o cL@sddlZddlZddlmZddlmZGdddejZGdddejZGdd d ejZ Gd d d ejZ Gd d d ejZ Gdddej dZ Gddde ZGddde ZGdddeZGddde ZdS)N)utils) HashAlgorithmc@seZdZdZdZdS)PBESz%PBESv1 using SHA1 and 3-Key TripleDESz)PBESv2 using SHA256 PBKDF2 and AES256 CBCN)__name__ __module__ __qualname__PBESv1SHA1And3KeyTripleDESCBCPBESv2SHA256AndAES256CBCr r Z/opt/certbot/lib/python3.10/site-packages/cryptography/hazmat/primitives/_serialization.pyrsrc@$eZdZdZdZdZdZdZdZdS)EncodingPEMDEROpenSSHRawz ANSI X9.62zS/MIMEN) rrrrrrrX962SMIMEr r r r r r c@s*eZdZdZdZdZdZdZd dd Zd S) PrivateFormatPKCS8TraditionalOpenSSLrrPKCS12return!KeySerializationEncryptionBuildercCs |tjtjfvr tdt|S)NzUencryption_builder only supported with PrivateFormat.OpenSSH and PrivateFormat.PKCS12)rrr ValueErrorr)selfr r r encryption_builder$s z PrivateFormat.encryption_builderN)rr) rrrrrrrrrr r r r rsrc@r ) PublicFormatz&X.509 subjectPublicKeyInfo with PKCS#1z Raw PKCS#1rrzX9.62 Compressed PointzX9.62 Uncompressed PointN) rrrSubjectPublicKeyInfoPKCS1rrCompressedPointUncompressedPointr r r r r-rrc@seZdZdZdS)ParameterFormatPKCS3N)rrrr$r r r r r#6sr#c@ eZdZdS)KeySerializationEncryptionNrrrr r r r r&:r&) metaclassc@seZdZdefddZdS)BestAvailableEncryptionpasswordcCs(t|tr t|dkrtd||_dS)Nr!Password must be 1 or more bytes.) isinstancebyteslenrr+rr+r r r __init__?s z BestAvailableEncryption.__init__N)rrrr.r1r r r r r*>sr*c@r%) NoEncryptionNr'r r r r r2Fr(r2c @seZdZdddddedejedejedejeddf dd Z d eddfd d Z d eddfddZ d eddfddZ de defddZdS)rN _kdf_rounds _hmac_hash_key_cert_algorithmformatr4r5r6rcCs||_||_||_||_dSN)_formatr4r5r6)rr7r4r5r6r r r r1Ks z*KeySerializationEncryptionBuilder.__init__roundscCsJ|jdur tdt|tstd|dkrtdt|j||j|jdS)Nzkdf_rounds already setzkdf_rounds must be an integerz%kdf_rounds must be a positive integerr3) r4rr-int TypeErrorrr9r5r6)rr:r r r kdf_roundsYs  z,KeySerializationEncryptionBuilder.kdf_rounds algorithmcCs<|jtjur td|jdurtdt|j|j||jdS)Nz2hmac_hash only supported with PrivateFormat.PKCS12zhmac_hash already setr3) r9rrr=r5rrr4r6rr?r r r hmac_hashjs  z+KeySerializationEncryptionBuilder.hmac_hashcCs<|jtjur td|jdurtdt|j|j|j|dS)Nz;key_cert_algorithm only supported with PrivateFormat.PKCS12zkey_cert_algorithm already setr3) r9rrr=r6rrr4r5r@r r r key_cert_algorithm{s  z4KeySerializationEncryptionBuilder.key_cert_algorithmr+cCs8t|tr t|dkrtdt|j||j|j|jdS)Nrr,)r>rArB) r-r.r/r_KeySerializationEncryptionr9r4r5r6r0r r r buildsz'KeySerializationEncryptionBuilder.build)rrrrtypingOptionalr<rrr1r>rArBr.r&rDr r r r rJs6   rc @s<eZdZdededejedejedeje f ddZ dS) rCr7r+r>rArBcCs"||_||_||_||_||_dSr8)r9r+r4r5r6)rr7r+r>rArBr r r r1s   z$_KeySerializationEncryption.__init__N) rrrrr.rErFr<rrr1r r r r rCsrC)abcrE cryptographyr%cryptography.hazmat.primitives.hashesrEnumrr rrr#ABCMetar&r*r2objectrrCr r r r s    O