3

YݧZh6�@s

dd
lm
Z

ddlZddlmZmZmZmZmZ
ej	rJddl
mZmZm
Z

ejd�
ZGdd�de�Zeje�

dd	�ZGd
d�de�ZGdd
�d
e�Zddd�
ZGdd�de�ZGdd�de�Zejf
dd�
Zejf
dd�
Zejf
dd�
Zejf
dd�
Zejf
dd�
ZdS) �)
�absolute_importN)�BIO�Err�RSA�m2�util)�AnyStr�Optional�CallableZEVPc
@seZ
dZd
S)�EVPErrorN)�__name__�
__module__�__qualname__�rr�/usr/lib64/python3.6/EVP.pyrs
rcCstj
||
||�S)
a%

    Derive a key from password using PBKDF2 algorithm specified in RFC 2898.

    :param password: Derive the key from this password.
    :param salt:     Salt.
    :param iter:     Number of iterations to perform.
    :param keylen:   Length of key to produce.
    :return:         Key.
    )rZpkcs5_pbkdf2_hmac_sha1)Zpassword�salt�iterZkeylenrrr�pbkdf2src@s:eZ
dZd
ZejZdd�Zdd�Zdd�Z	dd	�Z
e
Zd
S)�
MessageDigestz
    Message Digest
    cCsHtt
|
d�}|dkr"t
j|
�
|_n|�|_t
j�|_t
j|j|j�
dS)
N)�getattrrZget_digestbyname�md�
md_ctx_new�ctxZdigest_init)�self�algorrrr�__init__,s



zMessageDigest.__init__c

Cst|d
d�r|j
|j�

dS)Nr)r�m2_md_ctx_freer)
rrrr�__del__8s
zMessageDigest.__del__cCstj
|j|
�S)
zw
        Add data to be digested.

        :return: -1 for Python error, 1 for success, 0 for OpenSSL failure.
        )rZ
digest_updater)r�datarrr�update=szMessageDigest.updatec

Cstj
|j�
S)
N)rZdigest_finalr)
rrrr�finalFs
zMessageDigest.finalN)rr
r�__doc__r�md_ctx_freerrrrr �digestrrrrr&s
	rc@s@eZ
dZejZd
dd�
Zdd�Zdd�Zdd	�Z	d
d�Z
e
ZdS)�HMAC�sha1cCsFtt
|d�}|dkrtd
|��
|�|_t
j�|_t
j|j|
|j�
dS)Nzunknown algorithm)rr�
ValueErrorrZhmac_ctx_newr�	hmac_init)r�keyrrrrrrQs






z
HMAC.__init__c

Cst|d
d�r|j
|j�

dS)Nr)r�m2_hmac_ctx_freer)
rrrrrZs
zHMAC.__del__cCstj
|j|
|j�
dS)
N)rr'rr)rr(rrr�reset_sz
HMAC.resetcCstj
|j|
�
dS)
N)rZhmac_updater)rrrrrrcszHMAC.updatec

Cstj
|j�
S)
N)rZ
hmac_finalr)
rrrrr gsz
HMAC.finalN)
r%)rr
rrZ
hmac_ctx_freer)rrr*rr r#rrrrr$Ms
	r$r%cCs.tt
|d�}|dkrtd
|��
t
j||
|��S)Nzunknown algorithm)rrr&�hmac)r(rrrrrrr+ns



r+c@s>eZ
dZejZddd�
Zdd�Zd	d
�Zdd�Z	dd
d�
Z
dS)�Cipherr
�md5�12345678�
c
Cs�tt
|
d�}
|
dkrtd
|
��
|
�|_|r`tt
|d�}|dkrHtd|��
t
j|j|�||||�}t
j�|_t
j|j|j|||�
|j|	�

~dS)Nzunknown cipherzunknown message digest)	rrr&�cipherZbytes_to_keyZcipher_ctx_newrZcipher_init�set_padding)rZalgr(Ziv�opZkey_as_bytes�
dr�
i�paddingr0Zkmdrrrrzs















zCipher.__init__c

Cst|d
d�r|j
|j�

dS)Nr)r�m2_cipher_ctx_freer)
rrrrr�s
zCipher.__del__cCstj
|j|
�S)
N)rZ
cipher_updater)rrrrrr�sz
Cipher.updatec

Cstj
|j�
S)
N)rZcipher_finalr)
rrrrr �szCipher.finalcCstj
|j|
�S)
z*
        Actually always return 1
        )rZcipher_set_paddingr)rr5rrrr1�szCipher.set_paddingN)r
r-r.r/r/)
r/)rr
rrZcipher_ctx_freer6rrrr r1rrrrr,vs

r,c@s�eZ
dZd
ZejZejZd-dd�
Z	dd�Z
d	d
�Zdd�Zd.d
d�
Z
dd�Zdd�Zdd�ZeZeZdd�Zdd�Zdd�Zd/dd�
Zdd�Zd ejfd!d"�
Zd ejfd#d$�
Zd ejfd%d&�
Zd'd(�Zd)d*�Zd+d,�ZdS)0�PKeyz
    Public Key
    Nr
r%cCs4|
dk	r|
|_||_
ntj�|_d
|_
|j|�

dS)Nr/)�pkey�_pyfreerZpkey_new�_set_context)rr8r9rrrrr�s




z
PKey.__init__c

Cs4t|d
d�r|j
|j�

t|dd�r0|j|j�

dS)Nr9r
r)r�m2_pkey_freer8rr)
rrrrr�s


zPKey.__del__c


Cs|jS)
N)
r8)
rrrr�_ptr�s
z	PKey._ptrcCs4tt
|
d�}|dkrtd
|
��
|�|_t
j�|_dS)Nzunknown message digest)rrr&rrr)rrZmdarrrr:�s





zPKey._set_contextcCs|j|
�

d
S)zj
        Reset internal message digest context.

        :param md: The message digest algorithm.
        N)
r:)rrrrr�
reset_context�szPKey.reset_contextc

Cstj
|j|j�
d
S)z9
        Initialise signing operation with self.
        N)r�	sign_initrr)
rrrrr>�szPKey.sign_initcCstj
|j|
�
d
S)zZ
        Feed data to signing operation.

        :param data: Data to be signed.
        N)r�sign_updater)rrrrrr?�szPKey.sign_updatec

Cstj
|j|j�S)
zD
        Return signature.

        :return: The signature.
        )r�
sign_finalrr8)
rrrrr@�szPKey.sign_finalc

Cstj
|j|j�
d
S)zH
        Initialise signature verification operation with self.
        N)r�verify_initrr)
rrrrrA�szPKey.verify_initcCstj
|j|
�S)
z�
        Feed data to verification operation.

        :param data: Data to be verified.
        :return: -1 on Python error, 1 for success, 0 for OpenSSL error
        )r�
verify_updater)rrrrrrB�szPKey.verify_updatecCstj
|j|
|j�S)
z�
        Return result of verification.

        :param sign: Signature to use for verification
        :return: Result of verification: 1 for success, 0 for failure, -1 on
                 other error.
        )r�verify_finalrr8)rZsignrrrrC�s	zPKey.verify_finalr/cCs4|r tj
|j|
j�}|r0d
|
_ntj|j|
j�}|S)a�

        Assign the RSA key pair to self.

        :param rsa: M2Crypto.RSA.RSA object to be assigned to self.

        :param capture: If true (default), this PKey object will own the RSA
                        object, meaning that once the PKey object gets
                        deleted it is no longer safe to use the RSA object.

        :return: Return 1 for success and 0 for failure.
        r
)rZpkey_assign_rsar8�rsar9Z
pkey_set1_rsa)rrDZcapture�retrrr�
assign_rsa
s




zPKey.assign_rsac
Cstj
|j�
}
tj|
d
�}|S)zd
        Return the underlying RSA key if that is what the EVP
        instance is holding.
        r/)rZ
pkey_get1_rsar8rZRSA_pub)rZrsa_ptrrDrrr�get_rsa
s
zPKey.get_rsaZaes_128_cbccCs&tj
|
d
��}|j|||�SQRXdS)a$
        Save the key pair to a file in PEM format.

        :param file: Name of file to save key to.

        :param cipher: Symmetric cipher to protect the key. The default
                       cipher is 'aes_128_cbc'. If cipher is None, then
                       the key is saved in the clear.

        :param callback: A Python callable object that is invoked
                         to acquire a passphrase with which to protect
                         the key. The default is
                         util.passphrase_callback.
        �wbN)r�openfile�save_key_bio)r�filer0�callback�biorrr�save_key&
s
z
PKey.save_keycCsX|d
krtj
|j|
j�|�Stt|d
�}|d
kr<td|�
�
tj|j|
j�|�|�Sd
S)aA
        Save the key pair to the M2Crypto.BIO object 'bio' in PEM format.

        :param bio: M2Crypto.BIO object to save key to.

        :param cipher: Symmetric cipher to protect the key. The default
                       cipher is 'aes_128_cbc'. If cipher is None, then
                       the key is saved in the clear.

        :param callback: A Python callable object that is invoked
                         to acquire a passphrase with which to protect
                         the key. The default is
                         util.passphrase_callback.
        Nzno such cipher %s)rZpkey_write_pem_no_cipherr8r<rr&Zpkey_write_pem)rrMr0rL�protorrrrJ:
s



zPKey.save_key_biocCstj
�}|j||
|�
|j�S)
a�

        Return key in PEM format in a string.

        :param cipher: Symmetric cipher to protect the key. The default
                       cipher is ``'aes_128_cbc'``. If cipher is None,
                       then the key is saved in the clear.

        :param callback: A Python callable object that is invoked
                         to acquire a passphrase with which to protect
                         the key. The default is
                         util.passphrase_callback.
        )r�MemoryBufferrJ�read_all)rr0rLrMrrr�as_pemS
s

zPKey.as_pemc
Cstj
|j�
}
tj|
�
}|j�S)
z6
        Return key in DER format in a string
        )rZpkey_as_derr8rrPrQ)rZbufrMrrr�as_dere
s


zPKey.as_derc

Cstj
|j�
S)
z6
        Return the size of the key in bytes.
        )rZ	pkey_sizer8)
rrrr�sizen
sz	PKey.sizec

Cstj
|j�
S)
z3
        Return the modulus in hex format.
        )rZpkey_get_modulusr8)
rrrr�get_modulusu
szPKey.get_modulus)Nr
r%)
r%)
r/) rr
rr!rZ	pkey_freer;r"rrrr<r:r=r>r?r@rr rArBrCrFrGr�passphrase_callbackrNrJrRrSrTrUrrrrr7�s4



		





	r7c
Cs0tj
|d
��}tj|j|
�}WdQRXt|d�S)a7

    Load an M2Crypto.EVP.PKey from file.

    :param file: Name of file containing the key in PEM format.

    :param callback: A Python callable object that is invoked
                     to acquire a passphrase with which to protect the
                     key.

    :return: M2Crypto.EVP.PKey object.
    �
rNr/)rrIr�
pkey_read_pemrMr7)rKrLrM�cptrrrr�load_key}
s

rZcCstj
|j�|
�}t|d
�S)aO

    Load an M2Crypto.EVP.PKey from an M2Crypto.BIO object.

    :param bio: M2Crypto.BIO object containing the key in PEM format.

    :param callback: A Python callable object that is invoked
                     to acquire a passphrase with which to protect the
                     key.

    :return: M2Crypto.EVP.PKey object.
    r/)rrXr<r7)rMrLrYrrr�load_key_bio�
s

r[cCs.tj
|j�|
�}|d
kr$ttj��
�
t|d�S)a^

    Load an M2Crypto.EVP.PKey from a public key as a M2Crypto.BIO object.

    :param bio: M2Crypto.BIO object containing the key in PEM format.

    :param callback: A Python callable object that is invoked
                     to acquire a passphrase with which to protect the
                     key.

    :return: M2Crypto.EVP.PKey object.
    Nr/)rZpkey_read_pem_pubkeyr<rrZ	get_errorr7)rMrLrYrrr�load_key_bio_pubkey�
s



r\cCstj
|�
}t||
�S)
a7

    Load an M2Crypto.EVP.PKey from a string.

    :param string: String containing the key in PEM format.

    :param callback: A Python callable object that is invoked
                     to acquire a passphrase with which to protect the
                     key.

    :return: M2Crypto.EVP.PKey object.
    )rrPr[)�stringrLrMrrr�load_key_string�
s

r^cCstj
|�
}t||
�S)
aG

    Load an M2Crypto.EVP.PKey from a public key as a string.

    :param string: String containing the key in PEM format.

    :param callback: A Python callable object that is invoked
                     to acquire a passphrase with which to protect the
                     key.

    :return: M2Crypto.EVP.PKey object.
    )rrPr\)r]rLrMrrr�load_key_string_pubkey�
s

r_)
r%) Z
__future__rZloggingZM2CryptorrrrrZpy27plusZtypingrr	r
Z	getLogger�logr&rZevp_initr�objectrr$r+r,r7rVrZr[r\r^r_rrrr�<module>
s&





'!
*^