HEX

File: //lib64/python3.9/site-packages/cryptography/hazmat/backends/openssl/__pycache__/rsa.cpython-39.pyc
a

���h�S�@sZddlZddlmZddlmZmZmZddlmZm	Z	m
Z
ddlmZm
Z
ddlmZmZmZddlmZmZmZmZmZmZddlmZmZmZmZeejeefeje d	�d
d�Z!ejde"ee"d
�dd�Z#ejde"e ee"d�dd�Z$dd�Z%dd�Z&dd�Z'dd�Z(dd�Z)Gdd�de�Z*Gdd �d e�Z+Gd!d"�d"e�Z,Gd#d$�d$e�Z-dS)%�N)�utils)�InvalidSignature�UnsupportedAlgorithm�_Reasons)�_calculate_digest_and_algorithm�_check_not_prehashed�_warn_sign_verify_deprecated)�hashes�
serialization)�AsymmetricSignatureContext�AsymmetricVerificationContextr)�AsymmetricPadding�MGF1�OAEP�PKCS1v15�PSS�calculate_max_pss_salt_length)�
RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers)�pss�key�hash_algorithm�returncCs,|j}|tjus|tjur$t||�S|SdS�N)Z_salt_lengthrZ
MAX_LENGTHrr)rrrZsalt�r�N/usr/lib64/python3.9/site-packages/cryptography/hazmat/backends/openssl/rsa.py�_get_rsa_pss_salt_length)s
r)�_RSAPrivateKey�
_RSAPublicKey)r�data�paddingrcCs�t|t�std��t|t�r&|jj}nVt|t�rh|jj}t|jt	�sPt
dtj��|�
|�s|t
dtj��nt
d�|j�tj��t|||||�S)Nz1Padding must be an instance of AsymmetricPadding.�'Only MGF1 is supported by this backend.zPThis combination of padding and hash algorithm is not supported by this backend.�${} is not supported by this backend.)�
isinstancer
�	TypeErrorr�_lib�RSA_PKCS1_PADDINGrZRSA_PKCS1_OAEP_PADDING�_mgfrrr�UNSUPPORTED_MGFZrsa_padding_supported�UNSUPPORTED_PADDING�format�name�_enc_dec_rsa_pkey_ctx)�backendrr!r"�padding_enumrrr�_enc_dec_rsa6s*



�
�
�r1)rr!r0r"rcCs
t|t�r|jj}|jj}n|jj}|jj}|j�|j|j	j
�}|�||j	j
k�|j	�||jj
�}||�}|�|dk�|j�||�}|�|dk�|j�|j�}	|�|	dk�t|t��r|jj�r|�|jj�}
|j�||
�}|�|dk�|�|j�}|j�||�}|�|dk�t|t��r�|jdu�r�t|j�dk�r�|j�t|j��}|�||j	j
k�|j	�||jt|j��|j�||t|j��}|�|dk�|j	�d|	�}
|j	�d|	�}||||
|t|��}|j	�|�d|
d�}|j��|dk�rtd��|S)N�r�size_t *�unsigned char[]zEncryption/decryption failed.) r%r r'ZEVP_PKEY_encrypt_initZEVP_PKEY_encryptZEVP_PKEY_decrypt_initZEVP_PKEY_decrypt�EVP_PKEY_CTX_new�	_evp_pkey�_ffi�NULL�openssl_assert�gc�EVP_PKEY_CTX_free�EVP_PKEY_CTX_set_rsa_padding�
EVP_PKEY_sizerZCryptography_HAS_RSA_OAEP_MD�_evp_md_non_null_from_algorithmr)�
_algorithm�EVP_PKEY_CTX_set_rsa_mgf1_mdZEVP_PKEY_CTX_set_rsa_oaep_mdZ_label�lenZOPENSSL_mallocZmemmoveZ EVP_PKEY_CTX_set0_rsa_oaep_label�new�buffer�ERR_clear_error�
ValueError)r/rr!r0r"�initZcrypt�pkey_ctx�resZbuf_size�mgf1_mdZoaep_mdZlabelptrZoutlen�buf�resbufrrrr.ZsX

�����

r.cCs�t|t�std��|j�|j�}|�|dk�t|t�rB|jj}nnt|t	�r�t|j
t�sdtdt
j��t|tj�sxtd��||jddkr�td��|jj}ntd�|j�t
j��|S)Nz'Expected provider of AsymmetricPadding.rr#z*Expected instance of hashes.HashAlgorithm.�zDDigest too large for key size. Use a larger key or different digest.r$)r%r
r&r'r=r6r9rr(rr)rrrr*r	�
HashAlgorithmZdigest_sizerEZRSA_PKCS1_PSS_PADDINGr,r-r+)r/rr"�	algorithmZ	pkey_sizer0rrr�_rsa_sig_determine_padding�s0



��

�rOcCs<t||||�}|j�|j|jj�}|�||jjk�|j�||jj�}||�}|dkrh|�	�}t
d|��|dur�|�|�}	|j�||	�}|dkr�|�	�t
d�|j�tj��|j�||�}|dkr�|�	�t
d�|j�tj��t|t��r8|j�|t|||��}|�|dk�|�|jj�}
|j�||
�}|�|dk�|S)Nr2z#Unable to sign/verify with this keyrz4{} is not supported by this backend for RSA signing.z4{} is not supported for the RSA signature operation.)rOr'r5r6r7r8r9r:r;�_consume_errorsrEr>ZEVP_PKEY_CTX_set_signature_mdrr,r-rZUNSUPPORTED_HASHr<r+r%rZ EVP_PKEY_CTX_set_rsa_pss_saltlenrr)r?r@)r/r"rNrZ	init_funcr0rGrH�errorsZevp_mdrIrrr�_rsa_sig_setup�sN

������rRc
Cs�t|||||jj�}|j�d�}|j�||jj||t|��}|�|dk�|j�d|d�}|j�||||t|��}|dkr�|�	�}	t
d|	��|j�|�dd�S)Nr3r2r4rzuDigest or salt length too long for key size. Use a larger key or shorter salt length if you are specifying a PSS salt)rRr'ZEVP_PKEY_sign_initr7rBZ
EVP_PKEY_signr8rAr9�_consume_errors_with_textrErC)
r/r"rN�private_keyr!rG�buflenrHrJrQrrr�
_rsa_sig_sign�s*���rVcCsVt|||||jj�}|j�||t|�|t|��}|�|dk�|dkrR|��t�dS)Nr)rRr'ZEVP_PKEY_verify_initZEVP_PKEY_verifyrAr9rPr)r/r"rN�
public_key�	signaturer!rGrHrrr�_rsa_sig_verify
s��rYcCs�t|||||jj�}|j�|j�}|�|dk�|j�d|�}|j�d|�}|j�||||t	|��}	|j�
|�d|d�}
|j��|	dkr�t�|
S)Nrr4r3r2)
rRr'ZEVP_PKEY_verify_recover_initr=r6r9r7rBZEVP_PKEY_verify_recoverrArCrDr)r/r"rNrWrXrG�maxlenrJrUrHrKrrr�_rsa_sig_recover!s&�
�
r[c@s>eZdZeeejd�dd�Zedd�dd�Z	ed�d	d
�Z
dS)�_RSASignatureContext)rTr"rNcCs<||_||_t||||�||_||_t�|j|j�|_dSr)�_backend�_private_keyrO�_paddingr?r	�Hash�	_hash_ctx)�selfr/rTr"rNrrr�__init__@sz_RSASignatureContext.__init__N�r!rcCs|j�|�dSr�ra�update�rbr!rrrrfRsz_RSASignatureContext.update�rcCst|j|j|j|j|j���Sr)rVr]r_r?r^ra�finalize�rbrrrriUs�z_RSASignatureContext.finalize)�__name__�
__module__�__qualname__rr
r	rMrc�bytesrfrirrrrr\?s�r\c@s@eZdZeeeejd�dd�Zedd�dd�Z	dd�d	d
�Z
dS)�_RSAVerificationContext)rWrXr"rNcCsF||_||_||_||_t||||�|}||_t�|j|j�|_dSr)	r]�_public_key�
_signaturer_rOr?r	r`ra)rbr/rWrXr"rNrrrrc`sz _RSAVerificationContext.__init__NrdcCs|j�|�dSrrergrrrrfusz_RSAVerificationContext.updaterhcCs"t|j|j|j|j|j|j���Sr)rYr]r_r?rprqrarirjrrr�verifyxs�z_RSAVerificationContext.verify)rkrlrmrrnr
r	rMrcrfrrrrrrro_s�roc@s�eZdZdd�Ze�d�Zeej	e
d�dd�Zeeed�dd	�Z
ed
�dd�Zed
�d
d�Zejejejed�dd�Zeeejejej	fed�dd�ZdS)rcCs�|s*|j�|�}|dkr*|��}td|��|j�||jj�}|�|dk�||_||_	||_
|jj�d�}|jj�|j	||jjj|jjj�|j�|d|jjjk�|jj�
|d�|_dS)Nr2zInvalid private key�	BIGNUM **r)r'Z
RSA_check_keyrSrEZRSA_blinding_onr7r8r9r]�
_rsa_cdatar6rB�RSA_get0_key�BN_num_bits�	_key_size)rbr/�	rsa_cdata�evp_pkeyZ_skip_check_keyrHrQ�nrrrrc�s&
�z_RSAPrivateKey.__init__rw)r"rNrcCst�t|�t|j|||�Sr)rrr\r])rbr"rNrrr�signer�sz_RSAPrivateKey.signer)�
ciphertextr"rcCs2|jdd}|t|�kr"td��t|j|||�S)N��z,Ciphertext length must be equal to key size.)�key_sizerArEr1r])rbr|r"Zkey_size_bytesrrr�decrypt�sz_RSAPrivateKey.decryptrhcCsV|jj�|j�}|j�||jjjk�|jj�||jjj�}|j�	|�}t
|j||�Sr)r]r'ZRSAPublicKey_duprtr9r7r8r:ZRSA_freeZ_rsa_cdata_to_evp_pkeyr )rb�ctxryrrrrW�s
z_RSAPrivateKey.public_keyc	
Cs�|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�d�}|jj�|j|||�|j�|d|jjjk�|j�|d|jjjk�|j�|d|jjjk�|jj�|j||�|j�|d|jjjk�|j�|d|jjjk�|jj�	|j|||�|j�|d|jjjk�|j�|d|jjjk�|j�|d|jjjk�t
|j�|d�|j�|d�|j�|d�|j�|d�|j�|d�|j�|d�t|j�|d�|j�|d�d�d�S)Nrsr��erz)�p�q�d�dmp1�dmq1�iqmp�public_numbers)
r]r7rBr'rurtr9r8ZRSA_get0_factorsZRSA_get0_crt_paramsr�
_bn_to_intr)	rbrzr�r�r�r�r�r�r�rrr�private_numbers�sB
���z_RSAPrivateKey.private_numbers)�encodingr,�encryption_algorithmrcCs|j�|||||j|j�Sr)r]Z_private_key_bytesr6rt)rbr�r,r�rrr�
private_bytes�s�z_RSAPrivateKey.private_bytes)r!r"rNrcCs$t|j||�\}}t|j||||�Sr)rr]rV)rbr!r"rNrrr�sign�s�z_RSAPrivateKey.signN)rkrlrmrcr�read_only_propertyrr
r	rMrr{rnr�rrWrr�r
�EncodingZ
PrivateFormatZKeySerializationEncryptionr��typing�Union�
asym_utils�	Prehashedr�rrrrr�s$
�%��rc@s�eZdZdd�Ze�d�Zeee	j
ed�dd�Zeeed�dd	�Z
ed
�dd�Zejejed
�dd�Zeeeejeje	j
fdd�dd�Zeeeje	j
ed�dd�ZdS)r cCst||_||_||_|jj�d�}|jj�|j||jjj|jjj�|j�|d|jjjk�|jj�	|d�|_
dS)Nrsr)r]rtr6r7rBr'rur8r9rvrw)rbr/rxryrzrrrrc�s�z_RSAPublicKey.__init__rw)rXr"rNrcCs,t�t�d|�t|�t|j||||�S)NrX)rr�_check_bytesrror]�rbrXr"rNrrr�verifier
s�z_RSAPublicKey.verifier)�	plaintextr"rcCst|j|||�Sr)r1r])rbr�r"rrr�encryptsz_RSAPublicKey.encryptrhcCs�|jj�d�}|jj�d�}|jj�|j|||jjj�|j�|d|jjjk�|j�|d|jjjk�t|j�	|d�|j�	|d�d�S)Nrsrr�)
r]r7rBr'rurtr8r9rr�)rbrzr�rrrr�s��z_RSAPublicKey.public_numbers)r�r,rcCs|j�||||j|j�Sr)r]Z_public_key_bytesr6rt)rbr�r,rrr�public_bytes(s�z_RSAPublicKey.public_bytesN)rXr!r"rNrcCs&t|j||�\}}t|j|||||�Sr)rr]rY)rbrXr!r"rNrrrrr1s��z_RSAPublicKey.verifycCst|�t|j||||�Sr)rr[r]r�rrr�recover_data_from_signature?s�z)_RSAPublicKey.recover_data_from_signature)rkrlrmrcrr�rrnr
r	rMrr�r�rr�r
r�ZPublicFormatr�r�r�r�r�rr�Optionalr�rrrrr �s0
���
�r ).r�ZcryptographyrZcryptography.exceptionsrrrZ*cryptography.hazmat.backends.openssl.utilsrrrZcryptography.hazmat.primitivesr	r
Z)cryptography.hazmat.primitives.asymmetricrrr�Z1cryptography.hazmat.primitives.asymmetric.paddingr
rrrrrZ-cryptography.hazmat.primitives.asymmetric.rsarrrrr�rM�intrrnr1r.rOrRrVrYr[r\rorr rrrr�<module>s@ 	��&�A+- $u