Current File : //lib64/python3.9/site-packages/cryptography/hazmat/backends/openssl/__pycache__/rsa.cpython-39.pyc
a

ope�S�@sZddlZddlmZddlmZmZmZddlmZm	Z	m
Z
ddlmZm
Z
ddlmZmZmZddlmZmZmZmZmZmZddlmZmZmZmZeejeefeje d	�d
d�Z!ejde"ee"d
�dd�Z#ejde"e ee"d�dd�Z$dd�Z%dd�Z&dd�Z'dd�Z(dd�Z)Gdd�de�Z*Gdd �d e�Z+Gd!d"�d"e�Z,Gd#d$�d$e�Z-dS)%�N)�utils)�InvalidSignature�UnsupportedAlgorithm�_Reasons)�_calculate_digest_and_algorithm�_check_not_prehashed�_warn_sign_verify_deprecated)�hashes�
serialization)�AsymmetricSignatureContext�AsymmetricVerificationContextr)�AsymmetricPadding�MGF1�OAEP�PKCS1v15�PSS�calculate_max_pss_salt_length)�
RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers)�pss�key�hash_algorithm�returncCs,|j}|tjus|tjur$t||�S|SdS�N)Z_salt_lengthrZ
MAX_LENGTHrr)rrrZsalt�r�N/usr/lib64/python3.9/site-packages/cryptography/hazmat/backends/openssl/rsa.py�_get_rsa_pss_salt_length)s
r)�_RSAPrivateKey�
_RSAPublicKey)r�data�paddingrcCs�t|t�std��t|t�r&|jj}nVt|t�rh|jj}t|jt	�sPt
dtj��|�
|�s|t
dtj��nt
d�|j�tj��t|||||�S)Nz1Padding must be an instance of AsymmetricPadding.�'Only MGF1 is supported by this backend.zPThis combination of padding and hash algorithm is not supported by this backend.�${} is not supported by this backend.)�
isinstancer
�	TypeErrorr�_lib�RSA_PKCS1_PADDINGrZRSA_PKCS1_OAEP_PADDING�_mgfrrr�UNSUPPORTED_MGFZrsa_padding_supported�UNSUPPORTED_PADDING�format�name�_enc_dec_rsa_pkey_ctx)�backendrr!r"�padding_enumrrr�_enc_dec_rsa6s*



�
�
�r1)rr!r0r"rcCs
t|t�r|jj}|jj}n|jj}|jj}|j�|j|j	j
�}|�||j	j
k�|j	�||jj
�}||�}|�|dk�|j�||�}|�|dk�|j�|j�}	|�|	dk�t|t��r|jj�r|�|jj�}
|j�||
�}|�|dk�|�|j�}|j�||�}|�|dk�t|t��r�|jdu�r�t|j�dk�r�|j�t|j��}|�||j	j
k�|j	�||jt|j��|j�||t|j��}|�|dk�|j	�d|	�}
|j	�d|	�}||||
|t|��}|j	�|�d|
d�}|j��|dk�rtd��|S)N�r�size_t *�unsigned char[]zEncryption/decryption failed.) r%r r'ZEVP_PKEY_encrypt_initZEVP_PKEY_encryptZEVP_PKEY_decrypt_initZEVP_PKEY_decrypt�EVP_PKEY_CTX_new�	_evp_pkey�_ffi�NULL�openssl_assert�gc�EVP_PKEY_CTX_free�EVP_PKEY_CTX_set_rsa_padding�
EVP_PKEY_sizerZCryptography_HAS_RSA_OAEP_MD�_evp_md_non_null_from_algorithmr)�
_algorithm�EVP_PKEY_CTX_set_rsa_mgf1_mdZEVP_PKEY_CTX_set_rsa_oaep_mdZ_label�lenZOPENSSL_mallocZmemmoveZ EVP_PKEY_CTX_set0_rsa_oaep_label�new�buffer�ERR_clear_error�
ValueError)r/rr!r0r"�initZcrypt�pkey_ctx�resZbuf_size�mgf1_mdZoaep_mdZlabelptrZoutlen�buf�resbufrrrr.ZsX

�����

r.cCs�t|t�std��|j�|j�}|�|dk�t|t�rB|jj}nnt|t	�r�t|j
t�sdtdt
j��t|tj�sxtd��||jddkr�td��|jj}ntd�|j�t
j��|S)Nz'Expected provider of AsymmetricPadding.rr#z*Expected instance of hashes.HashAlgorithm.�zDDigest too large for key size. Use a larger key or different digest.r$)r%r
r&r'r=r6r9rr(rr)rrrr*r	�
HashAlgorithm�digest_sizerEZRSA_PKCS1_PSS_PADDINGr,r-r+)r/rr"�	algorithmZ	pkey_sizer0rrr�_rsa_sig_determine_padding�s0



��

�rPcCs<t||||�}|j�|j|jj�}|�||jjk�|j�||jj�}||�}|dkrh|�	�}t
d|��|dur�|�|�}	|j�||	�}|dkr�|�	�t
d�|j�tj��|j�||�}|dkr�|�	�t
d�|j�tj��t|t��r8|j�|t|||��}|�|dk�|�|jj�}
|j�||
�}|�|dk�|S)Nr2z#Unable to sign/verify with this keyrz4{} is not supported by this backend for RSA signing.z4{} is not supported for the RSA signature operation.)rPr'r5r6r7r8r9r:r;�_consume_errorsrEr>ZEVP_PKEY_CTX_set_signature_mdrr,r-rZUNSUPPORTED_HASHr<r+r%rZ EVP_PKEY_CTX_set_rsa_pss_saltlenrr)r?r@)r/r"rOrZ	init_funcr0rGrH�errorsZevp_mdrIrrr�_rsa_sig_setup�sN

������rSc
Cs�t|||||jj�}|j�d�}|j�||jj||t|��}|�|dk�|j�d|d�}|j�||||t|��}|dkr�|�	�}	t
d|	��|j�|�dd�S)Nr3r2r4rzuDigest or salt length too long for key size. Use a larger key or shorter salt length if you are specifying a PSS salt)rSr'ZEVP_PKEY_sign_initr7rBZ
EVP_PKEY_signr8rAr9�_consume_errors_with_textrErC)
r/r"rO�private_keyr!rG�buflenrHrJrRrrr�
_rsa_sig_sign�s*���rWcCsVt|||||jj�}|j�||t|�|t|��}|�|dk�|dkrR|��t�dS)Nr)rSr'ZEVP_PKEY_verify_initZEVP_PKEY_verifyrAr9rQr)r/r"rO�
public_key�	signaturer!rGrHrrr�_rsa_sig_verify
s��rZcCs�t|||||jj�}|j�|j�}|�|dk�|j�d|�}|j�d|�}|j�||||t	|��}	|j�
|�d|d�}
|j��|	dkr�t�|
S)Nrr4r3r2)
rSr'ZEVP_PKEY_verify_recover_initr=r6r9r7rBZEVP_PKEY_verify_recoverrArCrDr)r/r"rOrXrYrG�maxlenrJrVrHrKrrr�_rsa_sig_recover!s&�
�
r\c@s>eZdZeeejd�dd�Zedd�dd�Z	ed�d	d
�Z
dS)�_RSASignatureContext)rUr"rOcCs<||_||_t||||�||_||_t�|j|j�|_dSr)�_backend�_private_keyrP�_paddingr?r	�Hash�	_hash_ctx)�selfr/rUr"rOrrr�__init__@sz_RSASignatureContext.__init__N�r!rcCs|j�|�dSr�rb�update�rcr!rrrrgRsz_RSASignatureContext.update�rcCst|j|j|j|j|j���Sr)rWr^r`r?r_rb�finalize�rcrrrrjUs�z_RSASignatureContext.finalize)�__name__�
__module__�__qualname__rr
r	rMrd�bytesrgrjrrrrr]?s�r]c@s@eZdZeeeejd�dd�Zedd�dd�Z	dd�d	d
�Z
dS)�_RSAVerificationContext)rXrYr"rOcCsF||_||_||_||_t||||�|}||_t�|j|j�|_dSr)	r^�_public_key�
_signaturer`rPr?r	rarb)rcr/rXrYr"rOrrrrd`sz _RSAVerificationContext.__init__NrecCs|j�|�dSrrfrhrrrrgusz_RSAVerificationContext.updatericCs"t|j|j|j|j|j|j���Sr)rZr^r`r?rqrrrbrjrkrrr�verifyxs�z_RSAVerificationContext.verify)rlrmrnrror
r	rMrdrgrsrrrrrp_s�rpc@s�eZdZdd�Ze�d�Zeej	e
d�dd�Zeeed�dd	�Z
ed
�dd�Zed
�d
d�Zejejejed�dd�Zeeejejej	fed�dd�ZdS)rcCs�|s*|j�|�}|dkr*|��}td|��|j�||jj�}|�|dk�||_||_	||_
|jj�d�}|jj�|j	||jjj|jjj�|j�|d|jjjk�|jj�
|d�|_dS)Nr2zInvalid private key�	BIGNUM **r)r'Z
RSA_check_keyrTrEZRSA_blinding_onr7r8r9r^�
_rsa_cdatar6rB�RSA_get0_key�BN_num_bits�	_key_size)rcr/�	rsa_cdata�evp_pkeyZ_skip_check_keyrHrR�nrrrrd�s&
�z_RSAPrivateKey.__init__rx)r"rOrcCst�t|�t|j|||�Sr)rrr]r^)rcr"rOrrr�signer�sz_RSAPrivateKey.signer)�
ciphertextr"rcCs2|jdd}|t|�kr"td��t|j|||�S)N��z,Ciphertext length must be equal to key size.)�key_sizerArEr1r^)rcr}r"Zkey_size_bytesrrr�decrypt�sz_RSAPrivateKey.decryptricCsV|jj�|j�}|j�||jjjk�|jj�||jjj�}|j�	|�}t
|j||�Sr)r^r'ZRSAPublicKey_duprur9r7r8r:ZRSA_freeZ_rsa_cdata_to_evp_pkeyr )rc�ctxrzrrrrX�s
z_RSAPrivateKey.public_keyc	
Cs�|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�|j|||�|j�|d|jjjk�|j�|d|jjjk�|j�|d|jjjk�|jj�|j||�|j�|d|jjjk�|j�|d|jjjk�|jj�	|j|||�|j�|d|jjjk�|j�|d|jjjk�|j�|d|jjjk�t
|j�|d�|j�|d�|j�|d�|j�|d�|j�|d�|j�|d�t|j�|d�|j�|d�d�d�S)Nrtr��er{)�p�q�d�dmp1�dmq1�iqmp�public_numbers)
r^r7rBr'rvrur9r8ZRSA_get0_factorsZRSA_get0_crt_paramsr�
_bn_to_intr)	rcr{r�r�r�r�r�r�r�rrr�private_numbers�sB
���z_RSAPrivateKey.private_numbers)�encodingr,�encryption_algorithmrcCs|j�|||||j|j�Sr)r^Z_private_key_bytesr6ru)rcr�r,r�rrr�
private_bytes�s�z_RSAPrivateKey.private_bytes)r!r"rOrcCs$t|j||�\}}t|j||||�Sr)rr^rW)rcr!r"rOrrr�sign�s�z_RSAPrivateKey.signN)rlrmrnrdr�read_only_propertyr�r
r	rMrr|ror�rrXrr�r
�EncodingZ
PrivateFormatZKeySerializationEncryptionr��typing�Union�
asym_utils�	Prehashedr�rrrrr�s$
�%��rc@s�eZdZdd�Ze�d�Zeee	j
ed�dd�Zeeed�dd	�Z
ed
�dd�Zejejed
�dd�Zeeeejeje	j
fdd�dd�Zeeeje	j
ed�dd�ZdS)r cCst||_||_||_|jj�d�}|jj�|j||jjj|jjj�|j�|d|jjjk�|jj�	|d�|_
dS)Nrtr)r^rur6r7rBr'rvr8r9rwrx)rcr/ryrzr{rrrrd�s�z_RSAPublicKey.__init__rx)rYr"rOrcCs,t�t�d|�t|�t|j||||�S)NrY)rr�_check_bytesrrpr^�rcrYr"rOrrr�verifier
s�z_RSAPublicKey.verifier)�	plaintextr"rcCst|j|||�Sr)r1r^)rcr�r"rrr�encryptsz_RSAPublicKey.encryptricCs�|jj�d�}|jj�d�}|jj�|j|||jjj�|j�|d|jjjk�|j�|d|jjjk�t|j�	|d�|j�	|d�d�S)Nrtrr�)
r^r7rBr'rvrur8r9rr�)rcr{r�rrrr�s��z_RSAPublicKey.public_numbers)r�r,rcCs|j�||||j|j�Sr)r^Z_public_key_bytesr6ru)rcr�r,rrr�public_bytes(s�z_RSAPublicKey.public_bytesN)rYr!r"rOrcCs&t|j||�\}}t|j|||||�Sr)rr^rZ)rcrYr!r"rOrrrrs1s��z_RSAPublicKey.verifycCst|�t|j||||�Sr)rr\r^r�rrr�recover_data_from_signature?s�z)_RSAPublicKey.recover_data_from_signature)rlrmrnrdrr�r�ror
r	rMrr�r�rr�r
r�ZPublicFormatr�r�r�r�r�rs�Optionalr�rrrrr �s0
���
�r ).r�ZcryptographyrZcryptography.exceptionsrrrZ*cryptography.hazmat.backends.openssl.utilsrrrZcryptography.hazmat.primitivesr	r
Z)cryptography.hazmat.primitives.asymmetricrrr�Z1cryptography.hazmat.primitives.asymmetric.paddingr
rrrrrZ-cryptography.hazmat.primitives.asymmetric.rsarrrrr�rM�intrror1r.rPrSrWrZr\r]rprr rrrr�<module>s@ 	��&�A+- $u