o
    -׾gV3                     @   s"  d dl mZmZmZmZ d dlZd dlZddlmZ ddl	m
Z
mZmZmZmZmZmZmZmZ ddlmZ ddlmZ ddlmZmZ dd	lmZmZ dd
lmZ ddl m!Z! e Z"e"dkrddl#mZm$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7 nee"dkse"dkrddl8mZm$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7 n.ddl9mZm$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7 g dZ:dddZ;dddZ<dddZ=dddZ>dd Z?dS )    )unicode_literalsdivisionabsolute_importprint_functionN   )backend)	armorCertificateDHParametersEncryptedPrivateKeyInfoNullOrderedDict
Pbkdf2SaltPrivateKeyInfoPublicKeyInfo)_unwrap_private_key_info)pretty_message)	type_namestr_cls)pbkdf2pbkdf2_iteration_calculator)aes_cbc_pkcs7_encrypt)
rand_bytesmac)r	   dsa_sign
dsa_verify
ecdsa_signecdsa_verifygenerate_pairgenerate_dh_parametersload_certificateload_pkcs12load_private_keyload_public_key
PrivateKey	PublicKeyrsa_pkcs1v15_signrsa_pkcs1v15_verifyrsa_pss_signrsa_pss_verifyrsa_pkcs1v15_encryptrsa_pkcs1v15_decryptrsa_oaep_encryptrsa_oaep_decryptwin	winlegacy)r	   r   r   dump_certificatedump_dh_parametersdump_openssl_private_keydump_private_keydump_public_keyr   r   r   r   r    r!   r"   r#   r$   r%   r-   r,   r+   r*   r&   r'   r(   r)   pemc                 C   s\   |t ddgvrttdt|t| tsttdt| |  }|dkr,t	d|}|S )a  
    Serializes an asn1crypto.algos.DHParameters object into a byte string

    :param dh_parameters:
        An asn1crypto.algos.DHParameters object

    :param encoding:
        A unicode string of "pem" or "der"

    :return:
        A byte string of the encoded DH parameters
    r5   derF
            encoding must be one of "pem", "der", not %s
            zp
            dh_parameters must be an instance of asn1crypto.algos.DHParameters,
            not %s
            zDH PARAMETERS)
set
ValueErrorr   repr
isinstancer
   	TypeErrorr   dumpr   )dh_parametersencodingoutput rA   ]/var/www/html/backend_erp/backend_erp_env/lib/python3.10/site-packages/oscrypto/asymmetric.pyr1      s   

r1   c                 C   t   |t ddgvrttdt|t| t}t| ts&|s&ttdt| |r+| j	} | 
 }|dkr8td|}|S )a#  
    Serializes a public key object into a byte string

    :param public_key:
        An oscrypto.asymmetric.PublicKey or asn1crypto.keys.PublicKeyInfo object

    :param encoding:
        A unicode string of "pem" or "der"

    :return:
        A byte string of the encoded public key
    r5   r6   r7   z
            public_key must be an instance of oscrypto.asymmetric.PublicKey or
            asn1crypto.keys.PublicKeyInfo, not %s
            z
PUBLIC KEY)r8   r9   r   r:   r;   r%   r   r<   r   asn1r=   r   )
public_keyr?   is_oscryptor@   rA   rA   rB   r4      "   

r4   c                 C   rC   )a&  
    Serializes a certificate object into a byte string

    :param certificate:
        An oscrypto.asymmetric.Certificate or asn1crypto.x509.Certificate object

    :param encoding:
        A unicode string of "pem" or "der"

    :return:
        A byte string of the encoded certificate
    r5   r6   r7   z
            certificate must be an instance of oscrypto.asymmetric.Certificate
            or asn1crypto.x509.Certificate, not %s
            CERTIFICATE)r8   r9   r   r:   r;   r	   Asn1Certificater<   r   rD   r=   r   )certificater?   rF   r@   rA   rA   rB   r0      rG   r0      c                 C   sb  |t ddgvrttdt||dur-t|ts#ttdt||dkr-ttdt| t}t| t	sB|sBttdt| |rG| j
} |  }|durd	}d
}d}t|}	t|||dd}
|
dk rgd}
|d}t|||	|
|}t||d\}}tddtd|	d|
|t ddd||ddd|d }|dkr|du rd}nd}t||}|S )aM  
    Serializes a private key object into a byte string of the PKCS#8 format

    :param private_key:
        An oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo
        object

    :param passphrase:
        A unicode string of the passphrase to encrypt the private key with.
        A passphrase of None will result in no encryption. A blank string will
        result in a ValueError to help ensure that the lack of passphrase is
        intentional.

    :param encoding:
        A unicode string of "pem" or "der"

    :param target_ms:
        Use PBKDF2 with the number of iterations that takes about this many
        milliseconds on the current machine.

    :raises:
        ValueError - when a blank string is provided for the passphrase

    :return:
        A byte string of the encoded and encrypted public key
    r5   r6   r7   NM
                passphrase must be a unicode string, not %s
                 x
                passphrase may not be a blank string - pass None to disable
                encryption
                z
            private_key must be an instance of oscrypto.asymmetric.PrivateKey
            or asn1crypto.keys.PrivateKeyInfo, not %s
            
aes256_cbc    sha256T)	target_msquieti'  utf-8pbes2r   	specified)namevalue)	algorithm
parameters)saltiteration_countprf)key_derivation_funcencryption_scheme)encryption_algorithmencrypted_datazPRIVATE KEYzENCRYPTED PRIVATE KEY)r8   r9   r   r:   r;   r   r<   r   r$   r   rD   r=   r   r   encoder   r   r   r   r   r   )private_key
passphraser?   rR   rF   r@   cipher
key_lengthkdf_hmackdf_salt
iterationspassphrase_byteskeyiv
ciphertextobject_typerA   rA   rB   r3      s~   



r3   c           
      C   sl  |durt |tsttdt||dkrttdt | t}t | ts1|s1ttdt| |r6| j} t	| 
 }d}|durtd}t }d|d< d	t|d
 |d< d}|d}t||dd   }|t|kr|t|| |dd   7 }|t|kss|d| }t|||\}}| jdkrd}	n| jdkrd}	n| jdkrd}	t|	||dS )a   
    Serializes a private key object into a byte string of the PEM formats used
    by OpenSSL. The format chosen will depend on the type of private key - RSA,
    DSA or EC.

    Do not use this method unless you really must interact with a system that
    does not support PKCS#8 private keys. The encryption provided by PKCS#8 is
    far superior to the OpenSSL formats. This is due to the fact that the
    OpenSSL formats don't stretch the passphrase, making it very easy to
    brute-force.

    :param private_key:
        An oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo
        object

    :param passphrase:
        A unicode string of the passphrase to encrypt the private key with.
        A passphrase of None will result in no encryption. A blank string will
        result in a ValueError to help ensure that the lack of passphrase is
        intentional.

    :raises:
        ValueError - when a blank string is provided for the passphrase

    :return:
        A byte string of the encoded and encrypted public key
    NrL   rM   rN   z
            private_key must be an instance of oscrypto.asymmetric.PrivateKey or
            asn1crypto.keys.PrivateKeyInfo, not %s
               z4,ENCRYPTEDz	Proc-TypezAES-128-CBC,%sasciizDEK-InforT   r      eczEC PRIVATE KEYrsazRSA PRIVATE KEYdsazDSA PRIVATE KEY)headers)r;   r   r<   r   r   r9   r$   r   rD   r   r=   r   r   binasciihexlifydecoderb   hashlibmd5digestlenr   rY   r   )
rc   rd   rF   r@   ru   rl   rf   rj   rk   rn   rA   rA   rB   r2   u  sP   


"


r2   )r5   )r5   rK   )@
__future__r   r   r   r   ry   rv   rM   r   _asn1r   r	   rI   r
   r   r   r   r   r   r   _asymmetricr   _errorsr   _typesr   r   kdfr   r   	symmetricr   utilr   _backend_mac.asymmetricr   r   r   r   r   r   r    r!   r"   r#   r$   r%   r&   r'   r(   r)   r*   r+   r,   r-   _win.asymmetric_openssl.asymmetric__all__r1   r4   r0   r3   r2   rA   rA   rA   rB   <module>   s.   ,^^\

%
)
)v