CasperSecurity

Current Path : /lib/python3/dist-packages/jwt/__pycache__/
Current File : //lib/python3/dist-packages/jwt/__pycache__/algorithms.cpython-310.pyc
o

�l�iV�@s�ddlZddlZddlZddlmZddlmZmZmZm	Z	m
Z
mZmZm
Z
mZzZddlZddlmZddlmZddlmZmZddlmZmZdd	lmZmZdd
lmZmZddl m!Z!m"Z"m#Z#m$Z$m%Z%m&Z&m'Z'm(Z(ddl)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0d
Z1Wne2y�dZ1Ynwhd�Z3dd�Z4Gdd�d�Z5Gdd�de5�Z6Gdd�de5�Z7e1r�Gdd�de5�Z8Gdd�de5�Z9Gdd�de8�Z:Gdd�de5�Z;dSdS) �N���InvalidKeyError)	�base64url_decode�base64url_encode�der_to_raw_signature�force_bytes�from_base64url_uint�
is_pem_format�
is_ssh_key�raw_to_der_signature�to_base64url_uint)�InvalidSignature)�hashes)�ec�padding)�EllipticCurvePrivateKey�EllipticCurvePublicKey)�Ed448PrivateKey�Ed448PublicKey)�Ed25519PrivateKey�Ed25519PublicKey)�
RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers�rsa_crt_dmp1�rsa_crt_dmq1�rsa_crt_iqmp�rsa_recover_prime_factors)�Encoding�NoEncryption�
PrivateFormat�PublicFormat�load_pem_private_key�load_pem_public_key�load_ssh_public_keyTF>�ES256�ES384�ES512�ES521�EdDSA�PS256�PS384�PS512�RS256�RS384�RS512�ES256KcCs�t�ttj�ttj�ttj�d�}trG|�ttj�ttj�ttj�ttj�ttj�ttj�ttj�ttj�t	t	j�t	t	j�t	t	j�t
�d��|S)zE
    Returns the algorithms that are implemented by the library.
    )�none�HS256�HS384�HS512)r/r0r1r'r2r(r*r)r,r-r.r+)�
NoneAlgorithm�
HMACAlgorithm�SHA256�SHA384�SHA512�
has_crypto�update�RSAAlgorithm�ECAlgorithm�RSAPSSAlgorithm�OKPAlgorithm)�default_algorithms�rC�0/usr/lib/python3/dist-packages/jwt/algorithms.py�get_default_algorithmsKs0����rEc@s@eZdZdZdd�Zdd�Zdd�Zedd	��Zed
d��Z	dS)
�	AlgorithmzH
    The interface for an algorithm used to sign and verify tokens.
    cC�t�)z�
        Performs necessary validation and conversions on the key and returns
        the key value in the proper format for sign() and verify().
        ��NotImplementedError��self�keyrCrCrD�prepare_keyr�zAlgorithm.prepare_keycCrG)zn
        Returns a digital signature for the specified message
        using the specified key value.
        rH�rK�msgrLrCrCrD�signyrNzAlgorithm.signcCrG)zz
        Verifies that the specified digital signature is valid
        for the specified message and key values.
        rH�rKrPrL�sigrCrCrD�verify�rNzAlgorithm.verifycCrG)z7
        Serializes a given RSA key into a JWK
        rH��key_objrCrCrD�to_jwk�rNzAlgorithm.to_jwkcCrG)zb
        Deserializes a given RSA key from JWK back into a PublicKey or PrivateKey object
        rH)�jwkrCrCrD�from_jwk�rNzAlgorithm.from_jwkN)
�__name__�
__module__�__qualname__�__doc__rMrQrT�staticmethodrWrYrCrCrCrDrFms
rFc@s(eZdZdZdd�Zdd�Zdd�ZdS)	r7zZ
    Placeholder for use when no signing or verification
    operations are required.
    cCs |dkrd}|durtd��|S)N�z*When alg = "none", key value must be None.rrJrCrCrDrM�s
zNoneAlgorithm.prepare_keycC�dS)N�rCrOrCrCrDrQ��zNoneAlgorithm.signcCr`)NFrCrRrCrCrDrT�rbzNoneAlgorithm.verifyN)rZr[r\r]rMrQrTrCrCrCrDr7�s
	r7c@sZeZdZdZejZejZej	Z
dd�Zdd�Ze
dd��Ze
dd	��Zd
d�Zdd
�ZdS)r8zf
    Performs signing and verification operations using HMAC
    and the specified hash function.
    cC�
||_dS�N��hash_alg�rKrfrCrCrD�__init__��
zHMACAlgorithm.__init__cCs$t|�}t|�st|�rtd��|S)NzdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)rr
rrrJrCrCrDrM�s�zHMACAlgorithm.prepare_keycCst�tt|����dd��S)N�oct)�k�kty)�json�dumpsrr�decoderUrCrCrDrW�s
��zHMACAlgorithm.to_jwkcCshzt|t�rt�|�}n
t|t�r|}nt�Wnty"td��w|�d�dkr.td��t|d�S)N�Key is not valid JSONrlrjzNot an HMAC keyrk)	�
isinstance�strrm�loads�dict�
ValueErrorr�getr)rX�objrCrCrDrY�s

��zHMACAlgorithm.from_jwkcCst�|||j���Srd)�hmac�newrf�digestrOrCrCrDrQ��zHMACAlgorithm.signcCst�||�||��Srd)rx�compare_digestrQrRrCrCrDrT�r{zHMACAlgorithm.verifyN)rZr[r\r]�hashlib�sha256r9�sha384r:�sha512r;rhrMr^rWrYrQrTrCrCrCrDr8�s

r8c@sZeZdZdZejZejZejZdd�Zdd�Z	e
dd��Ze
dd	��Zd
d�Z
dd
�ZdS)r>z~
        Performs signing and verification operations using
        RSASSA-PKCS-v1_5 and the specified hash function.
        cCrcrdrergrCrCrDrh�rizRSAAlgorithm.__init__cCsxt|ttf�r	|St|ttf�std��t|�}z|�d�r%t|�}W|St	|dd�}W|St
y;t|�}Y|Sw)N�Expecting a PEM-formatted key.sssh-rsa��password)rqrr�bytesrr�	TypeErrorr�
startswithr&r$rur%rJrCrCrDrM�s

��
�zRSAAlgorithm.prepare_keycCs�d}t|dd�rE|��}ddgt|jj���t|jj���t|j���t|j���t|j	���t|j
���t|j���t|j���d�
}n!t|dd�rb|��}ddgt|j���t|j���d�}nt
d��t�|�S)N�private_numbers�RSArQ)
rl�key_ops�n�e�d�p�q�dp�dq�qirT)rlr�r�r��Not a public or private key)�getattrr�r
�public_numbersr�ror�r�r�r��dmp1�dmq1�iqmprrmrn)rVrw�numbersrCrCrDrWs.�
�
zRSAAlgorithm.to_jwkc		s�zt|t�rt�|��n
t|t�r|�nt�Wnty"td��w��d�dkr.td��d�vr�d�vr�d�vr�d�vrBtd	��gd
�}�fdd�|D�}t|�}|r]t	|�s]td
��t
t�d�t�d��}|r�tt�d�t�d�t�d�t�d�t�d�t�d�|d�}|��St�d�}t
|j||j�\}}t|||t||�t||�t||�|d�}|��Sd�vr�d�vr�t
t�d�t�d��}|��Std��)Nrprlr�zNot an RSA keyr�r�r��othz5Unsupported RSA private key: > 2 primes not supported)r�r�r�r�r�csg|]}|�v�qSrCrC)�.0�prop�rwrCrD�
<listcomp>Asz)RSAAlgorithm.from_jwk.<locals>.<listcomp>z@RSA key must include all parameters if any are present besides dr�r�r�r�r�)r�r�r�r�r�r�r�r�)rqrrrmrsrtrurrv�any�allrr	rrr�r�rrr�private_key�
public_key)	rX�other_props�props_found�any_props_foundr�r�r�r�r�rCr�rDrY*sx

����

�





��
��


�zRSAAlgorithm.from_jwkcCs|�|t��|���Srd)rQr�PKCS1v15rfrOrCrCrDrQtszRSAAlgorithm.signcCs4z|�||t��|���WdStyYdSw)NTF)rTrr�rfrrRrCrCrDrTws�zRSAAlgorithm.verifyN)rZr[r\r]rr9r:r;rhrMr^rWrYrQrTrCrCrCrDr>�s
#
Ir>c@sNeZdZdZejZejZejZdd�Zdd�Z	dd�Z
dd	�Zed
d��Z
dS)
r?zr
        Performs signing and verification operations using
        ECDSA and the specified hash function
        cCrcrdrergrCrCrDrh�rizECAlgorithm.__init__cCsxt|ttf�r	|St|ttf�std��t|�}z|�d�r%t|�}W|St	|�}W|St
y;t|dd�}Y|Sw)Nr�secdsa-sha2-r�)rqrrr�rrr�rr�r&r%rur$rJrCrCrDrM�s


���zECAlgorithm.prepare_keycCs"|�|t�|����}t||j�Srd)rQr�ECDSArfr�curve)rKrPrL�der_sigrCrCrDrQ�szECAlgorithm.signcCslzt||j�}Wn
tyYdSwzt|t�r|��}|�||t�|�	���WdSt
y5YdSw)NFT)rr�rurqrr�rTrr�rfr)rKrPrLrSr�rCrCrDrT�s�
�zECAlgorithm.verifycCs&zt|t�rt�|�}n
t|t�r|}nt�Wnty"td��w|�d�dkr.td��d|vs6d|vr:td��t|�d��}t|�d��}|�d�}|dkrmt	|�t	|�kr_d	krintd
��t
��}nktd
��|dkr�t	|�t	|�krdkr�ntd
��t
��}nKtd
��|dkr�t	|�t	|�kr�dkr�ntd��t
�
�}n+td��|dkr�t	|�t	|�kr�d	kr�ntd��t
��}ntd��td|����t
jtj|dd�tj|dd�|d�}d|vr�|��St|�d��}t	|�t	|�k�rtdt	|�|��t
�tj|dd�|���S)Nrprl�ECzNot an Elliptic curve key�x�y�crvzP-256� z)Coords should be 32 bytes for curve P-256zP-384�0z)Coords should be 48 bytes for curve P-384zP-521�Bz)Coords should be 66 bytes for curve P-521�	secp256k1z-Coords should be 32 bytes for curve secp256k1�Invalid curve: �big)�	byteorder)r�r�r�r�z!D should be {} bytes for curve {})rqrrrmrsrtrurrvr�lenr�	SECP256R1�	SECP384R1�	SECP521R1�	SECP256K1�EllipticCurvePublicNumbers�int�
from_bytesr��EllipticCurvePrivateNumbersr�)rXrwr�r�r��	curve_objr�r�rCrCrDrY�sv

��

�
�
��
���
���zECAlgorithm.from_jwkN)rZr[r\r]rr9r:r;rhrMrQrTr^rYrCrCrCrDr?~sr?c@s eZdZdZdd�Zdd�ZdS)r@zA
        Performs a signature using RSASSA-PSS with MGF1
        cCs*|�|tjt�|���|jjd�|���S)N��mgf�salt_length)rQr�PSS�MGF1rf�digest_sizerOrCrCrDrQ�s��zRSAPSSAlgorithm.signc	CsHz|�||tjt�|���|jjd�|���WdSty#YdSw)Nr�TF)rTrr�r�rfr�rrRrCrCrDrTs��	�zRSAPSSAlgorithm.verifyN)rZr[r\r]rQrTrCrCrCrDr@�s
r@c@sHeZdZdZdd�Zdd�Zdd�Zdd	�Zed
d��Z	edd
��Z
dS)rAz�
        Performs signing and verification operations using EdDSA

        This class requires ``cryptography>=2.6`` to be installed.
        cKsdSrdrC)rK�kwargsrCrCrDrhrbzOKPAlgorithm.__init__cCs�t|ttf�r6t|t�r|�d�}|�d�}d|vrt|�}nd|vr*t|dd�}n|dd�dkr6t|�}t|tt	t
tf�sCtd��|S)	N�utf-8z-----BEGIN PUBLICz-----BEGIN PRIVATEr�r�zssh-zcExpecting a EllipticCurvePrivateKey/EllipticCurvePublicKey. Wrong key provided for EdDSA algorithms)
rqr�rr�encoderor%r$r&rrrrr)rKrL�str_keyrCrCrDrMs$




��zOKPAlgorithm.prepare_keycCs$t|�turt|d�n|}|�|�S)aR
            Sign a message ``msg`` using the EdDSA private key ``key``
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey}Ed448PrivateKey key: A :class:`.Ed25519PrivateKey`
                or :class:`.Ed448PrivateKey` iinstance
            :return bytes signature: The signature, as bytes
            r�)�typer�rQrOrCrCrDrQ6s
zOKPAlgorithm.signcCsvz.t|�turt|d�n|}t|�turt|d�n|}t|ttf�r&|��}|�||�WdStjj	y:YdSw)a�
            Verify a given ``msg`` against a signature ``sig`` using the EdDSA key ``key``

            :param str|bytes sig: EdDSA signature to check ``msg`` against
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey|Ed25519PublicKey|Ed448PrivateKey|Ed448PublicKey key:
                A private or public EdDSA key instance
            :return bool verified: True if signature is valid, False if not.
            r�TF)
r�r�rqrrr�rT�cryptography�
exceptionsrrRrCrCrDrTAs
�zOKPAlgorithm.verifycCs�t|ttf�r(|jtjtjd�}t|t�rdnd}t�t	t
|����d|d��St|tt
f�rd|jtjtjt�d�}|��jtjtjd�}t|t�rLdnd}t�t	t
|����t	t
|����d|d��Std��)	N)�encoding�format�Ed25519�Ed448�OKP)r�rlr�)r�r��encryption_algorithm)r�r�rlr�r�)rqrr�public_bytesr �Rawr#rmrnrrrorr�
private_bytesr"r!r�r)rLr�r�r�rCrCrDrWVs>�������	zOKPAlgorithm.to_jwkc
Cszt|t�rt�|�}n
t|t�r|}nt�Wnty"td��w|�d�dkr.td��|�d�}|dkrB|dkrBtd|����d	|vrJtd
��t|�d	��}z+d|vrf|dkr`t	�
|�WSt�
|�WSt|�d��}|dkrwt�
|�WSt�
|�WSty�}ztd�|�d}~ww)
Nrprlr�zNot an Octet Key Pairr�r�r�r�r�zOKP should have "x" parameterr�zInvalid key parameter)rqrrrmrsrtrurrvrr�from_public_bytesrr�from_private_bytesr)rXrwr�r�r��errrCrCrDrY~s>

��

��zOKPAlgorithm.from_jwkN)rZr[r\r]rhrMrQrTr^rWrYrCrCrCrDrAs
'rA)<r}rxrmr�r�utilsrrrrr	r
rrr
�cryptography.exceptionsr�r�cryptography.hazmat.primitivesr�)cryptography.hazmat.primitives.asymmetricrr�,cryptography.hazmat.primitives.asymmetric.ecrr�/cryptography.hazmat.primitives.asymmetric.ed448rr�1cryptography.hazmat.primitives.asymmetric.ed25519rr�-cryptography.hazmat.primitives.asymmetric.rsarrrrrrrr�,cryptography.hazmat.primitives.serializationr r!r"r#r$r%r&r<�ModuleNotFoundError�requires_cryptographyrErFr7r8r>r?r@rArCrCrCrD�<module>sB,($

�")9x���
CasperSecurity

Telegram @BIBIL_0DAY
