o h4@s|ddlZddlZddlZddlmZmZddlmZddlm Z m Z m Z m Z m Z mZmZmZzDddlmZddlmZmZmZddlmZmZmZmZmZmZmZmZdd l m!Z!m"Z"dd l#m$Z$m%Z%dd l&m'Z'dd l(m)Z)d Z*Wn e+y}dZ*Ynwe,gdZ-ddZ.Gddde/Z0Gddde0Z1Gddde0Z2e*rGddde0Z3Gddde0Z4Gddde3Z5dSdS)N)constant_time_compare string_typesInvalidKeyError)base64url_decodebase64url_encodeder_to_raw_signature force_bytes force_unicodefrom_base64url_uintraw_to_der_signatureto_base64url_uint)hashes)load_pem_private_keyload_pem_public_keyload_ssh_public_key) RSAPrivateKey RSAPublicKeyRSAPrivateNumbersRSAPublicNumbersrsa_recover_prime_factors rsa_crt_dmp1 rsa_crt_dmq1 rsa_crt_iqmp)EllipticCurvePrivateKeyEllipticCurvePublicKey)ecpadding)default_backend)InvalidSignatureTF ZRS256ZRS384ZRS512ZES256ZES384ZES521ZES512ZPS256ZPS384ZPS512c Cstttjttjttjd}trA|ttjttjttjttjttjttjttjt t jt t jt t jd |S)zE Returns the algorithms that are implemented by the library. )noneZHS256ZHS384ZHS512r!) NoneAlgorithm HMACAlgorithmSHA256SHA384SHA512 has_cryptoupdate RSAAlgorithm ECAlgorithmRSAPSSAlgorithm)Zdefault_algorithmsr-V/var/www/html/magazine_api/magazine_env/lib/python3.10/site-packages/jwt/algorithms.pyget_default_algorithms&s& r/c@s@eZdZdZddZddZddZedd Zed d Z d S) AlgorithmzH The interface for an algorithm used to sign and verify tokens. cCt)z Performs necessary validation and conversions on the key and returns the key value in the proper format for sign() and verify(). NotImplementedErrorselfkeyr-r-r. prepare_keyFzAlgorithm.prepare_keycCr1)zn Returns a digital signature for the specified message using the specified key value. r2r5msgr6r-r-r.signMr8zAlgorithm.signcCr1)zz Verifies that the specified digital signature is valid for the specified message and key values. r2r5r:r6sigr-r-r.verifyTr8zAlgorithm.verifycCr1)z7 Serializes a given RSA key into a JWK r2key_objr-r-r.to_jwk[r8zAlgorithm.to_jwkcCr1)zb Deserializes a given RSA key from JWK back into a PublicKey or PrivateKey object r2)jwkr-r-r.from_jwkbr8zAlgorithm.from_jwkN) __name__ __module__ __qualname____doc__r7r;r> staticmethodrArCr-r-r-r.r0Bs r0c@s(eZdZdZddZddZddZdS) r#zZ Placeholder for use when no signing or verification operations are required. cCs |dkrd}|durtd|S)Nz*When alg = "none", key value must be None.rr4r-r-r.r7os zNoneAlgorithm.prepare_keycCdS)Nr-r9r-r-r.r;xzNoneAlgorithm.signcCrJ)NFr-r<r-r-r.r>{rLzNoneAlgorithm.verifyN)rDrErFrGr7r;r>r-r-r-r.r#js  r#c@sZeZdZdZejZejZej Z ddZ ddZ e ddZe dd Zd d Zd d ZdS)r$zf Performs signing and verification operations using HMAC and the specified hash function. cC ||_dSNhash_algr5rPr-r-r.__init__ zHMACAlgorithm.__init__cs2tgd}tfdd|DrtdS)N)s-----BEGIN PUBLIC KEY-----s-----BEGIN CERTIFICATE-----s-----BEGIN RSA PUBLIC KEY-----ssh-rsacg|]}|vqSr-r-).0Z string_valuer6r-r. z-HMACAlgorithm.prepare_key..zdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)r anyr)r5r6Zinvalid_stringsr-rWr.r7szHMACAlgorithm.prepare_keycCstttt|ddS)Noct)kkty)jsondumpsr rr r?r-r-r.rAszHMACAlgorithm.to_jwkcCs,t|}|ddkrtdt|dS)Nr]r[zNot an HMAC keyr\)r^loadsgetrr)rBobjr-r-r.rCs  zHMACAlgorithm.from_jwkcCst|||jSrN)hmacnewrPdigestr9r-r-r.r;szHMACAlgorithm.signcCst||||SrN)rr;r<r-r-r.r>szHMACAlgorithm.verifyN)rDrErFrGhashlibsha256r%sha384r&sha512r'rRr7rHrArCr;r>r-r-r-r.r$s   r$c@sZeZdZdZejZejZejZddZddZ e ddZ e dd Z d d Z d d ZdS)r*z~ Performs signing and verification operations using RSASSA-PKCS-v1_5 and the specified hash function. cCrMrNrOrQr-r-r.rRrSzRSAAlgorithm.__init__cCst|ts t|tr |St|trBt|}z|dr#t|td}n t|dtd}W|SW|St yAt |td}Y|Swt d)NrTbackendpasswordrkExpecting a PEM-formatted key.) isinstancerrrr startswithrrr ValueErrorr TypeErrorr4r-r-r.r7s$    zRSAAlgorithm.prepare_keyc Csd}t|ddrE|}ddgtt|jjtt|jjtt|jtt|jtt|j tt|j tt|j tt|j d }n!t|ddrb|}ddgtt|jtt|jd}nt dt|S)Nprivate_numbersRSAr;) r]key_opsnedpqdpdqqir>)r]rurvrwNot a public or private key)getattrrsr rpublic_numbersrvrwrxryrzdmp1dmq1iqmprr^r_)r@rbnumbersr-r-r.rAs.           zRSAAlgorithm.to_jwkc szt|Wn tytdwddkrtddvrdvrdvrdvr2td gd }fd d |D}t|}|rMt|sMtd ttdtd}|rt tdtdtdtdtdtd|d}n$td}t |j ||j \}}t |||t ||t||t|||d}|tSdvrdvrttdtd}|tStd)NzKey is not valid JSONr]rtzNot an RSA keyrxrwrvZothz5Unsupported RSA private key: > 2 primes not supported)ryrzr{r|r}crUr-r-)rVproprbr-r.rX rYz)RSAAlgorithm.from_jwk..z@RSA key must include all parameters if any are present besides dryrzr{r|r})rxryrzrrrrr~)r^r`rqrrarZallrr rrrvrwrrrZ private_keyrZ public_key) rBZ other_propsZ props_foundZany_props_foundrrrxryrzr-rr.rCs`            zRSAAlgorithm.from_jwkcCs||t|SrN)r;rPKCS1v15rPr9r-r-r.r;8szRSAAlgorithm.signcCs4z|||t|WdStyYdSw)NTF)r>rrrPr r<r-r-r.r>;s  zRSAAlgorithm.verifyN)rDrErFrGrr%r&r'rRr7rHrArCr;r>r-r-r-r.r*s # > r*c@sBeZdZdZejZejZejZddZddZ ddZ dd Z d S) r+zr Performs signing and verification operations using ECDSA and the specified hash function cCrMrNrOrQr-r-r.rRKrSzECAlgorithm.__init__cCst|ts t|tr |St|trBt|}z|dr#t|td}n t|td}W|SW|St yAt |dtd}Y|Swt d)Ns ecdsa-sha2-rjrlrn) rorrrr rprrrrqrrrr4r-r-r.r7Ns$    zECAlgorithm.prepare_keycCs"||t|}t||jSrN)r;rECDSArPr curve)r5r:r6der_sigr-r-r.r;fs zECAlgorithm.signcCsZzt||j}Wn tyYdSwz|||t|WdSty,YdSw)NFT)r rrqr>rrrPr )r5r:r6r=rr-r-r.r>ks  zECAlgorithm.verifyN) rDrErFrGrr%r&r'rRr7r;r>r-r-r-r.r+Bs r+c@s eZdZdZddZddZdS)r,zA Performs a signature using RSASSA-PSS with MGF1 cCs*||tjt||jjd|S)NZmgfZ salt_length)r;rPSSMGF1rP digest_sizer9r-r-r.r;|s zRSAPSSAlgorithm.signc CsHz|||tjt||jjd|WdSty#YdSw)NrTF)r>rrrrPrr r<r-r-r.r>s  zRSAPSSAlgorithm.verifyN)rDrErFrGr;r>r-r-r-r.r,ws r,)6rfrcr^compatrr exceptionsrutilsrrr r r r r rZcryptography.hazmat.primitivesrZ,cryptography.hazmat.primitives.serializationrrrZ-cryptography.hazmat.primitives.asymmetric.rsarrrrrrrrZ,cryptography.hazmat.primitives.asymmetric.ecrrZ)cryptography.hazmat.primitives.asymmetricrrZcryptography.hazmat.backendsrZcryptography.exceptionsr r( ImportErrorsetZrequires_cryptographyr/objectr0r#r$r*r+r,r-r-r-r.s< ( (    (45