must be an item from the PrivateFormat enumsBEncryption algorithm must be a KeySerializationEncryption instancetis aes-256-cbcisBPasswords longer than 1023 bytes are not supported by this backendsUnsupported encryption typesDEncryption is not supported for DER encoded traditional OpenSSL keyss/encoding must be an item from the Encoding enumi(!RR5t PrivateFormatREtKeySerializationEncryptiont NoEncryptionRWRhtBestAvailableEncryptionRYtEVP_get_cipherbynameRRyRRtEncodingtPEMtPKCS8tPEM_write_bio_PKCS8PrivateKeytTraditionalOpenSSLRRtPEM_write_bio_RSAPrivateKeyRtPEM_write_bio_DSAPrivateKeyRtPEM_write_bio_ECPrivateKeytDERt"_private_key_bytes_traditional_derti2d_PKCS8PrivateKey_bioRRfR(RbtencodingRtencryption_algorithmRtcdataRtpasslenRR t write_bioRRPRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_private_key_bytessp                    cC`s||jjkr!|jj}nF||jjkrB|jj}n%|j||jjk|jj}|j}|||}|j|dk|j |S(Ni( RYRti2d_RSAPrivateKey_bioRti2d_ECPrivateKey_bioRfRti2d_DSAPrivateKey_bioRR(RbR R=R?RPRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyR99s  c C`st|tjs!tdn|tjjksE|tjjkr|tjjk si|tjjk rxtdn|j|S|tjjkr|tjj kr|j j }n$|tjj kst |j j}|}n|tjjkri|j j||j jkst |tjj kr<|j j}n$|tjj ksTt |j j}|}n td|j}|||}|j|dk|j|S(Ns/encoding must be an item from the Encoding enums1OpenSSH format must be used with OpenSSH encodings1format must be an item from the PublicFormat enumi(RR5R0REt PublicFormattOpenSSHRt_openssh_public_key_bytestSubjectPublicKeyInfoR1RYtPEM_write_bio_PUBKEYR8Rti2d_PUBKEY_biotPKCS1RRtPEM_write_bio_RSAPublicKeyti2d_RSAPublicKey_bioRRfR( RbR;RRRR=R?RPRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_public_key_bytesGs8    $    cC`st|tjrX|j}dtjtjdtj|j tj|j St|t j r|j}|j }dtjtjdtj|jtj|jtj|jtj|jSt|tjst|j}y5idtj6dtj6dtj6t|j}Wntk rQtdnXd |d tjtjd |tj|tj|jSdS( Nsssh-rsa sssh-rsasssh-dss sssh-dsstnistp256tnistp384tnistp521sZOnly SECP256R1, SECP384R1, and SECP521R1 curves are supported by the SSH public key formats ecdsa-sha2-t (RR8t RSAPublicKeyRtbase64t b64encodeR5t_ssh_write_stringt_ssh_write_mpintRlRR6t DSAPublicKeyR2RRR-R3R7tEllipticCurvePublicKeyRt SECP256R1t SECP384R1t SECP521R1RRRRt encode_point(RbRRR2R((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRFss2     <      cC`s+|tjjkr!tdn|jjd}|jj||jj||jj|tjj kr|d|jjkr|jj }q|jj }nR|tjj kr|d|jjkr|jj }q|jj}n td|j}|||}|j|dk|j|S(Ns!OpenSSH encoding is not supporteds BIGNUM **is/encoding must be an item from the Encoding enumi(R5R0RERERWRwRYt DH_get0_pqgRhR1tPEM_write_bio_DHxparamstPEM_write_bio_DHparamsR8tCryptography_i2d_DHxparams_bioti2d_DHparams_bioRRfR(RbR;RR=RR?RPRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_parameter_bytess*      cC`s|dkrtdn|dkr6tdn|jj}|j||jjk|jj||jj}|jj||||jj}|j|dkt ||S(Nis%DH key_size must be at least 512 bitsiisDH generator must be 2 or 5i(ii( RRYtDH_newRfRWRhRR tDH_generate_parameters_exR(Rbt generatorRtdh_param_cdataRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytgenerate_dh_parameterss   cC`s8|j}|jj||}|j|dk|S(Ni(RRYtEVP_PKEY_set1_DHRf(RbRRRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt_dh_cdata_to_evp_pkeys cC`sVt|j|}|jj|}|j|dk|j|}t|||S(Ni(Rt _dh_cdataRYtDH_generate_keyRfRiR(RbR(t dh_key_cdataRmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytgenerate_dh_private_keys cC`s|j|j||S(N(RmRg(RbReR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt&generate_dh_private_key_and_parameterssc C`s|jj}|jj}|j||jjk|jj||jj}|j |j }|j |j }|j dk r|j |j }n |jj}|j |jj}|j |j}|jj||||} |j| dk|jj|||} |j| dk|jjdd} |jj|| } |j| dk| ddkr|j dko| d|jjAdk rtdn|j|} t||| S(Nisint[]iis.DH private numbers did not pass safety checks.(RR2RYRcRfRWRhRR RRR-RRR3R4t DH_set0_pqgt DH_set0_keyRwtCryptography_DH_checktDH_NOT_SUITABLE_GENERATORRRiR( RbRR2RRR-RR.R/RmtcodesR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_dh_private_numberss2    c C`s0|jj}|j||jjk|jj||jj}|j}|j|j }|j|j }|j dk r|j|j }n |jj}|j|j }|jj||||}|j|dk|jj|||jj}|j|dk|j|} t||| S(Ni(RYRcRfRWRhRR R2RRR-RRR3RoRpRiR( RbRRR2RR-RR.RmR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_dh_public_numberss   cC`s|jj}|j||jjk|jj||jj}|j|j}|j|j }|j dk r|j|j }n |jj}|jj ||||}|j|dkt ||S(Ni(RYRcRfRWRhRR RRR-RRRoR(RbRRRR-RRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytload_dh_parameter_numbers+s cC`s|jj}|j||jjk|jj||jj}|j|}|j|}|dk r|j|}n |jj}|jj ||||}|j|dk|jj dd}|jj ||}|j|dk|ddkS(Nisint[]i( RYRcRfRWRhRR RRRoRwRq(RbRR-RRRmRs((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytdh_parameters_supported=s  cC`s|jjdkS(Ni(RYR_(Rb((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytdh_x942_serialization_supportedSsc`st|}jjd}jj||}j|djjkjj|fd}j|dkjj|d|S(Nsunsigned char **ic`sjj|dS(Ni(RYR(tpointer(Rb(sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt\s( R'RWRwRYt i2d_X509_NAMERfRhRR(RbRt x509_nametppRm((RbsR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytx509_name_bytesVs cC`sx|j}|jj||jj}tj|dk|jj||t|}tj|dkt||S(Ni( RRYtEVP_PKEY_set_typet NID_X25519ReRftEVP_PKEY_set1_tls_encodedpointRyR.(RbRRRm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytx25519_load_public_bytesas  cC`sxd}|j||}tjj|j|jj}|j||jjk|jj||jj }t ||S(Ns0.0+en" ( RReRYRRPRWRhRfRRR-(RbRt pkcs8_prefixRPR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytx25519_load_private_bytesks cC`s|jj|jj|jj}|j||jjk|jj||jj}|jj|}|j|dk|jj d}|jj ||}|j|dk|j|d|jjk|jj|d|jj }t ||S(Nis EVP_PKEY **i( RYtEVP_PKEY_CTX_new_idRRWRhRfRtEVP_PKEY_CTX_freetEVP_PKEY_keygen_initRwtEVP_PKEY_keygenRR-(Rbt evp_pkey_ctxRmt evp_ppkeyR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytx25519_generate_keys  cC`s |jjS(N(RYt#CRYPTOGRAPHY_OPENSSL_110_OR_GREATER(Rb((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytx25519_supportedsc C`su|jjd|}|jj|t||t||||tj|| }|j|dk|jj|S(Nsunsigned char[]i( RWRwRYtEVP_PBE_scryptRyRNt _MEM_LIMITRfR( RbRRRRtrRR|Rm((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt derive_scrypts  !cC`s+tj|}|jj||jjkS(N(Rt_aead_cipher_nameRYR/RWRh(RbRt cipher_name((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytaead_cipher_supportedsN(ot__name__t __module__t__doc__RRcRfRnt contextlibRRsR\R}RRRRRRRRRR[RRRRRRRRRRRRRRRRRRRRRR#R)R*R0R5R7R8R'R:R;R>R?RbR}RtRRURRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR@R9RMRFRbRgRiRmRnRtRuRvRwRxR~RRRRRR(((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRRHs          9          "                   K \ V           3 -    %      Q  , &     0        RcB`seZdZdZRS(cC`s ||_dS(N(t_fmt(Rbtfmt((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRcscC`s:|jjd|d|j}|jj|jdS(NRRRv(RRtlowerRYR/R(RbReRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyt__call__s!(RRRcR(((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs cC`s/dj|jd}|jj|jdS(Ns aes-{0}-xtsiRv(RRRYR/R(ReRRR((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pyRs(yt __future__RRRRSRpt collectionsRRRRt cryptographyRRtcryptography.exceptionsRRt'cryptography.hazmat.backends.interfacesRR R R R R RRRRRRRt$cryptography.hazmat.backends.opensslRt,cryptography.hazmat.backends.openssl.ciphersRt)cryptography.hazmat.backends.openssl.cmacRt0cryptography.hazmat.backends.openssl.decode_asn1Rt'cryptography.hazmat.backends.openssl.dhRRRRt(cryptography.hazmat.backends.openssl.dsaRRRt'cryptography.hazmat.backends.openssl.ecR R!t0cryptography.hazmat.backends.openssl.encode_asn1R"R#R$R%R&R'R(t+cryptography.hazmat.backends.openssl.hashesR)t)cryptography.hazmat.backends.openssl.hmacR*t(cryptography.hazmat.backends.openssl.rsaR+R,t+cryptography.hazmat.backends.openssl.x25519R-R.t)cryptography.hazmat.backends.openssl.x509R/R0R1R2t$cryptography.hazmat.bindings.opensslR3tcryptography.hazmat.primitivesR4R5t)cryptography.hazmat.primitives.asymmetricR6R7R8t1cryptography.hazmat.primitives.asymmetric.paddingR9R:R;R<t1cryptography.hazmat.primitives.ciphers.algorithmsR=R>R?R@RARBRCRDREt,cryptography.hazmat.primitives.ciphers.modesRFRGRHRIRJRKRLRMt"cryptography.hazmat.primitives.kdfRNt namedtupleROtregister_interfacetregister_interface_ifRTRXtCryptography_HAS_SCRYPTtobjectRRRRRe(((sR/tmp/pip-build-wDUJoH/cryptography/cryptography/hazmat/backends/openssl/backend.pytsp      X"4""@:            :T