3 }:a @sdZddlZddlZddlmZmZddlZddlm Z ddl m Z ddl m Z ddl mZmZddlmZdd lmZdd lmZmZmZdd lmZejeZGd d d ejZGdddeeZGdddeZGdddZ Gddde eZ!Gddde eZ"GdddeZ#ej$ede j%Z&ej$ede j'Z(ej$ede j)Z*ej$e!de j%Z+ej$e!de j'Z,ej$e!de j)Z-ej$e"d e j%Z.ej$e"d!e j'Z/ej$e"d"e j)Z0ej$e#d#e j%Z1ej$e#d$e j'Z2ej$e#d%e j)Z3dS)&zZJSON Web Algorithms. https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40 N)DictType)default_backend)hashes)hmac)paddingec)decode_dss_signature)encode_dss_signature)errors interfacesjwk)Hashablec@seZdZdZdS)JWAzJSON Web Algorithm.N)__name__ __module__ __qualname____doc__rr/usr/lib/python3.6/jwa.pyrsrc@s~eZdZUdZiZeeefddZddZ ddZ e dd Z d d Z e d d ZejddZejddZddZdS) JWASignaturez-Base class for JSON Web Signature Algorithms.cCs ||_dS)N)name)selfrrrr__init__$szJWASignature.__init__cCst|tstS|j|jkS)N) isinstancerNotImplementedr)rotherrrr__eq__'s zJWASignature.__eq__cCst|j|jfS)N)hash __class__r)rrrr__hash__,szJWASignature.__hash__cCs||j|j<|S)z(Register class for JSON deserialization.) SIGNATURESr)clsZ signature_clsrrrregister/s zJWASignature.registercCs|jS)N)r)rrrrto_partial_json5szJWASignature.to_partial_jsoncCs |j|S)N)r!)r"Zjobjrrr from_json8szJWASignature.from_jsoncCs tdS)zSign the ``msg`` using ``key``.N)NotImplementedError)rkeymsgrrrsign<szJWASignature.signcCs tdS)z-Verify the ``msg`` and ``sig`` using ``key``.N)r&)rr'r(sigrrrverifyAszJWASignature.verifycCs|jS)N)r)rrrr__repr__FszJWASignature.__repr__N)rrrrr!rstrrrrr classmethodr#r$r%abcabstractmethodr)r+r,rrrrr s   rcs2eZdZejZfddZddZddZZ S)_JWAHScstj|||_dS)N)superrr)rrhash_)rrrrMs z_JWAHS.__init__cCs&tj||jtd}|j||jS)N)backend)rHMACrrupdatefinalize)rr'r(signerrrrr)Qs z _JWAHS.signcCshtj||jtd}|j|y|j|Wn2tjjk r^}zt j |dddSd}~XnXdSdS)N)r4T)exc_infoF) rr5rrr6r+ cryptography exceptionsInvalidSignatureloggerdebug)rr'r(r*verifiererrorrrrr+Vs z _JWAHS.verify) rrrr ZJWKOctktyrr)r+ __classcell__rr)rrr1Js r1c@s*eZdZejZeZeZddZ ddZ dS)_JWARSAcCst|d}y*|r"|j||j|jS|j|j|j}Wnvtk rn}ztj|ddtj dWYdd}~Xn>t k r}z"tj|ddtj t |WYdd}~XnX|j |y|j St k r}z"tj|ddtj t |WYdd}~XnXdS)zSign the ``msg`` using ``key``.r)T)r9z%Public key cannot be used for signingN)hasattrr)rrr8AttributeErrorr=r>r Error ValueErrorr-r6r7)rr'r(new_apir8r@rrrr)gs"   z _JWARSA.signcCst|d}|s*|j||j|j}|j|y&|rF|j|||j|jn|jWn2tjjk r}zt j |dddSd}~XnXdSdS)z,Verify the ``msg` and ``sig`` using ``key``.r+T)r9FN) rDr?rrr6r+r:r;r<r=r>)rr'r(r*rHr?r@rrrr+|s   z_JWARSA.verifyN) rrrr ZJWKRSArArrrr)r+rrrrrCbs rCcseZdZfddZZS)_JWARScs"tj|tj|_||_dS)N)r2rrZPKCS1v15r)rrr3)rrrrs  z_JWARS.__init__)rrrrrBrr)rrrIsrIcseZdZfddZZS)_JWAPScs4tj|tjtj|tjjd|_||_dS)N)ZmgfZ salt_length)r2rrZPSSZMGF1Z MAX_LENGTHr)rrr3)rrrrs   z_JWAPS.__init__)rrrrrBrr)rrrJsrJcsBeZdZejZfddZddZddZddZ d d Z Z S) _JWAECcstj|||_dS)N)r2rr)rrr3)rrrrs z_JWAEC.__init__cCsB|j||}t|\}}tjj|j}|j|dd|j|ddS)zSign the ``msg`` using ``key``.big)length byteorder)_signr r JWKECexpected_length_for_curvecurveto_bytes)rr'r(r*ZdrZdsrMrrrr)s    z _JWAEC.signcCst|d}y.|r$|j|tj|jS|jtj|j}Wnvtk rr}ztj|ddt j dWYdd}~Xn>t k r}z"tj|ddt j t |WYdd}~XnX|j |y|jSt k r}z"tj|ddt j t |WYdd}~XnXdS)Nr)T)r9z%Public key cannot be used for signing)rDr)rECDSArr8rEr=r>r rFrGr-r6r7)rr'r(rHr8r@rrrrOs"   z _JWAEC._signcCs^tjj|j}t|d|kr"dSttj|d|ddtj||ddd}|j|||S)z,Verify the ``msg` and ``sig`` using ``key``.FrrL)rNN) r rPrQrRlenr int from_bytes_verify)rr'r(r*Zrlenasn1sigrrrr+sz _JWAEC.verifycCst|d}|s,|j|tj|j}|j|y(|rJ|j||tj|jn|jWn2tjj k r}zt j |dddSd}~XnXdSdS)Nr+T)r9F) rDr?rrTrr6r+r:r;r<r=r>)rr'r(rZrHr?r@rrrrYs   z_JWAEC._verify) rrrr rPrArr)rOr+rYrBrr)rrrKs   rKHS256HS384HS512RS256RS384RS512PS256PS384PS512ES256ES384ES512)4rr/ZloggingZtypingrrZcryptography.exceptionsr:Zcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrrZ)cryptography.hazmat.primitives.asymmetricrrZ/cryptography.hazmat.primitives.asymmetric.utilsr r Zjosepyr r r collections.abcrZ getLoggerrr=ZJSONDeSerializablerrr1rCrIrJrKr#ZSHA256r[ZSHA384r\ZSHA512r]r^r_r`rarbrcrdrerfrrrrs@       *- B