ó èb‹Xc@`s«ddlmZmZmZddlZddlmZddlmZm Z m Z ddl m Z ddl mZddlmZmZmZddlmZmZmZmZmZmZdd lmZmZd „Zd „Zd „Zd „Z d„Z!d„Z"d„Z#ej$eƒde%fd„ƒYƒZ&ej$eƒde%fd„ƒYƒZ'ej$eƒde%fd„ƒYƒZ(ej$eƒde%fd„ƒYƒZ)dS(i(tabsolute_importtdivisiontprint_functionN(tutils(tInvalidSignaturetUnsupportedAlgorithmt_Reasons(t_calculate_digest_and_algorithm(thashes(tAsymmetricSignatureContexttAsymmetricVerificationContexttrsa(tAsymmetricPaddingtMGF1tOAEPtPKCS1v15tPSStcalculate_max_pss_salt_length(tRSAPrivateKeyWithSerializationtRSAPublicKeyWithSerializationcC`s<|j}|tjks'|tjkr4t||ƒS|SdS(N(t _salt_lengthR t MAX_LENGTHRR(tpsstkeythash_algorithmtsalt((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_get_rsa_pss_salt_lengths  cC`st|tƒstdƒ‚nt|tƒr<|jj}n´t|tƒrÒ|jj}t|jt ƒs~t dt j ƒ‚n|j |ƒs¢t dt jƒ‚n|jdk rð|jdkrðtdƒ‚qðnt dj|jƒt jƒ‚t|||||ƒS(Ns1Padding must be an instance of AsymmetricPadding.s'Only MGF1 is supported by this backend.sPThis combination of padding and hash algorithm is not supported by this backend.ts*This backend does not support OAEP labels.s%{0} is not supported by this backend.(t isinstanceR t TypeErrorRt_libtRSA_PKCS1_PADDINGRtRSA_PKCS1_OAEP_PADDINGt_mgfR RRtUNSUPPORTED_MGFtrsa_padding_supportedtUNSUPPORTED_PADDINGt_labeltNonet ValueErrortformattnamet_enc_dec_rsa_pkey_ctx(tbackendRtdatatpaddingt padding_enum((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _enc_dec_rsa%s*   cC`sdt|tƒr*|jj}|jj}n|jj}|jj}|jj|j|j j ƒ}|j ||j j kƒ|j j ||jj ƒ}||ƒ}|j |dkƒ|jj||ƒ}|j |dkƒ|jj|jƒ} |j | dkƒt|tƒrè|jjrè|jj|jjjjdƒƒ} |j | |j j kƒ|jj|| ƒ}|j |dkƒ|jj|jjjdƒƒ} |j | |j j kƒ|jj|| ƒ}|j |dkƒn|j jd| ƒ} |j jd| ƒ} ||| | |t|ƒƒ}|dkrLt||ƒn|j j| ƒ| d S(Niitasciissize_t *sunsigned char[](Rt _RSAPublicKeyRtEVP_PKEY_encrypt_inittEVP_PKEY_encrypttEVP_PKEY_decrypt_inittEVP_PKEY_decrypttEVP_PKEY_CTX_newt _evp_pkeyt_ffitNULLtopenssl_asserttgctEVP_PKEY_CTX_freetEVP_PKEY_CTX_set_rsa_paddingt EVP_PKEY_sizeRtCryptography_HAS_RSA_OAEP_MDtEVP_get_digestbynameR!t _algorithmR)tencodetEVP_PKEY_CTX_set_rsa_mgf1_mdtEVP_PKEY_CTX_set_rsa_oaep_mdtnewtlent_handle_rsa_enc_dec_errortbuffer(R+RR,R.R-tinittcrypttpkey_ctxtrestbuf_sizetmgf1_mdtoaep_mdtoutlentbuf((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR*IsD           cC`s†|jƒ}t|tƒr*tdƒ‚nX|jj|jj|jj|jjg}|jj rv|j |jj ƒntdƒ‚dS(NsGData too long for key size. Encrypt less data or use a larger key size.sDecryption failed.( t_consume_errorsRR1R'RtRSA_R_BLOCK_TYPE_IS_NOT_01tRSA_R_BLOCK_TYPE_IS_NOT_02tRSA_R_OAEP_DECODING_ERRORt RSA_R_DATA_TOO_LARGE_FOR_MODULUSt*Cryptography_HAS_RSA_R_PKCS_DECODING_ERRORtappendtRSA_R_PKCS_DECODING_ERROR(R+Rterrorstdecoding_errors((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRGus      cC`st|tƒstdƒ‚n|jj|jƒ}|j|dkƒt|tƒrd|jj}n³t|t ƒrùt|j t ƒsšt dt jƒ‚n||jddkrÀtdƒ‚n|j|j jƒsêt dt jƒ‚n|jj}nt dj|jƒt jƒ‚|S(Ns'Expected provider of AsymmetricPadding.is'Only MGF1 is supported by this backend.isDDigest too large for key size. Use a larger key or different digest.sGWhen OpenSSL is older than 1.0.1 then only SHA1 is supported with MGF1.s%{0} is not supported by this backend.(RR RRR>R7R:RRRR!R RRR"t digest_sizeR't_pss_mgf1_hash_supportedRAtUNSUPPORTED_HASHtRSA_PKCS1_PSS_PADDINGR(R)R$(R+RR-t algorithmt pkey_sizeR.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_determine_padding‘s, cC`sª|jj|jjdƒƒ}|j||jjkƒ|jj|j|jjƒ}|j||jjkƒ|jj ||jj ƒ}|jj |ƒ}|j|dkƒ|jj ||ƒ}|j|dkƒ|jj ||ƒ}|j|dkƒt|tƒr¸|jj|t|||ƒƒ}|j|dkƒ|jjr¸|jj|jjjjdƒƒ} |j| |jjkƒ|jj|| ƒ}|j|dkƒq¸n|jjdƒ} |jj||jj| |t|ƒƒ}|j|dkƒ|jjd| dƒ} |jj|| | |t|ƒƒ}|dkr™|jƒ} d} | dj|jjkr„d} nd} t| ƒ‚n|jj| ƒS(NR0iissize_t *sunsigned char[]s@Salt length too long for key size. Try using MAX_LENGTH instead.s0Digest too large for key size. Use a larger key.(RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_sign_inittEVP_PKEY_CTX_set_signature_mdR=RRt EVP_PKEY_CTX_set_rsa_pss_saltlenRtCryptography_HAS_MGF1_MDR!RARCREt EVP_PKEY_signRFRRR&treasont!RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZER'RH(R+R-R.R`t private_keyR,tevp_mdRKRLRNtbuflenRQRZRh((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt _rsa_sig_sign¸sf                   c C`s|jj|jjdƒƒ}|j||jjkƒ|jj|j|jjƒ}|j||jjkƒ|jj ||jj ƒ}|jj |ƒ} |j| dkƒ|jj ||ƒ} |j| dkƒ|jj ||ƒ} |j| dkƒt|tƒr¸|jj|t|||ƒƒ} |j| dkƒ|jjr¸|jj|jjjjdƒƒ} |j| |jjkƒ|jj|| ƒ} |j| dkƒq¸n|jj||t|ƒ|t|ƒƒ} |j| dkƒ| dkr|jƒ} t‚ndS(NR0ii(RR@R)RBR:R8R9R6R7R;R<tEVP_PKEY_verify_initRdR=RRReRRfR!RARCtEVP_PKEY_verifyRFRRR( R+R-R.R`t public_keyt signatureR,RkRKRLRNRZ((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt_rsa_sig_verifysR                t_RSASignatureContextcB`s#eZd„Zd„Zd„ZRS(cC`s[||_||_t||||ƒ|_||_||_tj|j|jƒ|_dS(N( t_backendt _private_keyRbt _padding_enumt_paddingRARtHasht _hash_ctx(tselfR+RjR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt__init__>s    cC`s|jj|ƒdS(N(Rytupdate(RzR,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR|IscC`s1t|j|j|j|j|j|jjƒƒS(N(RmRtRwRvRARuRytfinalize(Rz((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR}Ls(t__name__t __module__R{R|R}(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRs<s t_RSAVerificationContextcB`s#eZd„Zd„Zd„ZRS(cC`sj||_||_||_||_t||||ƒ|_|}||_tj|j|jƒ|_ dS(N( Rtt _public_keyt _signatureRwRbRvRARRxRy(RzR+RpRqR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR{Ys     cC`s|jj|ƒdS(N(RyR|(RzR,((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR|gscC`s7t|j|j|j|j|j|j|jjƒƒS(N( RrRtRwRvRARR‚RyR}(Rz((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifyjs(R~RR{R|Rƒ(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR€Ws  t_RSAPrivateKeycB`sVeZd„ZejdƒZd„Zd„Zd„Zd„Z d„Z d„Z RS(cC`s¤||_||_||_|jjjdƒ}|jjj|j||jjj|jjjƒ|jj|d|jjjkƒ|jjj |dƒ|_ dS(Ns BIGNUM **i( Rtt _rsa_cdataR7R8RERt RSA_get0_keyR9R:t BN_num_bitst _key_size(RzR+t rsa_cdatatevp_pkeytn((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR{xs    #RˆcC`st|j|||ƒS(N(RsRt(RzR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsigner‡scC`sSttj|jdƒƒ}|t|ƒkr=tdƒ‚nt|j|||ƒS(Ng @s,Ciphertext length must be equal to key size.(tinttmathtceiltkey_sizeRFR'R/Rt(Rzt ciphertextR-tkey_size_bytes((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytdecryptŠscC`s´|jjj|jƒ}|jj||jjjkƒ|jjj||jjjƒ}|jjj ||jjjƒ}|jj|dkƒ|jj |ƒ}t |j||ƒS(Ni( RtRtRSAPublicKey_dupR…R:R8R9R;tRSA_freetRSA_blinding_ont_rsa_cdata_to_evp_pkeyR1(RztctxRLRŠ((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRp‘s!!c C`sà|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjjdƒ}|jjj|j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jjj|j||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jjj |j|||ƒ|jj|d|jjjkƒ|jj|d|jjjkƒ|jj|d|jjjkƒt j d|jj |dƒd|jj |dƒd|jj |dƒd|jj |dƒd|jj |dƒd|jj |dƒd t j d |jj |dƒd |jj |dƒƒƒS( Ns BIGNUM **itptqtdtdmp1tdmq1tiqmptpublic_numbersteR‹(RtR8RERR†R…R:R9tRSA_get0_factorstRSA_get0_crt_paramsR tRSAPrivateNumberst _bn_to_inttRSAPublicNumbers( RzR‹R R›R™RšRœRRž((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytprivate_numbersšs<##### ###  cC`s"|jj||||j|jƒS(N(Rtt_private_key_bytesR7R…(RztencodingR(tencryption_algorithm((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt private_bytes½s  cC`sOt|j|||ƒ}t|j||ƒ\}}t|j|||||ƒS(N(RbRtRRm(RzR,R-R`R.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytsignÆs ( R~RR{Rtread_only_propertyRRŒR“RpR¦RªR«(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR„vs    # R1cB`sMeZd„ZejdƒZd„Zd„Zd„Zd„Z d„Z RS(cC`s¤||_||_||_|jjjdƒ}|jjj|j||jjj|jjjƒ|jj|d|jjjkƒ|jjj |dƒ|_ dS(Ns BIGNUM **i( RtR…R7R8RERR†R9R:R‡Rˆ(RzR+R‰RŠR‹((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR{Õs    #RˆcC`s7t|tƒstdƒ‚nt|j||||ƒS(Nssignature must be bytes.(RtbytesRR€Rt(RzRqR-R`((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytverifieräscC`st|j|||ƒS(N(R/Rt(Rzt plaintextR-((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pytencryptìscC`sÎ|jjjdƒ}|jjjdƒ}|jjj|j|||jjjƒ|jj|d|jjjkƒ|jj|d|jjjkƒtj d|jj |dƒd|jj |dƒƒS(Ns BIGNUM **iR R‹( RtR8RERR†R…R9R:R R¥R¤(RzR‹R ((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRŸïs ## cC`s"|jj||||j|jƒS(N(Rtt_public_key_bytesR7R…(RzR¨R(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyt public_bytesüs  cC`sRt|j|||ƒ}t|j||ƒ\}}t|j||||||ƒS(N(RbRtRRr(RzRqR,R-R`R.((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyRƒs( R~RR{RR¬RR®R°RŸR²Rƒ(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyR1Ós    (*t __future__RRRRŽt cryptographyRtcryptography.exceptionsRRRt*cryptography.hazmat.backends.openssl.utilsRtcryptography.hazmat.primitivesRt)cryptography.hazmat.primitives.asymmetricR R R t1cryptography.hazmat.primitives.asymmetric.paddingR R RRRRt-cryptography.hazmat.primitives.asymmetric.rsaRRRR/R*RGRbRmRrtregister_interfacetobjectRsR€R„R1(((sN/usr/lib64/python2.7/site-packages/cryptography/hazmat/backends/openssl/rsa.pyts. . $ ,  ' I ;\