U a4 @sddlZddlZddlZddlmZmZddlmZddlm Z m Z m Z m Z m Z mZmZmZzddlmZddlmZmZmZddlmZmZmZmZmZmZmZmZdd l m!Z!m"Z"dd l#m$Z$m%Z%dd l&m'Z'dd l(m)Z)d Z*Wne+k rdZ*YnXe,ddddddddddg Z-ddZ.Gddde/Z0Gddde0Z1Gdd d e0Z2e*rGd!d"d"e0Z3Gd#d$d$e0Z4Gd%d&d&e3Z5dS)'N)constant_time_compare string_typesInvalidKeyError)base64url_decodebase64url_encodeder_to_raw_signature force_bytes force_unicodefrom_base64url_uintraw_to_der_signatureto_base64url_uint)hashes)load_pem_private_keyload_pem_public_keyload_ssh_public_key) RSAPrivateKey RSAPublicKeyRSAPrivateNumbersRSAPublicNumbersrsa_recover_prime_factors rsa_crt_dmp1 rsa_crt_dmq1 rsa_crt_iqmp)EllipticCurvePrivateKeyEllipticCurvePublicKey)ecpadding)default_backend)InvalidSignatureTFRS256RS384RS512ES256ES384ES521ES512PS256PS384PS512c Cstttjttjttjd}tr|ttjttjttjttjttjttjttjt t jt t jt t jd |S)zE Returns the algorithms that are implemented by the library. )noneZHS256ZHS384ZHS512) r!r"r#r$r%r&r'r(r)r*) NoneAlgorithm HMACAlgorithmSHA256SHA384SHA512 has_cryptoupdate RSAAlgorithm ECAlgorithmRSAPSSAlgorithm)Zdefault_algorithmsr6}/home/adriano.carvalho/ftp/files/BrinquedotecaVirtual/brinquedotecavirtual/venv/lib/python3.8/site-packages/jwt/algorithms.pyget_default_algorithms&s& r8c@s@eZdZdZddZddZddZedd Zed d Z d S) AlgorithmzH The interface for an algorithm used to sign and verify tokens. cCstdS)z Performs necessary validation and conversions on the key and returns the key value in the proper format for sign() and verify(). NNotImplementedErrorselfkeyr6r6r7 prepare_keyFszAlgorithm.prepare_keycCstdS)zn Returns a digital signature for the specified message using the specified key value. Nr:r=msgr>r6r6r7signMszAlgorithm.signcCstdS)zz Verifies that the specified digital signature is valid for the specified message and key values. Nr:r=rAr>sigr6r6r7verifyTszAlgorithm.verifycCstdS)z7 Serializes a given RSA key into a JWK Nr:key_objr6r6r7to_jwk[szAlgorithm.to_jwkcCstdS)zb Deserializes a given RSA key from JWK back into a PublicKey or PrivateKey object Nr:)jwkr6r6r7from_jwkbszAlgorithm.from_jwkN) __name__ __module__ __qualname____doc__r?rBrE staticmethodrHrJr6r6r6r7r9Bs r9c@s(eZdZdZddZddZddZdS) r,zZ Placeholder for use when no signing or verification operations are required. cCs |dkr d}|dk rtd|S)Nz*When alg = "none", key value must be None.rr<r6r6r7r?os zNoneAlgorithm.prepare_keycCsdS)Nr6r@r6r6r7rBxszNoneAlgorithm.signcCsdS)NFr6rCr6r6r7rE{szNoneAlgorithm.verifyN)rKrLrMrNr?rBrEr6r6r6r7r,js r,c@sZeZdZdZejZejZej Z ddZ ddZ e ddZe dd Zd d Zd d ZdS)r-zf Performs signing and verification operations using HMAC and the specified hash function. cCs ||_dSNhash_algr=rTr6r6r7__init__szHMACAlgorithm.__init__cs6tddddg}tfdd|Dr2tdS)Ns-----BEGIN PUBLIC KEY-----s-----BEGIN CERTIFICATE-----s-----BEGIN RSA PUBLIC KEY-----ssh-rsacsg|] }|kqSr6r6).0Z string_valuer>r6r7 sz-HMACAlgorithm.prepare_key..zdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)r anyr)r=r>Zinvalid_stringsr6rYr7r?szHMACAlgorithm.prepare_keycCstttt|ddS)Noct)kkty)jsondumpsr rr rFr6r6r7rHszHMACAlgorithm.to_jwkcCs,t|}|ddkr tdt|dS)Nr^r\zNot an HMAC keyr])r_loadsgetrr)rIobjr6r6r7rJs zHMACAlgorithm.from_jwkcCst|||jSrR)hmacnewrTdigestr@r6r6r7rBszHMACAlgorithm.signcCst||||SrR)rrBrCr6r6r7rEszHMACAlgorithm.verifyN)rKrLrMrNhashlibsha256r.sha384r/sha512r0rVr?rOrHrJrBrEr6r6r6r7r-s  r-c@sZeZdZdZejZejZejZddZddZ e ddZ e dd Z d d Z d d ZdS)r3z~ Performs signing and verification operations using RSASSA-PKCS-v1_5 and the specified hash function. cCs ||_dSrRrSrUr6r6r7rVszRSAAlgorithm.__init__cCst|tst|tr|St|tr~t|}z.|drFt|td}nt|dtd}Wqt k rzt |td}YqXnt d|S)NrWbackendpasswordrlExpecting a PEM-formatted key.) isinstancerrrr startswithrrr ValueErrorr TypeErrorr<r6r6r7r?s   zRSAAlgorithm.prepare_keyc Csd}t|ddr|}ddgtt|jjtt|jjtt|jtt|jtt|j tt|j tt|j tt|j d }nBt|ddr|}ddgtt|jtt|jd}nt dt|S)Nprivate_numbersRSArB) r^key_opsnedpqdpdqqirE)r^rvrwrxNot a public or private key)getattrrtr rpublic_numbersrwrxryrzr{dmp1dmq1iqmprr_r`)rGrcnumbersr6r6r7rHs.          zRSAAlgorithm.to_jwkc szt|Wntk r*tdYnXddkrBtddkrhdkrhdkrhdkrptd d d d d dg}fdd|D}t|}|rt|stdttdtd}|rt tdtd td td td td|d}nHtd}t |j ||j \}}t |||t ||t||t|||d}|tSdkrdkrttdtd}|tStddS)NzKey is not valid JSONr^ruzNot an RSA keyryrxrwZothz5Unsupported RSA private key: > 2 primes not supportedrzr{r|r}r~csg|] }|kqSr6r6)rXproprcr6r7rZ sz)RSAAlgorithm.from_jwk..z@RSA key must include all parameters if any are present besides d)ryrzr{rrrrr)r_rarrrrbr[allrr rrrwrxrrrZ private_keyrZ public_key) rIZ other_propsZ props_foundZany_props_foundrrryrzr{r6rr7rJsf            zRSAAlgorithm.from_jwkcCs||t|SrR)rBrPKCS1v15rTr@r6r6r7rB8szRSAAlgorithm.signcCs:z|||t|WdStk r4YdSXdS)NTF)rErrrTr rCr6r6r7rE;s zRSAAlgorithm.verifyN)rKrLrMrNrr.r/r0rVr?rOrHrJrBrEr6r6r6r7r3s # >r3c@sBeZdZdZejZejZejZddZddZ ddZ dd Z d S) r4zr Performs signing and verification operations using ECDSA and the specified hash function cCs ||_dSrRrSrUr6r6r7rVKszECAlgorithm.__init__cCst|tst|tr|St|tr~t|}z,|drFt|td}nt|td}Wqt k rzt |dtd}YqXnt d|S)Ns ecdsa-sha2-rkrmro) rprrrr rqrrrrrrrsr<r6r6r7r?Ns   zECAlgorithm.prepare_keycCs"||t|}t||jSrR)rBrECDSArTr curve)r=rAr>der_sigr6r6r7rBfszECAlgorithm.signcCsbzt||j}Wntk r&YdSXz|||t|WdStk r\YdSXdS)NFT)r rrrrErrrTr )r=rAr>rDrr6r6r7rEkszECAlgorithm.verifyN) rKrLrMrNrr.r/r0rVr?rBrEr6r6r6r7r4Bsr4c@s eZdZdZddZddZdS)r5zA Performs a signature using RSASSA-PSS with MGF1 cCs*||tjt||jjd|S)NZmgfZ salt_length)rBrPSSMGF1rT digest_sizer@r6r6r7rB|s zRSAPSSAlgorithm.signc CsNz2|||tjt||jjd|WdStk rHYdSXdS)NrTF)rErrrrTrr rCr6r6r7rEs  zRSAPSSAlgorithm.verifyN)rKrLrMrNrBrEr6r6r6r7r5ws r5)6rgrdr_compatrr exceptionsrutilsrrr r r r r rZcryptography.hazmat.primitivesrZ,cryptography.hazmat.primitives.serializationrrrZ-cryptography.hazmat.primitives.asymmetric.rsarrrrrrrrZ,cryptography.hazmat.primitives.asymmetric.ecrrZ)cryptography.hazmat.primitives.asymmetricrrZcryptography.hazmat.backendsrZcryptography.exceptionsr r1 ImportErrorsetZrequires_cryptographyr8objectr9r,r-r3r4r5r6r6r6r7s@ ( (    (45