BwgV3&ddlmZmZmZmZddlZddlZddlmZddl m Z m Z m Z mZmZmZmZmZmZddlmZddlmZddlmZmZdd lmZmZdd lmZdd l m!Z!eZ"e"d k(r/dd l#m Z m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7nge"dk(se"dk(r/dd l8m Z m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7n.dd l9m Z m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7gdZ:ddZ;ddZdZ?y))unicode_literalsdivisionabsolute_importprint_functionN)backend) armor Certificate DHParametersEncryptedPrivateKeyInfoNull OrderedDict Pbkdf2SaltPrivateKeyInfo PublicKeyInfo)_unwrap_private_key_info)pretty_message) type_namestr_cls)pbkdf2pbkdf2_iteration_calculator)aes_cbc_pkcs7_encrypt) rand_bytesmac)r dsa_sign dsa_verify ecdsa_sign ecdsa_verify generate_pairgenerate_dh_parametersload_certificate load_pkcs12load_private_keyload_public_key PrivateKey PublicKeyrsa_pkcs1v15_signrsa_pkcs1v15_verify rsa_pss_signrsa_pss_verifyrsa_pkcs1v15_encryptrsa_pkcs1v15_decryptrsa_oaep_encryptrsa_oaep_decryptwin winlegacy)r rrdump_certificatedump_dh_parametersdump_openssl_private_keydump_private_keydump_public_keyrrrr r!r"r#r$r%r&r.r-r,r+r'r(r)r*c|tddgvrttdt|t |t st tdt||j}|dk(r td|}|S)a Serializes an asn1crypto.algos.DHParameters object into a byte string :param dh_parameters: An asn1crypto.algos.DHParameters object :param encoding: A unicode string of "pem" or "der" :return: A byte string of the encoded DH parameters pemderF encoding must be one of "pem", "der", not %s zp dh_parameters must be an instance of asn1crypto.algos.DHParameters, not %s z DH PARAMETERS) set ValueErrorrrepr isinstancer TypeErrorrdumpr ) dh_parametersencodingoutputs J/var/www/horilla/myenv/lib/python3.12/site-packages/oscrypto/asymmetric.pyr2r2ssE5>**  N     m\ 2  m $       !F5/ Mc>|tddgvrttdt|t |t }t |t s |sttdt||r |j}|j}|dk(r td|}|S)a# Serializes a public key object into a byte string :param public_key: An oscrypto.asymmetric.PublicKey or asn1crypto.keys.PublicKeyInfo object :param encoding: A unicode string of "pem" or "der" :return: A byte string of the encoded public key r7r8r9z public_key must be an instance of oscrypto.asymmetric.PublicKey or asn1crypto.keys.PublicKeyInfo, not %s z PUBLIC KEY) r:r;rr<r=r&rr>rasn1r?r ) public_keyrA is_oscryptorBs rCr5r5ssE5>**  N    Z3K j- 0  j !    __ __ F5|V, MrDc>|tddgvrttdt|t |t }t |t s |sttdt||r |j}|j}|dk(r td|}|S)a& Serializes a certificate object into a byte string :param certificate: An oscrypto.asymmetric.Certificate or asn1crypto.x509.Certificate object :param encoding: A unicode string of "pem" or "der" :return: A byte string of the encoded certificate r7r8r9z certificate must be an instance of oscrypto.asymmetric.Certificate or asn1crypto.x509.Certificate, not %s CERTIFICATE) r:r;rr<r=r Asn1Certificater>rrFr?r ) certificaterArHrBs rCr1r1ssE5>**  N    [+6K k? 3K  k "    !&&    F5}f- MrDc |tddgvrttdt||Gt |t st tdt||dk(rttdt |t}t |ts |st tdt||r |j}|j}|d }d }d }t|} t|||d } | dkrd} |jd} t|| | | |} t!| |d\} }t#ddt%d| | |t'ddd|| ddd|dj}|dk(r|d}nd}t)||}|S)aM Serializes a private key object into a byte string of the PKCS#8 format :param private_key: An oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo object :param passphrase: A unicode string of the passphrase to encrypt the private key with. A passphrase of None will result in no encryption. A blank string will result in a ValueError to help ensure that the lack of passphrase is intentional. :param encoding: A unicode string of "pem" or "der" :param target_ms: Use PBKDF2 with the number of iterations that takes about this many milliseconds on the current machine. :raises: ValueError - when a blank string is provided for the passphrase :return: A byte string of the encoded and encrypted public key r7r8r9NM passphrase must be a unicode string, not %s x passphrase may not be a blank string - pass None to disable encryption z private_key must be an instance of oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo, not %s aes256_cbc sha256T) target_msquieti'utf-8pbes2r specified)namevalue) algorithm parameters)saltiteration_countprf)key_derivation_funcencryption_scheme)encryption_algorithmencrypted_dataz PRIVATE KEYzENCRYPTED PRIVATE KEY)r:r;rr<r=rr>rr%rrFr?rrencoderrr rr r ) private_key passphraserArTrHrBcipher key_lengthkdf_hmackdf_salt iterationspassphrase_byteskeyiv ciphertext object_types rCr4r4s8sE5>**  N    *g.N*%    ^ [*5K k> 2;  k "    !&&    F j)0:QZbfg  J%,,W5X/:zR.sFDAJ($&.$.%0&.%0:-5.2f$ ' ,&,&(*%.)1*  2 463 65  'K1K{F+ MrDc|Gt|tsttdt ||dk(rt tdt|t }t|ts |sttdt ||r |j}t|j}d}|td}t}d|d<d tj|jd z|d <d}|j!d }t#j$||d dzj'}|t)|kDr>|t#j$||z|d dzj'z }|t)|kDr>|d |}t+|||\}}|j,dk(rd} n#|j,dk(rd} n|j,dk(rd} t/ ||S)a  Serializes a private key object into a byte string of the PEM formats used by OpenSSL. The format chosen will depend on the type of private key - RSA, DSA or EC. Do not use this method unless you really must interact with a system that does not support PKCS#8 private keys. The encryption provided by PKCS#8 is far superior to the OpenSSL formats. This is due to the fact that the OpenSSL formats don't stretch the passphrase, making it very easy to brute-force. :param private_key: An oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo object :param passphrase: A unicode string of the passphrase to encrypt the private key with. A passphrase of None will result in no encryption. A blank string will result in a ValueError to help ensure that the lack of passphrase is intentional. :raises: ValueError - when a blank string is provided for the passphrase :return: A byte string of the encoded and encrypted public key NrNrOrPz private_key must be an instance of oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo, not %s z 4,ENCRYPTEDz Proc-TypezAES-128-CBC,%sasciizDEK-InforVreczEC PRIVATE KEYrsazRSA PRIVATE KEYdsazDSA PRIVATE KEY)headers)r=rr>rrr;r%rrFrr?rrbinasciihexlifydecoderdhashlibmd5digestlenrr[r ) rerfrHrBrxrnrhrlrmrps rCr3r3us:*g.N*%    ^ [*5K k> 2;  k "    !&& %k 2 7 7 9FG ^-, .1A1A"1E1L1LW1UU  %,,W5kk*R!W45<<>3s8# 7;;s%551Q?@GGI IC3s8#!J*3; F$&   % ''   % '' fg 66rD)r7)r7)@ __future__rrrrr|ryrOr_asn1r r rKr r r rrrr _asymmetricr_errorsr_typesrrkdfrr symmetricrutilr_backend_mac.asymmetricrrrrrr r!r"r#r$r%r&r'r(r)r*r+r,r-r._win.asymmetric_openssl.asymmetric__all__r2r5r1r4r3rDrCrsRR   2#&4, 9 u0(k122 <"J&R&RslU7rD