Wwgv vddlZddlmZddlmZmZmZmZmZm Z m Z m Z ddl m Z mZddlmZddlmZddlmZddlmZGd d ej,ZGd d ej0ZGd dej4ZedGddZej:Gddej<ZGddZ GddZ!Gdde!ejDZ#e jHdZ%GddZ&ee jNe(ge!fZ)dee jHe)fd e jNd!e(d"ee!fd#Z*y)$N) dataclass)CallableDictIterableListOptionalSetTupleType)genericmisc)SerialisableCredential)PdfPermissions)DeveloperExtension) PdfReadErrorc eZdZy)PdfKeyNotAvailableErrorN)__name__ __module__ __qualname__R/var/www/horilla/myenv/lib/python3.12/site-packages/pyhanko/pdf_utils/crypt/api.pyrr srrceZdZdZdZdZdZy) AuthStatusz? Describes the status after an authentication attempt. rN)rrr__doc__FAILEDUSEROWNERrrrrrsF D ErrceZdZdZdZdZdZy) PdfMacStatusz' Status of PDF MAC validation. rrrN)rrrrNOT_APPLICABLE SUCCESSFULrrrrr#r#sNJ Frr#T)frozencleZdZUdZeed< dZeeed< e jZ e ed< dZ ee ed<y) AuthResultz< Describes the result of an authentication attempt. statusNpermission_flags mac_statusmac_failure_reason)rrrrr__annotations__r*rrr#r$r+r,strrrrr(r($sX 26h~.5 ,::J :)- ,rr(cleZdZdZdZdZdZdZdZdZ de jfd Z e d d Zd edefd Zy)SecurityHandlerVersionz Indicates the security handler's version. The enum constants are named more or less in accordance with the cryptographic algorithms they permit. rrNreturncp|j}|tjStj|SN)valuer NullObject NumberObject)selfvals r as_pdf_objectz$SecurityHandlerVersion.as_pdf_objectTs3jj$'KG    5<5I5I#5N rcX t|S#t$rtjcYSwxYwr6)r0 ValueErrorOTHER)clsr7s r from_numberz"SecurityHandlerVersion.from_numberZs- 0)%0 0 0)// / 0s )) key_lengthc|tjk(ry|tjk(ryd|cxkrdks*n|tjkrt j d|S)Nr2 z#Key length must be between 5 and 16)r0RC4_40AES256 RC4_OR_AES128r PdfError)r:rBs rcheck_key_lengthz'SecurityHandlerVersion.check_key_lengthasX )00 0 +22 2j&B&.<<<-- EF Fr)r4r0)rrrrrFRC4_LONGER_KEYSrHrGAES_GCMr?r PdfObjectr< classmethodrAintrJrrrr0r0@seFOM FG E w00 00 3 3 rr0ceZdZUdZiZeeedfed<iZ ee jdfed< d(de ddd e efd Zd Zed edfd Zede j&ddfdZedefdZde efdZedeefdZede j&fdZdefdZde j&fdZd)defdZ d*dZ!d)d*dZ"dZ#defdZ$defdZ%e&defdZ'ede j&d ede dfd!Z(ede j&de dfd"Z)ed#e jd$dfd%Z*de e+e,e,ffd&Z-de.e/fd'Z0y)+SecurityHandlera' Generic PDF security handler interface. This class contains relatively little actual functionality, except for some common initialisation logic and bookkeeping machinery to register security handler implementations. :param version: Indicates the version of the security handler to use, as described in the specification. See :class:`.SecurityHandlerVersion`. :param legacy_keylen: Key length in bytes (only relevant for legacy encryption handlers). :param crypt_filter_config: The crypt filter configuration for the security handler, in the form of a :class:`.CryptFilterConfiguration` object. .. note:: PyHanko implements legacy security handlers (which, according to the standard, aren't crypt filter-aware) using crypt filters as well, even though they aren't serialised to the output file. :param encrypt_metadata: Flag indicating whether document (XMP) metadata is to be encrypted. .. warning:: Currently, PyHanko does not manage metadata streams, so until that changes, it is the responsibility of the API user to mark metadata streams using the `/Identity` crypt filter as required. Nonetheless, the value of this flag is required in key derivation computations, so the security handler needs to know about it. :param kdf_salt: Optional salt value used when deriving additional key material from the main file encryption key. .. note:: This is currently only relevant for the ISO/TS 32004 (PDF MAC) extension. :param compat_entries: Write deprecated but technically unnecessary configuration settings for compatibility with certain implementations. '_SecurityHandler__registered_subclassesCryptFilterBuilder_known_crypt_filtersNversioncrypt_filter_configCryptFilterConfigurationkdf_saltc||_|j||j||_||_||_||_d|_||_yr6) rUset_security_handlerrJkeylenrVencrypt_metadata_compat_entries _credential _kdf_salt)r:rU legacy_keylenrVr\compat_entriesrXs r__init__zSecurityHandler.__init__sR 006..}= #6 0-=A!rc Vd|jvrt|j|_yy)NrT)__dict__dictrT)r@kwargss r__init_subclass__z!SecurityHandler.__init_subclass__s( " 5'+C,D,D'EC $ 6rr@cH|tj|j<|S)z Register a security handler class. Intended to be used as a decorator on subclasses. See :meth:`build` for further information. :param cls: A subclass of :class:`.SecurityHandler`. )rQrRget_namer@s rregisterzSecurityHandler.registers!CF// ? r encrypt_dictr4c |jdd} tj|}|j|S#t$r |dn&#t$rt j d|dwxYw t fdtjjD}n)#t$rt j d|ddwxYwYwxYw) a Instantiate an appropriate :class:`.SecurityHandler` from a PDF document's encryption dictionary. PyHanko will search the registry for a security handler with a name matching the ``/Filter`` entry. Failing that, a security handler implementing the protocol designated by the ``/SubFilter`` entry (see :meth:`support_generic_subfilters`) will be chosen. Once an appropriate :class:`.SecurityHandler` subclass has been selected, pyHanko will invoke the subclass's :meth:`instantiate_from_pdf_object` method with the original encryption dictionary as its argument. :param encrypt_dict: A PDF encryption dictionary. :return: z/Filterz /Standardz /SubFilterz#There is no security handler named zL, and the encryption dictionary does not contain a generic /SubFilter entry.c3FK|]}|jvr|ywr6)support_generic_subfilters).0h subfilters r z(SecurityHandler.build..s* A$@$@$BBs!zE, and none of the available handlers support the declared /SubFilter .) getrQrRKeyErrorr rnextvalues StopIterationinstantiate_from_pdf_object)rl handler_namer@rrs @rbuildzSecurityHandler.builds*$'' ;?  !99,GC4..|<<3  (6  ''9,H()  ,DDKKM ! ''9,H""+A/   s?9 C A C  #A,,C 00B! C !&CC  C ct)z Retrieves the name of this security handler. :return: The name of this security handler. NotImplementedErrorrjs rrizSecurityHandler.get_name "!rcPt|jtr |jSy)a  Extract a serialisable credential for later use, if the security handler supports it. It should allow the security handler to be unlocked with the same access level as the current one. :return: A serialisable credential, or ``None``. N) isinstancer^rr:s rextract_credentialz"SecurityHandler.extract_credentials& d&&(> ?## #rctS)aP Indicates the generic ``/SubFilter`` values that this security handler supports. :return: A set of generic protocols (indicated in the ``/SubFilter`` entry of an encryption dictionary) that this :class:`.SecurityHandler` class implements. Defaults to the empty set. )setrjs rroz*SecurityHandler.support_generic_subfilterss u rct)z Instantiate an object of this class using a PDF encryption dictionary as input. :param encrypt_dict: A PDF encryption dictionary. :return: r~)r@rls rrzz+SecurityHandler.instantiate_from_pdf_object#s "!rcD |jy#t$rYywxYw)a. Return ``True`` if the security handler has been successfully authenticated against for document encryption purposes. The default implementation just attempts to call :meth:`get_file_encryption_key` and returns ``True`` if that doesn't raise an error. TF)get_file_encryption_keyrrs ris_authenticatedz SecurityHandler.is_authenticated1s(   ( ( *&  s  ct)z Serialise this security handler to a PDF encryption dictionary. :return: A PDF encryption dictionary. r~rs rr<zSecurityHandler.as_pdf_object@ "!rct)a Authenticate a credential holder with this security handler. :param credential: A credential. The type of the credential is left up to the subclasses. :param id1: The first part of the document ID of the document being accessed. :return: An :class:`AuthResult` object indicating the level of access obtained. r~)r: credentialid1s r authenticatezSecurityHandler.authenticateIs "!r CryptFilterc6|jjS)z :return: The crypt filter responsible for decrypting strings for this security handler. )rVget_for_stringrs rget_string_filterz!SecurityHandler.get_string_filterXs ''6688rcX||jjS|j|S)a :param name: Optionally specify a crypt filter by name. :return: The default crypt filter responsible for decrypting streams for this security handler, or the crypt filter named ``name``, if not ``None``. )rVget_for_stream)r:names rget_stream_filterz!SecurityHandler.get_stream_filter`s/ <++::< <''--rc6|jjS)z :return: The crypt filter responsible for decrypting embedded files for this security handler. )rVget_for_embedded_filers rget_embedded_file_filterz(SecurityHandler.get_embedded_file_filterms ''==??rct)a Retrieve the global file encryption key (used for streams and/or strings). If there is no such thing, or the key is not available, an error should be raised. :raise PdfKeyNotAvailableError: when the key is not available r~rs rrz'SecurityHandler.get_file_encryption_keyurrc8|j}| td|S)z Get KDF salt value, or raise an error if there is none. .. note:: This is currently only relevant for the ISO/TS 32004 (PDF MAC) extension. :return: The KDF salt value. zNo KDF salt available)r_r)r:salts r get_kdf_saltzSecurityHandler.get_kdf_salts#~~ <67 7 rc|jduS)zg Boolean indicating whether this security handler has PDF MAC support enabled. N)r_rs rpdf_mac_enabledzSecurityHandler.pdf_mac_enableds ~~T))rcfdictacts_as_defaultc0t|j||S)aD Interpret a crypt filter dictionary for this type of security handler. :param cfdict: A crypt filter dictionary. :param acts_as_default: Indicates whether this filter is intended to be used in ``/StrF`` or ``/StmF``. :return: An appropriate :class:`.CryptFilter` object, or ``None`` if the crypt filter uses the ``/None`` method. :raise NotImplementedError: Raised when the crypt filter's ``/CFM`` entry indicates an unknown crypt filter method. )build_crypt_filterrT)r@rrs rread_cf_dictionaryz"SecurityHandler.read_cf_dictionarys&"  $ $fo  rc|jdt|jdt|jd} |dfd}t|}t ||S#t$rYywxYw)N/StmF/StrF/EFF/CFc3KjD]8\}}j||fv}|tjd||f:yw)Nz!Failed to load crypt filter with )itemsrr r)rrcfcf_config_dictr@stmfstrfs r_crypt_filtersz=SecurityHandler.process_crypt_filters.._crypt_filterss^ . 4 4 6  f++FDT4L4HI:++,OPPBh  sA A) crypt_filtersdefault_stream_filterdefault_string_filterdefault_file_filter)ruIDENTITYrvrerW)r@rleffrrrrrs` @@@rprocess_crypt_filtersz%SecurityHandler.process_crypt_filterss22vt, )%0N ^-. ''"&"& #     sA00 A<;A<methodfactoryc"||j|<yr6)rT)r@rrs rregister_crypt_filterz%SecurityHandler.register_crypt_filters,3  (rc|j}|tjk\ry|tjk\ry|tjk\ryy)N)rr)rr2)rr1)rUr0rGrHrK)r:vs rget_min_pdf_versionz#SecurityHandler.get_min_pdf_versionsD LL &-- - (66 6 (88 8rcg}|jrddlm}|j||jj D]&}|j }||j|(|S)Nr)ISO32004)rpdfmacrappendrVfiltersget_extensionsextend)r:extsrrcf_extss rrzSecurityHandler.get_extensionssd    ( KK !**224 %B'')G" G$ % r)TTNr6)r4r)1rrrrrRrr.r r-rTr NameObjectr0rbytesrbrg staticmethodrkDictionaryObjectr|rNrirrr rorzboolrr<r(rrrrrrpropertyrrrrr rOrrrrrrrrQrQns[(TCET#t,='>">?DKM$w113GGHM$("'"8 "5/"&F d,-  0=G440=9J0=0=d"""H-C$D& 3s8   ""33 " " $ "w77" "J "9 .@""e *** -- @D -   , "33 , -  63''32F33 XeCHo%> %7 8 rrQc*eZdZUdZdZeded<dZeeed<dZ dZ e de fd Z e dejfd Zdeeefd Ze defd Zdd edefdZddedefdZdej0fdZdefdZdefdZdZe defdZy)ra Generic abstract crypt filter class. The superclass only handles the binding with the security handler, and offers some default implementations for serialisation routines that may be overridden in subclasses. There is generally no requirement for crypt filters to be compatible with *any* security handler (the leaf classes in this module aren't), but the API supports mixin usage so code can be shared. NrQ_handler _shared_keyFc ||_d|_y)z Set the security handler to which this crypt filter is tied. Called by pyHanko during initialisation. N)rrr:handlers r_set_security_handlerz!CryptFilter._set_security_handlers   rr4ct)aS Indicate whether authentication previously failed for this crypt filter. Note that re-authenticating is not forbidden, this function mostly exists to make error reporting easier. Crypt filters are allowed to manage their own authentication, but may defer to the security handler as well. r~rs r _auth_failedzCryptFilter._auth_faileds "!rct)zj :return: The method name (``/CFM`` entry) associated with this crypt filter. r~rs rrzCryptFilter.methods "!rcy)zL Get applicable developer extensions for this crypt filter. Nrrs rrzCryptFilter.get_extensionssrct)zy :return: The keylength (in bytes) of the key associated with this crypt filter. r~rs rr[zCryptFilter.keylenrr plaintextct)aO Encrypt plaintext with the specified key. :param key: The current local key, which may or may not be equal to this crypt filter's global key. :param plaintext: Plaintext to encrypt. :param params: Optional parameters private to the crypt filter, specified as a PDF dictionary. These can only be used for explicit crypt filters; the parameters are then sourced from the corresponding entry in ``/DecodeParms``. :return: The resulting ciphertext. r~r:keyrparamss rencryptzCryptFilter.encrypt& ""!r ciphertextct)aQ Decrypt ciphertext with the specified key. :param key: The current local key, which may or may not be equal to this crypt filter's global key. :param ciphertext: Ciphertext to decrypt. :param params: Optional parameters private to the crypt filter, specified as a PDF dictionary. These can only be used for explicit crypt filters; the parameters are then sourced from the corresponding entry in ``/DecodeParms``. :return: The resulting plaintext. r~r:rrrs rdecryptzCryptFilter.decrypt9rrctjtjd|jrtjdntjdtjd|ji}|S)a Serialise this crypt filter to a PDF crypt filter dictionary. .. note:: Implementations are encouraged to use a cooperative inheritance model, where subclasses first call ``super().as_pdf_object()`` and add the keys they need before returning the result. This makes it easy to write crypt filter mixins that can provide functionality to multiple handlers. :return: A PDF crypt filter dictionary. z /AuthEventz/EFOpenz/DocOpen/CFM)r rr_embedded_onlyr)r:results rr<zCryptFilter.as_pdf_objectLsk))""<0**&&y1 ++J7""6*DKK    rct)a9 Compute the (global) file encryption key for this crypt filter. :return: The key, as a :class:`bytes` object. :raise misc.PdfError: Raised if the data needed to derive the key is not present (e.g. because the caller hasn't authenticated yet). r~rs rderive_shared_encryption_keyz(CryptFilter.derive_shared_encryption_keyhs "!rc|jS)aS Derive the encryption key for a specific object, based on the shared file encryption key. :param idnum: ID of the object being encrypted. :param generation: Generation number of the object being encrypted. :return: The local key to use for this object. ) shared_keyr:idnum generations rderive_object_keyzCryptFilter.derive_object_keytsrcd|_y)NT)rrs rset_embedded_onlyzCryptFilter.set_embedded_onlys "rc~|j}|.|jr td|jx}|_|S)z Return the shared file encryption key for this crypt filter, or attempt to compute it using :meth:`derive_shared_encryption_key` if not available. zAuthentication failed)rrrr)r:rs rrzCryptFilter.shared_keysD ;  -.EFF%)%F%F%H HC$" rr6)rrrrrrr-rrrrrrrr rrrrrrOr[rrrr<rrrrrrrrrs -1Hh()0#'K%'N  "d " ""**"".@)A B """"e"U"&"u"e"&w778 "e " e # E  rrceZdZdZej dZdZdZde fdZ de fdZ dZ d Z dd e de fd Zdd e de fdZy )IdentityCryptFiltera> Class implementing the trivial crypt filter. This is a singleton class, so all its instances are identical. Additionally, some of the :class:`.CryptFilter` API is nonfunctional. In particular, :meth:`as_pdf_object` always raises an error, since the ``/Identity`` filter cannot be serialised. /NonerFr4cy)z$Always returns an empty byte string.rrrs rrz0IdentityCryptFilter.derive_shared_encryption_keysrcy)z Always returns an empty byte string. :param idnum: Ignored. :param generation: Ignored. :return: rrrs rrz%IdentityCryptFilter.derive_object_keysrcy)zW No-op. :param handler: Ignored. :return: Nrrs rrz)IdentityCryptFilter._set_security_handlers rc,tjd)zk Not implemented for this crypt filter. :raise misc.PdfError: Always. z$Identity filter cannot be serialised)r rIrs rr<z!IdentityCryptFilter.as_pdf_objectsmmBCCrNrc|S)z Identity function. :param key: Ignored. :param plaintext: Returned as-is. :param params: Ignored. :return: The original plaintext. rrs rrzIdentityCryptFilter.encrypts rrc|S)z Identity function. :param key: Ignored. :param ciphertext: Returned as-is. :param params: Ignored. :return: The original ciphertext. rrs rrzIdentityCryptFilter.decrypts rr6)rrrrr rrr[rrrrrr<rrrrrrrsn W   (F FLe e D e U  u e rr) metaclass /IdentityceZdZdZeedfdeeeffdZdZ dZ de dfd Z dd Z d Zd Zd Zedej&fdZedej&fdZedej&fdZdZdZy)rWa Crypt filter store attached to a security handler. Instances of this class are not designed to be reusable. :param crypt_filters: A dictionary mapping names to their corresponding crypt filters. :param default_stream_filter: Name of the default crypt filter to use for streams. :param default_stream_filter: Name of the default crypt filter to use for strings. :param default_file_filter: Name of the default crypt filter to use for embedded files. .. note:: PyHanko currently is not aware of embedded files, so managing these is the API user's responsibility. Nrcdtffd }|_||_||_||_|||_|||_|xs|}|||_y)Nr4c4|tk(r tS|Sr6)rr)rrs r_selectz2CryptFilterConfiguration.__init__.._selects)8#$% #4( r)rr_default_string_filter_name_default_stream_filter_name_default_file_filter_name_default_stream_filter_default_string_filter_default_file_filter)r:rrrrrs ` rrbz!CryptFilterConfiguration.__init__sg [ ,+@(+@()<&&-.C&D#&-.C&D#1J5J$+,?$@!rcd|tjdk(r tS|j|SNr)r rrrr:items r __getitem__z$CryptFilterConfiguration.__getitem__s/ 7%%k2 2&( (""4((rcR|tjdk(xs||jvSr )r rrr s r __contains__z%CryptFilterConfiguration.__contains__s- G&&{3 3 +t*** rr4rc6|jjS)z2Enumerate all crypt filters in this configuration.)rrxrs rrz CryptFilterConfiguration.filterss""))++rcP|jD]}|j|y)z Set the security handler on all crypt filters in this configuration. :param handler: A :class:`.SecurityHandler` instance. N)rr)r:rrs rrZz-CryptFilterConfiguration.set_security_handler!s',,. .B  $ $W - .rc|jS)z Retrieve the default crypt filter to use with streams. :return: A :class:`.CryptFilter` instance. )rrs rrz'CryptFilterConfiguration.get_for_stream+***rc|jS)z Retrieve the default crypt filter to use with strings. :return: A :class:`.CryptFilter` instance. )r rs rrz'CryptFilterConfiguration.get_for_string4rrc|jS)z Retrieve the default crypt filter to use with embedded files. :return: A :class:`.CryptFilter` instance. )r rs rrz.CryptFilterConfiguration.get_for_embedded_file=s(((rc|jSzK The name of the default crypt filter to use with streams. )rrs rstream_filter_namez+CryptFilterConfiguration.stream_filter_nameF ///rc|jSr)rrs rstring_filter_namez+CryptFilterConfiguration.string_filter_nameMrrc|jS)zc Retrieve the name of the default crypt filter to use with embedded files. )rrs rembedded_file_filter_namez2CryptFilterConfiguration.embedded_file_filter_nameTs ---rc tj}|j|d<|j|d<|j|j|d<tj|j j Dcic]2\}}|tk7r$tj||j4c}}|d<|Scc}}w)z Serialise this crypt filter configuration to a dictionary object, including all its subordinate crypt filters (with the exception of the identity filter, if relevant). rrrr) r rrrrrrrrr<)r:rrr7s rr<z&CryptFilterConfiguration.as_pdf_object\s ))+::w::w  ) ) 5!;;F6N00#'"5"5";";"= C(?""3')<)<)>>  u   s:7B> cT|j}|j}|j}|||hS)aa Return the "standard" filters associated with this crypt filter configuration, i.e. those registered as the defaults for strings, streams and embedded files, respectively. These sometimes require special treatment (as per the specification). :return: A set with one, two or three elements. )rr r )r:rrrs rstandard_filtersz)CryptFilterConfiguration.standard_filtersps2****''dC  r)rrQ)rrrrrrr.rrbrrrrrZrrrrr rrrrr<r"rrrrWrWs,'& AC,-A.)  ,-0,.++)0G$6$600 0G$6$600 .7+=+=..(!rrWregrrr4c |d}|dk(ry ||}|||S#t$rYywxYw#t$rtd|zwxYw)a@ Interpret a crypt filter dictionary for a security handler. :param reg: A registry of named crypt filters. :param cfdict: A crypt filter dictionary. :param acts_as_default: Indicates whether this filter is intended to be used in ``/StrF`` or ``/StmF``. :return: An appropriate :class:`.CryptFilter` object, or ``None`` if the crypt filter uses the ``/None`` method. :raise NotImplementedError: Raised when the crypt filter's ``/CFM`` entry indicates an unknown crypt filter method. rNrzNo such crypt filter method: )rvr)r#rrcfmrs rrrsq.Vn g~Ic( 6? ++  I!"AC"GHHIs+ ((A)+enum dataclassesrtypingrrrrrr r r pyhanko.pdf_utilsr r pyhanko.pdf_utils.crypt.cred_serr#pyhanko.pdf_utils.crypt.permissionsrpyhanko.pdf_utils.extensionsrpyhanko.pdf_utils.miscrr OrderedEnumrEnumr#r(unique VersionEnumr0rQr SingletonrrrrWrrrSrrrrr3sM !MMM+C>;/ d// !!499 $6*T--* *Zwwt iiXM+M` 7  k *W!W!tw77> KL!, g  "44 5!,  $ $!,!,k !,r