o czT@sddlZddlZddlmZmZmZddlmZddlm Z m Z ddl m Z ddlmZmZmZmZmZmZmZmZmZddlmZmZmZmZejrQddlmZd d d ed ej eefd e j!de"f ddZ#d d d ej dde$dede$f ddZ%d d d ej dde$de"dede$f ddZ&d d d ej ddedej'e j!de"f ddZ(d d dedej'e j!d ej ddej)ej*ge"ff ddZ+d d dede j!d d!de$de$f d"d#Z,d d dede j!d$d%d&e$de$ddfd'd(Z-d d dedej'e j!d$d%d&e$de$f d)d*Z.Gd+d!d!eZ/Gd,d%d%eZ0dS)-N)InvalidSignatureUnsupportedAlgorithm_Reasons)_calculate_digest_and_algorithm)hashes serialization)utils) MGF1OAEPPSSAsymmetricPaddingPKCS1v15_Auto _DigestLength _MaxLengthcalculate_max_pss_salt_length) RSAPrivateKeyRSAPrivateNumbers RSAPublicKeyRSAPublicNumbers)Backendbackendrpsskeyhash_algorithmreturncCsR|j}t|tr t||St|tr|jSt|tr't|tr#td|j j S|S)Nz6PSS salt length can only be set to AUTO when verifying) _salt_length isinstancerrr digest_sizerr ValueError_libRSA_PSS_SALTLEN_AUTO)rrrrsaltr#U/opt/certbot/lib/python3.10/site-packages/cryptography/hazmat/backends/openssl/rsa.py_get_rsa_pss_salt_length(s     r%)_RSAPrivateKey _RSAPublicKeydatapaddingcCst|ts tdt|tr|jj}n+t|tr4|jj}t|jt s(t dt j | |s3t dt jn t d|jt jt|||||S)Nz1Padding must be an instance of AsymmetricPadding.'Only MGF1 is supported by this backend.zPThis combination of padding and hash algorithm is not supported by this backend.${} is not supported by this backend.)rr TypeErrorr r RSA_PKCS1_PADDINGr RSA_PKCS1_OAEP_PADDING_mgfr rrUNSUPPORTED_MGFrsa_padding_supportedUNSUPPORTED_PADDINGformatname_enc_dec_rsa_pkey_ctx)rrr(r) padding_enumr#r#r$ _enc_dec_rsa>s,       r7r6cCst|tr|jj}|jj}n|jj}|jj}|j|j|j j }| ||j j k|j ||jj }||}| |dk|j||}| |dk|j|j} | | dkt|tr||jj} |j|| }| |dk||j} |j|| }| |dkt|tr|jdurt|jdkr|jt|j} | | |j j k|j | |jt|j|j|| t|j}| |dk|j d| } |j d| }|||| |t|}|j |d| d}|j|dkrtd|S)Nrsize_t *unsigned char[]zEncryption/decryption failed.)rr'r EVP_PKEY_encrypt_initEVP_PKEY_encryptEVP_PKEY_decrypt_initEVP_PKEY_decryptEVP_PKEY_CTX_new _evp_pkey_ffiNULLopenssl_assertgcEVP_PKEY_CTX_freeEVP_PKEY_CTX_set_rsa_padding EVP_PKEY_sizer _evp_md_non_null_from_algorithmr/ _algorithmEVP_PKEY_CTX_set_rsa_mgf1_mdEVP_PKEY_CTX_set_rsa_oaep_md_labellenOPENSSL_mallocmemmove EVP_PKEY_CTX_set0_rsa_oaep_labelnewbufferERR_clear_errorr)rrr(r6r)initcryptpkey_ctxresbuf_sizemgf1_mdoaep_mdlabelptroutlenbufresbufr#r#r$r5bsX       r5 algorithmcCst|ts td|j|j}||dkt|tr"|jj}|St|t rPt|j t s3t dt jt|tjs=td||jddkrJtd|jj}|St d|jt j)Nz'Expected provider of AsymmetricPadding.rr*z*Expected instance of hashes.HashAlgorithm.zDDigest too large for key size. Use a larger key or different digest.r+)rr r,r rGr@rCr r-r r/r rrr0r HashAlgorithmrrRSA_PKCS1_PSS_PADDINGr3r4r2)rrr)r_ pkey_sizer6r#r#r$_rsa_sig_determine_paddings2     rd)r'r& init_funcc CsLt||||}|j|j|jj}|||jjk|j||jj}||}|dkr4| }t d||durV| |} |j || }|dkrV| t d|jtj|j||}|dkro| t d|jtjt|trt|tjs|J|j|t||||}||dk| |jj} |j|| }||dk|S)Nr8z#Unable to sign/verify with this keyrz4{} is not supported by this backend for RSA signing.z4{} is not supported for the RSA signature operation.)rdr r?r@rArBrCrDrE_consume_errorsrrHEVP_PKEY_CTX_set_signature_mdrr3r4rUNSUPPORTED_HASHrFr2rr rra EVP_PKEY_CTX_set_rsa_pss_saltlenr%r/rIrJ) rr)r_rrer6rVrWerrorsevp_mdrYr#r#r$_rsa_sig_setupsR    rl private_keyr&c Cst|||||jj}|jd}|j||jj||t|}||dk|jd|d}|j||||t|}|dkrG| } t d| |j |ddS)Nr9r8r:rzuDigest or salt length too long for key size. Use a larger key or shorter salt length if you are specifying a PSS salt) rlr EVP_PKEY_sign_initrArQ EVP_PKEY_signrBrMrC_consume_errors_with_textrrR) rr)r_rmr(rVbuflenrWr]rjr#r#r$ _rsa_sig_sign s* rr public_keyr' signaturecCsVt|||||jj}|j||t||t|}||dk|dkr)|tdS)Nr)rlr EVP_PKEY_verify_initEVP_PKEY_verifyrMrCrfr)rr)r_rsrtr(rVrWr#r#r$_rsa_sig_verify*srwc Cst|||||jj}|j|j}||dk|jd|}|jd|}|j||||t |} |j |d|d} |j | dkrIt | S)Nrr:r9r8) rlr EVP_PKEY_verify_recover_initrGr@rCrArQEVP_PKEY_verify_recoverrMrRrSr) rr)r_rsrtrVmaxlenr]rqrWr^r#r#r$_rsa_sig_recoverEs&  r{c@seZdZUeed<eed<eed<dddefddZd"d d Zd"d dZ e d efddZ de de d e fddZd efddZd efddZdejdejdejd e fddZde de dejejejfd e fd d!Zd S)#r&r@ _rsa_cdata _key_sizerrunsafe_skip_rsa_key_validationc CsD|s`|j|}|dkr|}td||jd}|jd}|j|||||d|jjk||d|jjk|j |d} |j |d} | dksW| dkr`|}td|||_ ||_ ||_ d|_ t|_|j jd} |j j|j | |j jj|j jj|j | d|j jjk|j j| d|_dS)Nr8zInvalid private key BIGNUM **rF)r RSA_check_keyrprrArQRSA_get0_factorsrCrB BN_is_odd_backendr|r@_blinded threadingLock_blinding_lock RSA_get0_key BN_num_bitsr}) selfr rsa_cdataevp_pkeyr~rWrjpqp_oddq_oddnr#r#r$__init__ns:      z_RSAPrivateKey.__init__rNcCs>|js|j |WddS1swYdSdSN)rr_non_threadsafe_enable_blindingrr#r#r$_enable_blindings  "z_RSAPrivateKey._enable_blindingcCs<|js|jj|j|jjj}|j|dkd|_dSdS)Nr8T)rrr RSA_blinding_onr|rArBrC)rrWr#r#r$rs  z._RSAPrivateKey._non_threadsafe_enable_blindingcC|jSrr}rr#r#r$key_sizez_RSAPrivateKey.key_size ciphertextr)cCs:||jdd}|t|krtdt|j|||S)Nz,Ciphertext length must be equal to key size.)rrrMrr7r)rrr)key_size_bytesr#r#r$decrypts  z_RSAPrivateKey.decryptcCsV|jj|j}|j||jjjk|jj||jjj}|j |}t |j||Sr) rr RSAPublicKey_dupr|rCrArBrDRSA_free_rsa_cdata_to_evp_pkeyr')rctxrr#r#r$rss  z_RSAPrivateKey.public_keyc Cs|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jjd}|jj|j||||j|d|jjjk|j|d|jjjk|j|d|jjjk|jj|j|||j|d|jjjk|j|d|jjjk|jj |j||||j|d|jjjk|j|d|jjjk|j|d|jjjkt |j |d|j |d|j |d|j |d|j |d|j |dt |j |d|j |dddS)Nrrer)rrddmp1dmq1iqmppublic_numbers) rrArQr rr|rCrBrRSA_get0_crt_paramsr _bn_to_intr) rrrrrrrrrr#r#r$private_numberssB z_RSAPrivateKey.private_numbersencodingr3encryption_algorithmcCs|j|||||j|jSr)r_private_key_bytesr@r|)rrr3rr#r#r$ private_bytessz_RSAPrivateKey.private_bytesr(r_cCs(|t||\}}t|j||||Sr)rrrrr)rr(r)r_r#r#r$signsz_RSAPrivateKey.sign)rN)__name__ __module__ __qualname__object__annotations__intboolrrrpropertyrbytesr rrrsrrrEncoding PrivateFormatKeySerializationEncryptionrtypingUnion asym_utils Prehashedrrarr#r#r#r$r&isD  1  # c @seZdZUeed<eed<eed<dddZedefd d Zd e d e de fd dZ de fddZ dejdejde fddZde de d e dejejejfddf ddZde d e dejejde fddZdS)r'r@r|r}rrcCst||_||_||_|jjd}|jj|j||jjj|jjj|j|d|jjjk|jj |d|_ dS)Nrr) rr|r@rArQr rrBrCrr})rrrrrr#r#r$rsz_RSAPublicKey.__init__rcCrrrrr#r#r$rrz_RSAPublicKey.key_size plaintextr)cCst|j|||Sr)r7r)rrr)r#r#r$encryptsz_RSAPublicKey.encryptcCs|jjd}|jjd}|jj|j|||jjj|j|d|jjjk|j|d|jjjkt|j |d|j |ddS)Nrrr) rrArQr rr|rBrCrr)rrrr#r#r$rsz_RSAPublicKey.public_numbersrr3cCs|j||||j|jSr)r_public_key_bytesr@r|)rrr3r#r#r$ public_bytes*sz_RSAPublicKey.public_bytesrtr(r_NcCs&t||\}}t|j|||||dSr)rrwr)rrtr(r)r_r#r#r$verify3sz_RSAPublicKey.verifycCs&t|tjr tdt|j||||S)NzoPrehashed is only supported in the sign and verify methods. It cannot be used with recover_data_from_signature.)rrrr,r{r)rrtr)r_r#r#r$recover_data_from_signature?s  z)_RSAPublicKey.recover_data_from_signature)rr)rrrrrrrrrrr rrrrr PublicFormatrrrrrrrarOptionalrr#r#r#r$r'sH        )1rrcryptography.exceptionsrrr*cryptography.hazmat.backends.openssl.utilsrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricrr1cryptography.hazmat.primitives.asymmetric.paddingr r r r r rrrr-cryptography.hazmat.primitives.asymmetric.rsarrrr TYPE_CHECKING,cryptography.hazmat.backends.openssl.backendrrrarr%rr7r5rrdCallableAnyrlrrrwr{r&r'r#r#r#r$s  ,     $ C  0  5     $