ó èb‹Xc@`s«ddlmZmZmZddlZddlmZddlmZm Z m Z ddl m Z ddl mZddlmZmZmZddlmZmZmZmZmZmZdd lmZmZd „Zd „Zd „Zd „Z d„Z!d„Z"d„Z#ej$eƒde%fd„ƒYƒZ&ej$eƒde%fd„ƒYƒZ'ej$eƒde%fd„ƒYƒZ(ej$eƒde%fd„ƒYƒZ)dS(i(tabsolute_importtdivisiontprint_functionN(tutils(tInvalidSignaturetUnsupportedAlgorithmt_Reasons(t_calculate_digest_and_algorithm(thashes(tAsymmetricSignatureContexttAsymmetricVerificationContexttrsa(tAsymmetricPaddingtMGF1tOAEPtPKCS1v15tPSStcalculate_max_pss_salt_length(tRSAPrivateKeyWithSerializationtRSAPublicKeyWithSerializationcC`s<|j}|tjks'|tjkr4t||ƒS|SdS(N(t _salt_lengthR t MAX_LENGTHRR(tpsstkeythash_algorithmtsalt((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_get_rsa_pss_salt_lengths  cC`st|tƒstdƒ‚nt|tƒr<|jj}n´t|tƒrÒ|jj}t|jt ƒs~t dt j ƒ‚n|j |ƒs¢t dt jƒ‚n|jdk rð|jdkrðtdƒ‚qðnt dj|jƒt jƒ‚t|||||ƒS(Ns1Padding must be an instance of AsymmetricPadding.s'Only MGF1 is supported by this backend.sPThis combination of padding and hash algorithm is not supported by this backend.ts*This backend does not support OAEP labels.s%{0} is not supported by this backend.(t isinstanceR t TypeErrorRt_libtRSA_PKCS1_PADDINGRtRSA_PKCS1_OAEP_PADDINGt_mgfR RRtUNSUPPORTED_MGFtrsa_padding_supportedtUNSUPPORTED_PADDINGt_labeltNonet ValueErrortformattnamet_enc_dec_rsa_pkey_ctx(tbackendRtdatatpaddingt padding_enum((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _enc_dec_rsa%s*   cC`sdt|tƒr*|jj}|jj}n|jj}|jj}|jj|j|j j ƒ}|j ||j j kƒ|j j ||jj ƒ}||ƒ}|j |dkƒ|jj||ƒ}|j |dkƒ|jj|jƒ} |j | dkƒt|tƒrè|jjrè|jj|jjjjdƒƒ} |j | |j j kƒ|jj|| ƒ}|j |dkƒ|jj|jjjdƒƒ} |j | |j j kƒ|jj|| ƒ}|j |dkƒn|j jd| ƒ} |j jd| ƒ} ||| | |t|ƒƒ}|dkrLt||ƒn|j j| ƒ| d S(Niitasciissize_t *sunsigned char[](Rt _RSAPublicKeyRtEVP_PKEY_encrypt_inittEVP_PKEY_encrypttEVP_PKEY_decrypt_inittEVP_PKEY_decrypttEVP_PKEY_CTX_newt _evp_pkeyt_ffitNULLtopenssl_asserttgctEVP_PKEY_CTX_freetEVP_PKEY_CTX_set_rsa_paddingt EVP_PKEY_sizeRtCryptography_HAS_RSA_OAEP_MDtEVP_get_digestbynameR!t _algorithmR)tencodetEVP_PKEY_CTX_set_rsa_mgf1_mdtEVP_PKEY_CTX_set_rsa_oaep_mdtnewtlent_handle_rsa_enc_dec_errortbuffer(R+RR,R.R-tinittcrypttpkey_ctxtrestbuf_sizetmgf1_mdtoaep_mdtoutlentbuf((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR*IsD           cC`sé|jƒ}|st‚|dj|jjks7t‚t|tƒrt|dj|jjkset‚t dƒ‚nq|jj |jj |jj |jj g}|jjrÀ|j|jjƒn|dj|ksÙt‚t dƒ‚dS(NisGData too long for key size. Encrypt less data or use a larger key size.sDecryption failed.(t_consume_errorstAssertionErrortlibRt ERR_LIB_RSARR1treasont!RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZER'tRSA_R_BLOCK_TYPE_IS_NOT_01tRSA_R_BLOCK_TYPE_IS_NOT_02tRSA_R_OAEP_DECODING_ERRORt RSA_R_DATA_TOO_LARGE_FOR_MODULUSt*Cryptography_HAS_RSA_R_PKCS_DECODING_ERRORtappendtRSA_R_PKCS_DECODING_ERROR(R+Rterrorstdecoding_errors((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRGus         cC`st|tƒstdƒ‚n|jj|jƒ}|j|dkƒt|tƒrd|jj}n³t|t ƒrùt|j t ƒsšt dt jƒ‚n||jddkrÀtdƒ‚n|j|j jƒsêt dt jƒ‚n|jj}nt dj|jƒt jƒ‚|S(Ns'Expected provider of AsymmetricPadding.is'Only MGF1 is supported by this backend.isDDigest too large for key size. Use a larger key or different digest.sGWhen OpenSSL is older than 1.0.1 then only SHA1 is supported with MGF1.s%{0} is not supported by this backend.(RR RRR>R7R:RRRR!R RRR"t digest_sizeR't_pss_mgf1_hash_supportedRAtUNSUPPORTED_HASHtRSA_PKCS1_PSS_PADDINGR(R)R$(R+RR-t algorithmt pkey_sizeR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_determine_padding‘s, cC`sú|jj|jjdƒƒ}|j||jjkƒ|jj|j|jjƒ}|j||jjkƒ|jj ||jj ƒ}|jj |ƒ}|j|dkƒ|jj ||ƒ}|j|dkƒ|jj ||ƒ}|j|dkƒt|tƒr¸|jj|t|||ƒƒ}|j|dkƒ|jjr¸|jj|jjjjdƒƒ} |j| |jjkƒ|jj|| ƒ}|j|dkƒq¸n|jjdƒ} |jj||jj| |t|ƒƒ}|j|dkƒ|jjd| dƒ} |jj|| | |t|ƒƒ}|dkré|jƒ} | dj|jjks{t‚d} | dj|jjkr£d} n%| dj|jj ksÂt‚d} | dk sÚt‚t!| ƒ‚n|jj"| ƒS(NR0iissize_t *sunsigned char[]s@Salt length too long for key size. Try using MAX_LENGTH instead.s0Digest too large for key size. Use a larger key.(#RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_sign_inittEVP_PKEY_CTX_set_signature_mdR=RRt EVP_PKEY_CTX_set_rsa_pss_saltlenRtCryptography_HAS_MGF1_MDR!RARCREt EVP_PKEY_signRFRRRTRURSR&RVRWt RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEYR'RH(R+R-R.Ret private_keyR,tevp_mdRKRLRNtbuflenRQR_RV((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _rsa_sig_sign¸sn                    c C`s&|jj|jjdƒƒ}|j||jjkƒ|jj|j|jjƒ}|j||jjkƒ|jj ||jj ƒ}|jj |ƒ} |j| dkƒ|jj ||ƒ} |j| dkƒ|jj ||ƒ} |j| dkƒt|tƒr¸|jj|t|||ƒƒ} |j| dkƒ|jjr¸|jj|jjjjdƒƒ} |j| |jjkƒ|jj|| ƒ} |j| dkƒq¸n|jj||t|ƒ|t|ƒƒ} |j| dkƒ| dkr"|jƒ} | st‚t‚ndS(NR0ii(RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_verify_initRiR=RRRjRRkR!RARCtEVP_PKEY_verifyRFRRRSR( R+R-R.Ret public_keyt signatureR,RoRKRLRNR_((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_verifysT                 t_RSASignatureContextcB`s#eZd„Zd„Zd„ZRS(cC`s[||_||_t||||ƒ|_||_||_tj|j|jƒ|_dS(N( t_backendt _private_keyRgt _padding_enumt_paddingRARtHasht _hash_ctx(tselfR+RnR-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt__init__>s    cC`s|jj|ƒdS(N(R}tupdate(R~R,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR€IscC`s1t|j|j|j|j|j|jjƒƒS(N(RqRxR{RzRARyR}tfinalize(R~((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRLs(t__name__t __module__RR€R(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRw<s t_RSAVerificationContextcB`s#eZd„Zd„Zd„ZRS(cC`sj||_||_||_||_t||||ƒ|_|}||_tj|j|jƒ|_ dS(N( Rxt _public_keyt _signatureR{RgRzRARR|R}(R~R+RtRuR-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRYs     cC`s|jj|ƒdS(N(R}R€(R~R,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR€gscC`s7t|j|j|j|j|j|j|jjƒƒS(N( RvRxR{RzRAR…R†R}R(R~((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifyjs(R‚RƒRR€R‡(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR„Ws  t_RSAPrivateKeycB`sVeZd„ZejdƒZd„Zd„Zd„Zd„Z d„Z d„Z RS(cC`s¤||_||_||_|jjjdƒ}|jjj|j||jjj|jjjƒ|jj|d|jjjkƒ|jjj |dƒ|_ dS(Ns BIGNUM **i( Rxt _rsa_cdataR7R8RERt RSA_get0_keyR9R:t BN_num_bitst _key_size(R~R+t rsa_cdatatevp_pkeytn((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRxs    #RŒcC`st|j|||ƒS(N(RwRx(R~R-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsigner‡scC`sSttj|jdƒƒ}|t|ƒkr=tdƒ‚nt|j|||ƒS(Ng @s,Ciphertext length must be equal to key size.(tinttmathtceiltkey_sizeRFR'R/Rx(R~t ciphertextR-tkey_size_bytes((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytdecryptŠscC`s´|jjj|jƒ}|jj||jjjkƒ|jjj||jjjƒ}|jjj ||jjjƒ}|jj|dkƒ|jj |ƒ}t |j||ƒS(Ni( RxRtRSAPublicKey_dupR‰R:R8R9R;tRSA_freetRSA_blinding_ont_rsa_cdata_to_evp_pkeyR1(R~tctxRLRŽ((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRt‘s!!c C`sà|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjj|j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jjj|j||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jjj |j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒt j d|jj |dƒd|jj |dƒd|jj |dƒd|jj |dƒd|jj |dƒd|jj |dƒd t j d |jj |dƒd |jj |dƒƒƒS( Ns BIGNUM **itptqtdtdmp1tdmq1tiqmptpublic_numbersteR(RxR8RERRŠR‰R:R9tRSA_get0_factorstRSA_get0_crt_paramsR tRSAPrivateNumberst _bn_to_inttRSAPublicNumbers( R~RR¤RŸRRžR R¡R¢((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytprivate_numbersšs<##### ###  cC`s"|jj||||j|jƒS(N(Rxt_private_key_bytesR7R‰(R~tencodingR(tencryption_algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt private_bytes½s  cC`sOt|j|||ƒ}t|j||ƒ\}}t|j|||||ƒS(N(RgRxRRq(R~R,R-ReR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsignÆs ( R‚RƒRRtread_only_propertyR”RR—RtRªR®R¯(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRˆvs    # R1cB`sMeZd„ZejdƒZd„Zd„Zd„Zd„Z d„Z RS(cC`s¤||_||_||_|jjjdƒ}|jjj|j||jjj|jjjƒ|jj|d|jjjkƒ|jjj |dƒ|_ dS(Ns BIGNUM **i( RxR‰R7R8RERRŠR9R:R‹RŒ(R~R+RRŽR((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRÕs    #RŒcC`s7t|tƒstdƒ‚nt|j||||ƒS(Nssignature must be bytes.(RtbytesRR„Rx(R~RuR-Re((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifieräscC`st|j|||ƒS(N(R/Rx(R~t plaintextR-((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytencryptìscC`sÎ|jjjdƒ}|jjjdƒ}|jjj|j|||jjjƒ|jj|d|jjjkƒ|jj|d|jjjkƒtj d|jj |dƒd|jj |dƒƒS(Ns BIGNUM **iR¤R( RxR8RERRŠR‰R9R:R R©R¨(R~RR¤((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR£ïs ## cC`s"|jj||||j|jƒS(N(Rxt_public_key_bytesR7R‰(R~R¬R(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt public_bytesüs  cC`sRt|j|||ƒ}t|j||ƒ\}}t|j||||||ƒS(N(RgRxRRv(R~RuR,R-ReR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR‡s( R‚RƒRRR°R”R²R´R£R¶R‡(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR1Ós    (*t __future__RRRR’t cryptographyRtcryptography.exceptionsRRRt*cryptography.hazmat.backends.openssl.utilsRtcryptography.hazmat.primitivesRt)cryptography.hazmat.primitives.asymmetricR R R t1cryptography.hazmat.primitives.asymmetric.paddingR R RRRRt-cryptography.hazmat.primitives.asymmetric.rsaRRRR/R*RGRgRqRvtregister_interfacetobjectRwR„RˆR1(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyts. . $ ,  ' I ;\