U

�\�e�C�@sD
dd
lm
Z
mZmZ
ddlZddlmZ
ddlmZm	Z	m
Z

ddlmZm
Z
mZ
ddlmZ
ddlmZmZmZ
ddlmZmZmZmZmZmZ
dd	lmZmZ
d
d�Zdd
�Z dd�Z!dd�Z"dd�Z#dd�Z$dd�Z%e�&e�
Gdd�de'��
Z(e�&e�
Gdd�de'��
Z)e�&e�
Gdd�de'��
Z*e�&e�
Gdd�de'��
Z+dS) �)�absolute_import�division�print_functionN)
�utils)�InvalidSignature�UnsupportedAlgorithm�_Reasons)�_calculate_digest_and_algorithm�_check_not_prehashed�_warn_sign_verify_deprecated)
�hashes)�AsymmetricSignatureContext�AsymmetricVerificationContext�rsa)�AsymmetricPadding�MGF1�OAEP�PKCS1v15�PSS�calculate_max_pss_salt_length)�RSAPrivateKeyWithSerialization�RSAPublicKeyWithSerializationcCs,|j}|t
jks|tjkr$t|
|�S|SdS�
N)Z_salt_lengthrZ
MAX_LENGTHrr)Zpss�keyZhash_algorithmZsalt�r�J/usr/lib/python3/dist-packages/cryptography/hazmat/backends/openssl/rsa.py�_get_rsa_pss_salt_lengths


rcCs�t|t
�std
�
�
t|t�r&|jj}nVt|t�rh|jj}t|jt	�sPt
dtj��
|�
|�
s|t
dtj��
nt
d�|j�
tj��
t||
|||�S)Nz1Padding must be an instance of AsymmetricPadding.�'Only MGF1 is supported by this backend.zPThis combination of padding and hash algorithm is not supported by this backend.�${} is not supported by this backend.)�
isinstancer�	TypeErrorr�_lib�RSA_PKCS1_PADDINGrZRSA_PKCS1_OAEP_PADDING�_mgfrrr�UNSUPPORTED_MGFZrsa_padding_supported�UNSUPPORTED_PADDING�format�name�_enc_dec_rsa_pkey_ctx)�backendr�data�padding�padding_enumrrr�_enc_dec_rsa&s.











�


�

��r-cCs
t|
t
�r|jj}|jj}n|jj}|jj}|j�|
j|j	j
�}|�||j	j
k�

|j	�||jj
�}||�
}|�|d
k�

|j�||�}|�|dk�

|j�|
j�
}	|�|	dk�

t|t��
r|jj�
r|�|jj�
}
|j�||
�}|�|dk�

|�|j�
}|j�||�}|�|dk�

t|t��
r�|jdk	�
r�t|j�
dk�
r�|j�t|j�
�
}|�||j	j
k�

|j	�||jt|j�
�
|j�||t|j�
�}|�|d
k�

|j	�d|	�}
|j	�d|	�}||||
|t|�
�}|j	�|�
d|
d�}|j��
|dk
�rtd�
�
|S)N�
r
�size_t *�unsigned char[]zEncryption/decryption failed.) r�
_RSAPublicKeyr!ZEVP_PKEY_encrypt_initZEVP_PKEY_encryptZEVP_PKEY_decrypt_initZEVP_PKEY_decrypt�EVP_PKEY_CTX_new�	_evp_pkey�_ffi�NULL�openssl_assert�gc�EVP_PKEY_CTX_free�EVP_PKEY_CTX_set_rsa_padding�
EVP_PKEY_sizerZCryptography_HAS_RSA_OAEP_MD�_evp_md_non_null_from_algorithmr#�
_algorithm�EVP_PKEY_CTX_set_rsa_mgf1_mdZEVP_PKEY_CTX_set_rsa_oaep_mdZ_label�lenZOPENSSL_mallocZmemmoveZ EVP_PKEY_CTX_set0_rsa_oaep_label�new�bufferZERR_clear_error�
ValueError)r)rr*r,r+ZinitZcrypt�pkey_ctx�resZbuf_size�mgf1_mdZoaep_mdZlabelptrZoutlen�bufZresbufrrrr(Gsn






�




�

��
�



���



�







r(cCs�t|t
�std
�
�
|j�|
j�
}|�|dk�

t|t�rB|jj}nZt|t	�r�t|j
t�sdtdt
j��
||jddkr~td�
�
|jj}ntd�|j�
t
j��
|S)Nz'Expected provider of AsymmetricPadding.r
r�zDDigest too large for key size. Use a larger key or different digest.r)rrr r!r:r3r6rr"rr#rrrr$Zdigest_sizerAZRSA_PKCS1_PSS_PADDINGr&r'r%)r)rr+�	algorithmZ	pkey_sizer,rrr�_rsa_sig_determine_padding�s(












�




�rHcCs
t|||
|�}|�
|�
}|j�|j|jj�}|�||jjk�

|j�||jj	�}||�
}	|�|	d
k�

|j�
||�}	|	dkr�|��
td�
|j�
tj��
|j�||�}	|�|	dk�

t|
t��
r|j�|t|
||��}	|�|	dk�

|�
|
jj�
}
|j�||
�}	|�|	dk�

|S)Nr.r
z4{} is not supported by this backend for RSA signing.)rHr;r!r2r3r4r5r6r7r8ZEVP_PKEY_CTX_set_signature_md�_consume_errorsrr&r'rZUNSUPPORTED_HASHr9rrZ EVP_PKEY_CTX_set_rsa_pss_saltlenrr#r<r=)r)r+rGrr*Z	init_funcr,Zevp_mdrBrCrDrrr�_rsa_sig_setup�s<













��




�
�
rJcCs�t||
||||j
j�}|j�d
�
}|j
�||jj||t|�
�}|�|dk�

|j�d|d�}|j
�||||t|�
�}|dkr�|�	�}	|�|	dj
|j
jk�

|	dj|j
j
kr�d}
n|�|	dj|j
jk�

d}
t|
�
�
|j�|�
dd�S)Nr/r.r0r
z@Salt length too long for key size. Try using MAX_LENGTH instead.z0Digest too large for key size. Use a larger key.)rJr!ZEVP_PKEY_sign_initr4r?Z
EVP_PKEY_signr5r>r6rI�libZERR_LIB_RSA�reasonZ!RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZEZ RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEYrAr@)r)r+rG�private_keyr*rBZbuflenrCrE�errorsrLrrr�
_rsa_sig_sign�sR


�





�


�


��

��
rOcCsXt||
||||j
j�}|j
�||t|�
|t|�
�}|�|d
k�

|d
krT|��
t�
dS)Nr
)rJr!ZEVP_PKEY_verify_initZEVP_PKEY_verifyr>r6rIr)r)r+rG�
public_key�	signaturer*rBrCrrr�_rsa_sig_verify�s&


�
�


rRc@s$eZ
dZd
d�Zdd�Zdd�ZdS)�_RSASignatureContextcCs<|
|_||_
t|
|||�
||_||_t�|j|j�|_dSr)�_backend�_private_keyrH�_paddingr<r�Hash�	_hash_ctx)�selfr)rMr+rGrrr�__init__
s




z_RSASignatureContext.__init__cCs|j�
|
�

dSr�rX�update�rYr*rrrr\
s
z_RSASignatureContext.updatec

Cst|j
|j|j|j|j���Sr)rOrTrVr<rUrX�finalize�
rYrrrr^
s





�z_RSASignatureContext.finalizeN)�__name__�
__module__�__qualname__rZr\r^rrrrrS�srSc@s$eZ
dZd
d�Zdd�Zdd�ZdS)�_RSAVerificationContextcCsF|
|_||_
||_||_t|
|||�
|}||_t�|j|j�|_dSr)	rT�_public_key�
_signaturerVrHr<rrWrX)rYr)rPrQr+rGrrrrZ
s





z _RSAVerificationContext.__init__cCs|j�
|
�

dSrr[r]rrrr\)
s
z_RSAVerificationContext.updatec

Cs"t|j
|j|j|j|j|j���Sr)rRrTrVr<rdrerXr^r_rrr�verify,
s






�z_RSAVerificationContext.verifyN)r`rarbrZr\rfrrrrrc
srcc@sNeZ
dZd
d�Ze�d�
Zdd�Zdd�Zdd	�Z	d
d�Z
dd
�Zdd�ZdS)�_RSAPrivateKeycCst|
|_||_
||_|jj�d
�
}|jj�|j
||jjj|jjj�
|j�|d|jjjk�

|jj�	|d�
|_
dS�N�	BIGNUM **r
�rT�
_rsa_cdatar3r4r?r!�RSA_get0_keyr5r6ZBN_num_bits�	_key_size�rYr)Z	rsa_cdata�evp_pkey�
nrrrrZ9
s





�
z_RSAPrivateKey.__init__rmcCst�
t
|�

t|j||
|�Sr)rr
rSrT)rYr+rGrrr�signerH
s


z_RSAPrivateKey.signercCs8tt
�|jd
�
�
}|t|
�
kr(td�
�
t|j||
|�S)Ng @z,Ciphertext length must be equal to key size.)�int�mathZceil�key_sizer>rAr-rT)rYZ
ciphertextr+Zkey_size_bytesrrr�decryptM
s


z_RSAPrivateKey.decryptc
Cs||jj
�|j�
}
|j�|
|jjjk�

|jj�|
|jj
j�}
|jj
�	|
|jjj�}|j�|d
k�

|j�
|
�
}t|j|
|�S)Nr.)rTr!ZRSAPublicKey_duprkr6r4r5r7ZRSA_freeZRSA_blinding_onZ_rsa_cdata_to_evp_pkeyr1)rYZctxrCrorrrrPT
s






z_RSAPrivateKey.public_keyc
	
Cs|jj
�d
�
}
|jj
�d
�
}|jj
�d
�
}|jj
�d
�
}|jj
�d
�
}|jj
�d
�
}|jj
�d
�
}|jj
�d
�
}|jj�|j|
||�
|j�|
d|jj
jk�

|j�|d|jj
jk�

|j�|d|jj
jk�

|jj�|j||�
|j�|d|jj
jk�

|j�|d|jj
jk�

|jj�	|j|||�
|j�|d|jj
jk�

|j�|d|jj
jk�

|j�|d|jj
jk�

t
j|j�|d�
|j�|d�
|j�|d�
|j�|d�
|j�|d�
|j�|d�
t
j
|j�|d�
|j�|
d�
d�d�S)Nrir
��
erp)�
p�
q�
d�dmp1�dmq1�iqmp�public_numbers)rTr4r?r!rlrkr6r5ZRSA_get0_factorsZRSA_get0_crt_paramsrZRSAPrivateNumbers�
_bn_to_int�RSAPublicNumbers)	rYrprwrzrxryr{r|r}rrr�private_numbers]
sH
















�











��z_RSAPrivateKey.private_numberscCs|j�
|
|||j|j�Sr)rTZ_private_key_bytesr3rk)rY�encodingr&Zencryption_algorithmrrr�
private_bytes�
s





�z_RSAPrivateKey.private_bytescCs$t|j
|
|�\}
}t|j
||||
�Sr)r	rTrO)rYr*r+rGrrr�sign�
s

�z_RSAPrivateKey.signN)
r`rarbrZr�read_only_propertyrtrqrurPr�r�r�rrrrrg7
s
	#	rgc@sFeZ
dZd
d�Ze�d�
Zdd�Zdd�Zdd	�Z	d
d�Z
dd
�ZdS)r1cCst|
|_||_
||_|jj�d
�
}|jj�|j
||jjj|jjj�
|j�|d|jjjk�

|jj�	|d�
|_
dSrhrjrnrrrrZ�
s





�
z_RSAPublicKey.__init__rmcCs,t�
t
�d
|
�
t|�

t|j||
||�S)NrQ)rr�_check_bytesr
rcrT)rYrQr+rGrrr�verifier�
s



�z_RSAPublicKey.verifiercCst|j
||
|�Sr)r-rT)rYZ	plaintextr+rrr�encrypt�
s
z_RSAPublicKey.encryptc
Cs�|jj
�d
�
}
|jj
�d
�
}|jj�|j|
||jj
j�
|j�|
d|jj
jk�

|j�|d|jj
jk�

tj	|j�
|d�
|j�
|
d�
d�S)Nrir
rv)rTr4r?r!rlrkr5r6rr�r)rYrprwrrrr~�
s



�



�z_RSAPublicKey.public_numberscCs|j�
|
|||j|j�Sr)rTZ_public_key_bytesr3rk)rYr�r&rrr�public_bytes�
s





�z_RSAPublicKey.public_bytescCs&t|j
||�\}}t|j
||||
|�Sr)r	rTrR)rYrQr*r+rGrrrrf�
s

�
�z_RSAPublicKey.verifyN)r`rarbrZrr�rtr�r�r~r�rfrrrrr1�
s
	
	r1),Z
__future__rrrrsZcryptographyrZcryptography.exceptionsrrrZ*cryptography.hazmat.backends.openssl.utilsr	r
rZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricr
rrZ1cryptography.hazmat.primitives.asymmetric.paddingrrrrrrZ-cryptography.hazmat.primitives.asymmetric.rsarrrr-r(rHrJrOrRZregister_interface�objectrSrcrgr1rrrr�<module>s.

 	!@ !%


X