U +Mb$@sddgZddlZddlmZmZmZmZddlmZddl m Z m Z ddl m Z mZmZddlmZdd lmZdd lmZmZdd dZd d ZdddZdS)encodedecodeN) a2b_base64 b2a_base64hexlify unhexlify)MD5)padunpad)DESDES3AES)PBKDF1)get_random_bytes)tobytestostrc s|dkr t}d|}|r|d}t||ddt}|t|||ddt7}t|tj|}|dtt|7}| t |j n|dk rt dfdd t d td D}|d |7}|d |7}|S)a4Encode a piece of binary data into PEM format. Args: data (byte string): The piece of binary data to encode. marker (string): The marker for the PEM block (e.g. "PUBLIC KEY"). Note that there is no official master list for all allowed markers. Still, you can refer to the OpenSSL_ source code. passphrase (byte string): If given, the PEM block will be encrypted. The key is derived from the passphrase. randfunc (callable): Random number generation function; it accepts an integer N and returns a byte string of random data, N bytes long. If not given, a new one is instantiated. Returns: The PEM block, as a string. .. _OpenSSL: https://github.com/openssl/openssl/blob/master/include/openssl/pem.h Nz-----BEGIN %s----- z2Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,%s zEmpty passwordcs$g|]}tt||dqS)0)rr).0idata4/tmp/pip-target-t616c12r/lib/python/Crypto/IO/PEM.py Zszencode..rrz-----END %s-----)rrrr newMODE_CBCrrupperencryptr block_size ValueErrorrangelenjoin) rmarker passphraseZrandfuncoutsaltkeyZobjencchunksrrrr/s(  cCsVdg}|dd}t|D](}t|d||}||qd|d|S)Nr)r$rrdigestappendr&)rr*Zkey_lendm_ndrrr_EVP_BytesToKeyas    r6cCs\td}||}|s td|d}td}||}|rP|d|krXtd|dd}|ddr|std |d d }t |d ks|d d krtd|dd\}}t t |}d} |dkrt ||d} t | t j|} n|dkr"t ||d} t| tj|} n|dkrRt ||ddd} t| tj|} n|dkrt ||ddd} t| tj|} nv|dkrt ||ddd} t| tj|} nF|dkrt ||ddd} tj| tj|d} d} n td||d d}nd} td|dd} d} | rR| rDt| | | j} n | | } d} | || fS) aDecode a PEM block into binary. Args: pem_data (string): The PEM block. passphrase (byte string): If given and the PEM block is encrypted, the key will be derived from the passphrase. Returns: A tuple with the binary data, the marker string, and a boolean to indicate if decryption was performed. Raises: ValueError: if decoding fails, if the PEM file is encrypted and no passphrase has been provided or if the passphrase is incorrect. z\s*-----BEGIN (.*)-----\s+zNot a valid PEM pre boundaryrz-----END (.*)-----\s*$zNot a valid PEM post boundary rzProc-Type:4,ENCRYPTEDz-PEM is encrypted, but no passphrase available:rzDEK-Infoz$PEM encryption format not supported.,TzDES-CBCrz DES-EDE3-CBCz AES-128-CBCNrz AES-192-CBCz AES-256-CBC z id-aes256-gcm)nonceFz(Unsupport PEM encryption algorithm (%s).r/)recompilematchr#groupsearchreplacesplit startswithr%rrr6r rrr r lowerZMODE_GCMrr&r decryptr")Zpem_datar(rr3r'linesZDEKalgor*paddingr+ZobjdecrZenc_flagrrrrjsb              )NN)N)__all__r>binasciirrrrZ Crypto.HashrZCrypto.Util.Paddingr r Z Crypto.Cipherr r r ZCrypto.Protocol.KDFrZ Crypto.RandomrZCrypto.Util.py3compatrrrr6rrrrr"s    2