o cQ@sdZddlZddlZddlmZddlmZmZmZddl Z ddl m Z ddl mZmZddlmZmZmZddlmZmZdd lmZdd lmZmZmZeeZGd d d ej Z!Gd dde!eZ"Gddde"Z#GdddZ$Gddde$e"Z%Gddde$e"Z&Gddde"Z'e"(e#dej)Z*e"(e#dej+Z,e"(e#dej-Z.e"(e%dej)Z/e"(e%dej+Z0e"(e%dej-Z1e"(e&dej)Z2e"(e&d ej+Z3e"(e&d!ej-Z4e"(e'd"ej)Z5e"(e'd#ej+Z6e"(e'd$ej-Z7dS)%zZJSON Web Algorithms. https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40 N)Hashable)AnyCallableDict)default_backend)hasheshmac)ecpaddingrsa)decode_dss_signatureencode_dss_signature) HashAlgorithm)errors interfacesjwkc@seZdZdZdS)JWAzJSON Web Algorithm.N)__name__ __module__ __qualname____doc__rr7/opt/certbot/lib/python3.10/site-packages/josepy/jwa.pyrsrc @seZdZUdZiZeedfed<eed<deddfddZ d ede fd d Z de fd d Z edddZdefddZededdfddZejdededefddZejdededede fddZdefddZdS) JWASignaturez-Base class for JSON Web Signature Algorithms. SIGNATURESktynamereturnNcCs ||_dSNr)selfrrrr__init__%s zJWASignature.__init__othercCst|tstS|j|jkSr) isinstancerNotImplementedr)r r"rrr__eq__(s  zJWASignature.__eq__cCst|j|jfSr)hash __class__rr rrr__hash__-szJWASignature.__hash__ signature_clscCs||j|j<|S)z(Register class for JSON deserialization.)rr)clsr*rrrregister0s zJWASignature.registercC|jSrrr(rrrto_partial_json6zJWASignature.to_partial_jsonjobjcCs |j|Sr)r)r+r0rrr from_json9s zJWASignature.from_jsonkeymsgcCt)Sign the ``msg`` using ``key``.NotImplementedError)r r2r3rrrsign=zJWASignature.signsigcCr4)z-Verify the ``msg`` and ``sig`` using ``key``.r6)r r2r3r:rrrverifyBr9zJWASignature.verifycCr-rrr(rrr__repr__Gr/zJWASignature.__repr__)r*rrr)rrrrrrstr__annotations__rr!boolr%intr) classmethodr,r.r1abcabstractmethodbytesr8r;r<rrrrr s"  rcsdeZdZejZdedegefffdd Z de de de fdd Z de de d e de fd d Z ZS) _JWAHSrhash_ct|||_dSrsuperr!r&r rrFr'rrr!N  z_JWAHS.__init__r2r3rcCs&tj||jtd}|||S)Nbackend)rHMACr&rupdatefinalize)r r2r3signerrrrr8Rs z _JWAHS.signr:c Cshtj||jtd}||z||WdStjjy3}zt j |ddWYd}~dSd}~ww)NrMTexc_infoF) rrOr&rrPr; cryptography exceptionsInvalidSignatureloggerdebug)r r2r3r:verifiererrorrrrr;Ws  z _JWAHS.verify)rrrrJWKOctrr=rrr!rDr8r?r; __classcell__rrrKrrEKs "rEc@s`eZdZUejZeZee d<eZ e e d<de j dedefddZde jdededefd d Zd S) _JWARSAr r&r2r3rc Csxz |||j|jWSty"}z tj|ddtdd}~wty;}ztj|ddtt |d}~ww)r5TrS%Public key cannot be used for signingN) r8r r&AttributeErrorrXrYrError ValueErrorr=r r2r3r[rrrr8hs z _JWARSA.signr:c CsTz ||||j|jWdStjjy)}ztj|ddWYd}~dSd}~ww),Verify the ``msg` and ``sig`` using ``key``.TrSNF)r;r r&rUrVrWrXrY)r r2r3r:r[rrrr;ssz_JWARSA.verifyN)rrrrJWKRSArr$r rr>r&rr RSAPrivateKeyrDr8 RSAPublicKeyr?r;rrrrr^cs    r^c2eZdZdedegefddffdd ZZS)_JWARSrrFrNcs"t|t|_||_dSr)rIr!r PKCS1v15r&rJrKrrr!s   z_JWARS.__init__rrrr=rrr!r]rrrKrri~*ricrh)_JWAPSrrFrNcs4t|tjt|tjjd|_||_dS)N)mgf salt_length)rIr!r PSSMGF1 MAX_LENGTHr&rJrKrrr!s   z_JWAPS.__init__rkrrrKrrmrlrmcseZdZejZdedegefffdd Z de j de de fdd Z de j de de fd d Zde jde d e defd dZde jde de defddZZS)_JWAECrrFcrGrrHrJrKrrr!rLz_JWAEC.__init__r2r3rcCsB|||}t|\}}tj|j}|j|dd|j|ddS)r5big)length byteorder)_signr rJWKECexpected_length_for_curvecurveto_bytes)r r2r3r:drdsrurrrr8s    z _JWAEC.signc Cszz ||t|jWSty#}z tj|ddtdd}~wt y<}ztj|ddtt |d}~ww)NTrSr_) r8r ECDSAr&r`rXrYrrarbr=rcrrrrws z _JWAEC._signr:cCs^tj|j}t|d|krdSttj|d|ddtj||ddd}||||S)rdFrrt)rvN) rrxryrzlenr r@ from_bytes_verify)r r2r3r:rlenasn1sigrrrr;sz _JWAEC.verifyrc CsVz|||t|jWdStjjy*}ztj|ddWYd}~dSd}~ww)NTrSF) r;r r~r&rUrVrWrXrY)r r2r3rr[rrrrsz_JWAEC._verify)rrrrrxrr=rrr!r EllipticCurvePrivateKeyrDr8rwEllipticCurvePublicKeyr?r;rr]rrrKrrss $ rsHS256HS384HS512RS256RS384RS512PS256PS384PS512ES256ES384ES512)8rrBloggingcollections.abcrtypingrrrcryptography.exceptionsrUcryptography.hazmat.backendsrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricr r r /cryptography.hazmat.primitives.asymmetric.utilsr r %cryptography.hazmat.primitives.hashesrjosepyrrr getLoggerrrXJSONDeSerializablerrrEr^rirmrsr,SHA256rSHA384rSHA512rrrrrrrrrrrrrrs@    + 0