Your IP : 18.226.187.232


Current Path : /opt/alt/python37/lib/python3.7/site-packages/jwt/__pycache__/
Upload File :
Current File : //opt/alt/python37/lib/python3.7/site-packages/jwt/__pycache__/algorithms.cpython-37.pyc

B

tJ�`�S�@s�ddlZddlZddlZddlmZddlmZmZmZm	Z	m
Z
mZmZy�ddl
Zddl
mZddlmZddlmZmZddlmZmZdd	lmZmZdd
lmZmZmZmZm Z m!Z!m"Z"m#Z#ddl$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+dZ,Wne-k
�rd
Z,YnXddddddddddddhZ.dd�Z/Gdd�d�Z0Gdd�de0�Z1Gd d!�d!e0�Z2e,�r�Gd"d#�d#e0�Z3Gd$d%�d%e0�Z4Gd&d'�d'e3�Z5Gd(d)�d)e0�Z6dS)*�N�)�InvalidKeyError)�base64url_decode�base64url_encode�der_to_raw_signature�force_bytes�from_base64url_uint�raw_to_der_signature�to_base64url_uint)�InvalidSignature)�hashes)�ec�padding)�EllipticCurvePrivateKey�EllipticCurvePublicKey)�Ed25519PrivateKey�Ed25519PublicKey)�
RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers�rsa_crt_dmp1�rsa_crt_dmq1�rsa_crt_iqmp�rsa_recover_prime_factors)�Encoding�NoEncryption�
PrivateFormat�PublicFormat�load_pem_private_key�load_pem_public_key�load_ssh_public_keyTF�RS256�RS384�RS512�ES256�ES256K�ES384�ES521�ES512�PS256�PS384�PS512�EdDSAcCs�t�ttj�ttj�ttj�d�}tr�|�ttj�ttj�ttj�ttj�ttj�ttj�ttj�ttj�t	t	j�t	t	j�t	t	j�t
�d��|S)zE
    Returns the algorithms that are implemented by the library.
    )ZnoneZHS256ZHS384ZHS512)r"r#r$r%r&r'r(r)r*r+r,r-)�
NoneAlgorithm�
HMACAlgorithm�SHA256�SHA384�SHA512�
has_crypto�update�RSAAlgorithm�ECAlgorithm�RSAPSSAlgorithm�Ed25519Algorithm)Zdefault_algorithms�r9�?/opt/alt/python37/lib/python3.7/site-packages/jwt/algorithms.py�get_default_algorithmsEs(r;c@s@eZdZdZdd�Zdd�Zdd�Zedd	��Zed
d��Z	dS)
�	AlgorithmzH
    The interface for an algorithm used to sign and verify tokens.
    cCst�dS)z�
        Performs necessary validation and conversions on the key and returns
        the key value in the proper format for sign() and verify().
        N)�NotImplementedError)�self�keyr9r9r:�prepare_keylszAlgorithm.prepare_keycCst�dS)zn
        Returns a digital signature for the specified message
        using the specified key value.
        N)r=)r>�msgr?r9r9r:�signsszAlgorithm.signcCst�dS)zz
        Verifies that the specified digital signature is valid
        for the specified message and key values.
        N)r=)r>rAr?�sigr9r9r:�verifyzszAlgorithm.verifycCst�dS)z7
        Serializes a given RSA key into a JWK
        N)r=)�key_objr9r9r:�to_jwk�szAlgorithm.to_jwkcCst�dS)zb
        Deserializes a given RSA key from JWK back into a PublicKey or PrivateKey object
        N)r=)�jwkr9r9r:�from_jwk�szAlgorithm.from_jwkN)
�__name__�
__module__�__qualname__�__doc__r@rBrD�staticmethodrFrHr9r9r9r:r<gsr<c@s(eZdZdZdd�Zdd�Zdd�ZdS)	r.zZ
    Placeholder for use when no signing or verification
    operations are required.
    cCs |dkrd}|dk	rtd��|S)N�z*When alg = "none", key value must be None.)r)r>r?r9r9r:r@�s
zNoneAlgorithm.prepare_keycCsdS)N�r9)r>rAr?r9r9r:rB�szNoneAlgorithm.signcCsdS)NFr9)r>rAr?rCr9r9r:rD�szNoneAlgorithm.verifyN)rIrJrKrLr@rBrDr9r9r9r:r.�s	r.c@sZeZdZdZejZejZej	Z
dd�Zdd�Ze
dd��Ze
dd	��Zd
d�Zdd
�ZdS)r/zf
    Performs signing and verification operations using HMAC
    and the specified hash function.
    cCs
||_dS)N)�hash_alg)r>rPr9r9r:�__init__�szHMACAlgorithm.__init__cs6t���ddddg}t�fdd�|D��r2td���S)Ns-----BEGIN PUBLIC KEY-----s-----BEGIN CERTIFICATE-----s-----BEGIN RSA PUBLIC KEY-----sssh-rsac3s|]}|�kVqdS)Nr9)�.0Zstring_value)r?r9r:�	<genexpr>�sz,HMACAlgorithm.prepare_key.<locals>.<genexpr>zdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)r�anyr)r>r?Zinvalid_stringsr9)r?r:r@�szHMACAlgorithm.prepare_keycCst�tt|����dd��S)N�oct)�k�kty)�json�dumpsrr�decode)rEr9r9r:rF�szHMACAlgorithm.to_jwkcCsny.t|t�rt�|�}nt|t�r(|}nt�Wntk
rJtd��YnX|�d�dkrbtd��t|d�S)NzKey is not valid JSONrWrUzNot an HMAC keyrV)	�
isinstance�strrX�loads�dict�
ValueErrorr�getr)rG�objr9r9r:rH�s

zHMACAlgorithm.from_jwkcCst�|||j���S)N)�hmac�newrP�digest)r>rAr?r9r9r:rB�szHMACAlgorithm.signcCst�||�||��S)N)rbZcompare_digestrB)r>rAr?rCr9r9r:rD�szHMACAlgorithm.verifyN)rIrJrKrL�hashlib�sha256r0�sha384r1�sha512r2rQr@rMrFrHrBrDr9r9r9r:r/�s	r/c@sZeZdZdZejZejZejZdd�Zdd�Z	e
dd��Ze
dd	��Zd
d�Z
dd
�ZdS)r5z~
        Performs signing and verification operations using
        RSASSA-PKCS-v1_5 and the specified hash function.
        cCs
||_dS)N)rP)r>rPr9r9r:rQ�szRSAAlgorithm.__init__cCs~t|t�st|t�r|St|ttf�rrt|�}y$|�d�rDt|�}nt|dd�}Wqzt	k
rnt
|�}YqzXntd��|S)Nsssh-rsa)�passwordzExpecting a PEM-formatted key.)r[rr�bytesr\r�
startswithr!rr_r �	TypeError)r>r?r9r9r:r@�s

zRSAAlgorithm.prepare_keycCs�d}t|dd�r�|��}ddgt|jj���t|jj���t|j���t|j���t|j	���t|j
���t|j���t|j���d�
}nBt|dd�r�|��}ddgt|j���t|j���d�}nt
d��t�|�S)N�private_numbers�RSArB)
rW�key_ops�n�e�d�p�q�dp�dq�qirD)rWrorprqzNot a public or private key)�getattrrmr
�public_numbersrprZrqrrrsrt�dmp1�dmq1�iqmprrXrY)rEra�numbersr9r9r:rFs*zRSAAlgorithm.to_jwkc		s�y.t|t�rt�|��nt|t�r(|�nt�Wntk
rJtd��YnX��d�dkrbtd��d�k�r�d�k�r�d�k�r�d�kr�td	��d
ddd
dg}�fdd�|D�}t|�}|r�t	|�s�td��t
t�d�t�d��}|�r4tt�d�t�d
�t�d�t�d�t�d
�t�d�|d�}nHt�d�}t
|j||j�\}}t|||t||�t||�t||�|d�}|��Sd�k�r�d�k�r�t
t�d�t�d��}|��Std��dS)NzKey is not valid JSONrWrnzNot an RSA keyrrrqrpZothz5Unsupported RSA private key: > 2 primes not supportedrsrtrurvrwcsg|]}|�k�qSr9r9)rRZprop)rar9r:�
<listcomp>Csz)RSAAlgorithm.from_jwk.<locals>.<listcomp>z@RSA key must include all parameters if any are present besides d)rrrsrtrzr{r|ryzNot a public or private key)r[r\rXr]r^r_rr`rT�allrrrrrprqrrr�private_key�
public_key)	rGZother_propsZprops_foundZany_props_foundryr}rrrsrtr9)rar:rH,sd










zRSAAlgorithm.from_jwkcCs|�|t��|���S)N)rBr�PKCS1v15rP)r>rAr?r9r9r:rBvszRSAAlgorithm.signcCs6y|�||t��|���dStk
r0dSXdS)NTF)rDrr�rPr)r>rAr?rCr9r9r:rDys
zRSAAlgorithm.verifyN)rIrJrKrLrr0r1r2rQr@rMrFrHrBrDr9r9r9r:r5�s$Jr5c@sNeZdZdZejZejZejZdd�Zdd�Z	dd�Z
dd	�Zed
d��Z
dS)
r6zr
        Performs signing and verification operations using
        ECDSA and the specified hash function
        cCs
||_dS)N)rP)r>rPr9r9r:rQ�szECAlgorithm.__init__cCs~t|t�st|t�r|St|ttf�rrt|�}y |�d�rDt|�}nt|�}Wqzt	k
rnt
|dd�}YqzXntd��|S)Nsecdsa-sha2-)rizExpecting a PEM-formatted key.)r[rrrjr\rrkr!r r_rrl)r>r?r9r9r:r@�s

zECAlgorithm.prepare_keycCs"|�|t�|����}t||j�S)N)rBr
�ECDSArPr�curve)r>rAr?�der_sigr9r9r:rB�szECAlgorithm.signcCsnyt||j�}Wntk
r$dSXy.t|t�r:|��}|�||t�|�	���dSt
k
rhdSXdS)NFT)r	r�r_r[rr�rDr
r�rPr)r>rAr?rCr�r9r9r:rD�s
zECAlgorithm.verifycCs0y.t|t�rt�|�}nt|t�r(|}nt�Wntk
rJtd��YnX|�d�dkrbtd��d|ksrd|krztd��t|�d��}t|�d��}|�d�}|dkr�t	|�t	|�kr�d	kr�nn
t
��}ntd
��n�|dk�rt	|�t	|�k�rdk�rnn
t
��}ntd
��n�|dk�r`t	|�t	|�k�rHdk�rVnn
t
�
�}ntd��nP|dk�r�t	|�t	|�k�r�d	k�r�nn
t
��}ntd��ntd|����t
jtj|dd�tj|dd�|d�}d|k�r�|��St|�d��}t	|�t	|�k�rtdt	|�|��t
�tj|dd�|���S)NzKey is not valid JSONrWZECzNot an Elliptic curve key�x�y�crvzP-256� z)Coords should be 32 bytes for curve P-256zP-384�0z)Coords should be 48 bytes for curve P-384zP-521�Bz)Coords should be 66 bytes for curve P-521Z	secp256k1z-Coords should be 32 bytes for curve secp256k1zInvalid curve: �big)�	byteorder)r�r�r�rrz!D should be {} bytes for curve {})r[r\rXr]r^r_rr`r�lenr
Z	SECP256R1Z	SECP384R1Z	SECP521R1Z	SECP256K1ZEllipticCurvePublicNumbers�int�
from_bytesr�ZEllipticCurvePrivateNumbersr�)rGrar�r�r�Z	curve_objryrrr9r9r:rH�sZ


 


$


$


$

zECAlgorithm.from_jwkN)rIrJrKrLrr0r1r2rQr@rBrDrMrHr9r9r9r:r6�sr6c@s eZdZdZdd�Zdd�ZdS)r7zA
        Performs a signature using RSASSA-PSS with MGF1
        cCs*|�|tjt�|���|jjd�|���S)N)�mgf�salt_length)rBr�PSS�MGF1rP�digest_size)r>rAr?r9r9r:rBs
zRSAPSSAlgorithm.signc	CsJy0|�||tjt�|���|jjd�|���dStk
rDdSXdS)N)r�r�TF)rDrr�r�rPr�r)r>rAr?rCr9r9r:rD
s

zRSAPSSAlgorithm.verifyN)rIrJrKrLrBrDr9r9r9r:r7�s
r7c@sHeZdZdZdd�Zdd�Zdd�Zdd	�Zed
d��Z	edd
��Z
dS)r8z�
        Performs signing and verification operations using Ed25519

        This class requires ``cryptography>=2.6`` to be installed.
        cKsdS)Nr9)r>�kwargsr9r9r:rQ szEd25519Algorithm.__init__cCs�t|ttf�r|St|ttf�rzt|t�r4|�d�}|�d�}d|krNt|�Sd|krbt|dd�S|dd�dkrzt	|�St
d��dS)	Nzutf-8z-----BEGIN PUBLICz-----BEGIN PRIVATE)rir�zssh-z)Expecting a PEM-formatted or OpenSSH key.)r[rrrjr\�encoderZr rr!rl)r>r?Zstr_keyr9r9r:r@#s


zEd25519Algorithm.prepare_keycCs$t|�tk	rt|d�n|}|�|�S)a
            Sign a message ``msg`` using the Ed25519 private key ``key``
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey key: A :class:`.Ed25519PrivateKey` instance
            :return bytes signature: The signature, as bytes
            zutf-8)�typerjrB)r>rAr?r9r9r:rB6szEd25519Algorithm.signcCstyVt|�tk	rt|d�n|}t|�tk	r2t|d�n|}t|t�rH|��}|�||�dStjjk
rndSXdS)a�
            Verify a given ``msg`` against a signature ``sig`` using the Ed25519 key ``key``

            :param str|bytes sig: Ed25519 signature to check ``msg`` against
            :param str|bytes msg: Message to sign
            :param Ed25519PrivateKey|Ed25519PublicKey key: A private or public Ed25519 key instance
            :return bool verified: True if signature is valid, False if not.
            zutf-8TFN)	r�rjr[rr�rD�cryptography�
exceptionsr)r>rAr?rCr9r9r:rD@s	
zEd25519Algorithm.verifycCs�t|t�r:|jtjtjd�}t�tt	|���
�ddd��St|t�r�|jtjt
jt�d�}|��jtjtjd�}t�tt	|���
�tt	|���
�ddd��Std��dS)N)�encoding�format�OKP�Ed25519)r�rWr�)r�r�Zencryption_algorithm)r�rrrWr�zNot a public or private key)r[rZpublic_bytesrZRawrrXrYrrrZrZ
private_bytesrrr�r)r?r�rrr9r9r:rFTs,






zEd25519Algorithm.to_jwkc
Cs�y.t|t�rt�|�}nt|t�r(|}nt�Wntk
rJtd��YnX|�d�dkrbtd��|�d�}|dkr�td|����d|kr�td	��t|�d��}y*d
|kr�t	�
|�St|�d
��}t�|�Stk
r�}ztd�|�Wdd}~XYnXdS)NzKey is not valid JSONrWr�zNot an Octet Key Pairr�r�zInvalid curve: r�zOKP should have "x" parameterrrzInvalid key parameter)
r[r\rXr]r^r_rr`rrZfrom_public_bytesrZfrom_private_bytes)rGrar�r�rr�errr9r9r:rH{s.




zEd25519Algorithm.from_jwkN)rIrJrKrLrQr@rBrDrMrFrHr9r9r9r:r8s
'r8)7rerbrXr�r�utilsrrrrrr	r
Zcryptography.exceptionsr�rZcryptography.hazmat.primitivesrZ)cryptography.hazmat.primitives.asymmetricr
rZ,cryptography.hazmat.primitives.asymmetric.ecrrZ1cryptography.hazmat.primitives.asymmetric.ed25519rrZ-cryptography.hazmat.primitives.asymmetric.rsarrrrrrrrZ,cryptography.hazmat.primitives.serializationrrrrrr r!r3�ModuleNotFoundErrorZrequires_cryptographyr;r<r.r/r5r6r7r8r9r9r9r:�<module>sL$
(
$

")@{

?>