o -׾gV3@s"ddlmZmZmZmZddlZddlZddlmZddl m Z m Z m Z mZmZmZmZmZmZddlmZddlmZddlmZmZdd lmZmZdd lmZdd l m!Z!eZ"e"d krdd l#m Z m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7nee"dkse"dkrdd l8m Z m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7n.dd l9m Z m$Z$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+m,Z,m-Z-m.Z.m/Z/m0Z0m1Z1m2Z2m3Z3m4Z4m5Z5m6Z6m7Z7gdZ:dddZ;dddZddZ?dS))unicode_literalsdivisionabsolute_importprint_functionN)backend) armor Certificate DHParametersEncryptedPrivateKeyInfoNull OrderedDict Pbkdf2SaltPrivateKeyInfo PublicKeyInfo)_unwrap_private_key_info)pretty_message) type_namestr_cls)pbkdf2pbkdf2_iteration_calculator)aes_cbc_pkcs7_encrypt) rand_bytesmac)r dsa_sign dsa_verify ecdsa_sign ecdsa_verify generate_pairgenerate_dh_parametersload_certificate load_pkcs12load_private_keyload_public_key PrivateKey PublicKeyrsa_pkcs1v15_signrsa_pkcs1v15_verify rsa_pss_signrsa_pss_verifyrsa_pkcs1v15_encryptrsa_pkcs1v15_decryptrsa_oaep_encryptrsa_oaep_decryptwin winlegacy)r rrdump_certificatedump_dh_parametersdump_openssl_private_keydump_private_keydump_public_keyrrrrr r!r"r#r$r%r-r,r+r*r&r'r(r)pemcCs\|tddgvrttdt|t|tsttdt||}|dkr,t d|}|S)a Serializes an asn1crypto.algos.DHParameters object into a byte string :param dh_parameters: An asn1crypto.algos.DHParameters object :param encoding: A unicode string of "pem" or "der" :return: A byte string of the encoded DH parameters r5derF encoding must be one of "pem", "der", not %s zp dh_parameters must be an instance of asn1crypto.algos.DHParameters, not %s z DH PARAMETERS) set ValueErrorrrepr isinstancer TypeErrorrdumpr) dh_parametersencodingoutputrA]/var/www/html/backend_erp/backend_erp_env/lib/python3.10/site-packages/oscrypto/asymmetric.pyr1s  r1cCt|tddgvrttdt|t|t}t|ts&|s&ttdt||r+|j }| }|dkr8t d|}|S)a# Serializes a public key object into a byte string :param public_key: An oscrypto.asymmetric.PublicKey or asn1crypto.keys.PublicKeyInfo object :param encoding: A unicode string of "pem" or "der" :return: A byte string of the encoded public key r5r6r7z public_key must be an instance of oscrypto.asymmetric.PublicKey or asn1crypto.keys.PublicKeyInfo, not %s z PUBLIC KEY) r8r9rr:r;r%rr<rasn1r=r) public_keyr? is_oscryptor@rArArBr4"  r4cCrC)a& Serializes a certificate object into a byte string :param certificate: An oscrypto.asymmetric.Certificate or asn1crypto.x509.Certificate object :param encoding: A unicode string of "pem" or "der" :return: A byte string of the encoded certificate r5r6r7z certificate must be an instance of oscrypto.asymmetric.Certificate or asn1crypto.x509.Certificate, not %s CERTIFICATE) r8r9rr:r;r Asn1Certificater<rrDr=r) certificater?rFr@rArArBr0rGr0cCsb|tddgvrttdt||dur-t|ts#ttdt||dkr-ttdt|t}t|t sB|sBttdt||rG|j }| }|durd }d }d }t |} t |||d d } | dkrgd} |d} t|| | | |} t| |d\} }tddtd| d| |tddd|| ddd|d }|dkr|durd}nd}t||}|S)aM Serializes a private key object into a byte string of the PKCS#8 format :param private_key: An oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo object :param passphrase: A unicode string of the passphrase to encrypt the private key with. A passphrase of None will result in no encryption. A blank string will result in a ValueError to help ensure that the lack of passphrase is intentional. :param encoding: A unicode string of "pem" or "der" :param target_ms: Use PBKDF2 with the number of iterations that takes about this many milliseconds on the current machine. :raises: ValueError - when a blank string is provided for the passphrase :return: A byte string of the encoded and encrypted public key r5r6r7NM passphrase must be a unicode string, not %s x passphrase may not be a blank string - pass None to disable encryption z private_key must be an instance of oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo, not %s aes256_cbc sha256T) target_msquieti'utf-8pbes2r specified)namevalue) algorithm parameters)saltiteration_countprf)key_derivation_funcencryption_scheme)encryption_algorithmencrypted_dataz PRIVATE KEYzENCRYPTED PRIVATE KEY)r8r9rr:r;rr<rr$rrDr=rrencoderrr rr r) private_key passphraser?rRrFr@cipher key_lengthkdf_hmackdf_salt iterationspassphrase_byteskeyiv ciphertext object_typerArArBr3s~    r3c Csl|durt|tsttdt||dkrttdt|t}t|ts1|s1ttdt||r6|j}t | }d}|durt d}t }d|d<d t |d |d <d}|d }t||d d}|t|kr|t|||d d7}|t|kss|d |}t|||\}}|jdkrd} n|jdkrd} n|jdkrd} t| ||dS)a  Serializes a private key object into a byte string of the PEM formats used by OpenSSL. The format chosen will depend on the type of private key - RSA, DSA or EC. Do not use this method unless you really must interact with a system that does not support PKCS#8 private keys. The encryption provided by PKCS#8 is far superior to the OpenSSL formats. This is due to the fact that the OpenSSL formats don't stretch the passphrase, making it very easy to brute-force. :param private_key: An oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo object :param passphrase: A unicode string of the passphrase to encrypt the private key with. A passphrase of None will result in no encryption. A blank string will result in a ValueError to help ensure that the lack of passphrase is intentional. :raises: ValueError - when a blank string is provided for the passphrase :return: A byte string of the encoded and encrypted public key NrLrMrNz private_key must be an instance of oscrypto.asymmetric.PrivateKey or asn1crypto.keys.PrivateKeyInfo, not %s z 4,ENCRYPTEDz Proc-TypezAES-128-CBC,%sasciizDEK-InforTreczEC PRIVATE KEYrsazRSA PRIVATE KEYdsazDSA PRIVATE KEY)headers)r;rr<rrr9r$rrDrr=rr binasciihexlifydecoderbhashlibmd5digestlenrrYr) rcrdrFr@rurlrfrjrkrnrArArBr2usP     "    r2)r5)r5rK)@ __future__rrrrryrvrMr_asn1rr rIr r r r rrr _asymmetricr_errorsr_typesrrkdfrr symmetricrutilr_backend_mac.asymmetricrrrrrrr r!r"r#r$r%r&r'r(r)r*r+r,r-_win.asymmetric_openssl.asymmetric__all__r1r4r0r3r2rArArArBs. ,   ^^\  % ) ) v