????
Your IP : 3.149.29.120
�
;�Qg�S����ddlZddlZddlZddlmZddlmZmZmZm Z m
Z
mZmZ ddl
Zddl
mZddlmZddlmZmZddlmZmZdd lmZmZdd
lmZmZmZmZm Z m!Z!m"Z"m#Z#ddl$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+dZ,n
#e-$rd
Z,YnwxYwhd�Z.d�Z/Gd�d��Z0Gd�de0��Z1Gd�de0��Z2e,r:Gd�de0��Z3Gd�de0��Z4Gd�de3��Z5Gd�de0��Z6dSdS)�N���InvalidKeyError)�base64url_decode�base64url_encode�der_to_raw_signature�force_bytes�from_base64url_uint�raw_to_der_signature�to_base64url_uint)�InvalidSignature)�hashes)�ec�padding)�EllipticCurvePrivateKey�EllipticCurvePublicKey)�Ed25519PrivateKey�Ed25519PublicKey)�
RSAPrivateKey�RSAPrivateNumbers�RSAPublicKey�RSAPublicNumbers�rsa_crt_dmp1�rsa_crt_dmq1�rsa_crt_iqmp�rsa_recover_prime_factors)�Encoding�NoEncryption�
PrivateFormat�PublicFormat�load_pem_private_key�load_pem_public_key�load_ssh_public_keyTF>�ES256�ES384�ES512�ES521�EdDSA�PS256�PS384�PS512�RS256�RS384�RS512�ES256Kc��t��ttj��ttj��ttj��d�}t
�r+|�ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��ttj��t��d���|S)zE
Returns the algorithms that are implemented by the library.
)�none�HS256�HS384�HS512)r,r-r.r$r/r%r'r&r)r*r+r()�
NoneAlgorithm�
HMACAlgorithm�SHA256�SHA384�SHA512�
has_crypto�update�RSAAlgorithm�ECAlgorithm�RSAPSSAlgorithm�Ed25519Algorithm)�default_algorithmss �n/builddir/build/BUILD/imunify360-venv-2.5.0/opt/imunify360/venv/lib/python3.11/site-packages/jwt/algorithms.py�get_default_algorithmsrBEs ��
����}�3�4�4��}�3�4�4��}�3�4�4� ����
��!�!�%�l�&9�:�:�%�l�&9�:�:�%�l�&9�:�:�$�[�%7�8�8�%�k�&8�9�9�$�[�%7�8�8�$�[�%7�8�8�$��&���)��)?�@�@�(��)?�@�@�(��)?�@�@�)�+�+�
�
�
�
�
�&��c�P�eZdZdZd�Zd�Zd�Zed���Zed���Z dS)� AlgorithmzH
The interface for an algorithm used to sign and verify tokens.
c��t�)z�
Performs necessary validation and conversions on the key and returns
the key value in the proper format for sign() and verify().
��NotImplementedError��self�keys rA�prepare_keyzAlgorithm.prepare_keyl�
��
"�!rCc��t�)zn
Returns a digital signature for the specified message
using the specified key value.
rG�rJ�msgrKs rA�signzAlgorithm.signsrMrCc��t�)zz
Verifies that the specified digital signature is valid
for the specified message and key values.
rG�rJrPrK�sigs rA�verifyzAlgorithm.verifyzrMrCc��t�)z7
Serializes a given RSA key into a JWK
rG��key_objs rA�to_jwkzAlgorithm.to_jwk�rMrCc��t�)zb
Deserializes a given RSA key from JWK back into a PublicKey or PrivateKey object
rG)�jwks rA�from_jwkzAlgorithm.from_jwk�rMrCN)
�__name__�
__module__�__qualname__�__doc__rLrQrU�staticmethodrYr\�rCrArErEgs���������"�"�"�"�"�"�"�"�"��"�"��\�"��"�"��\�"�"�"rCrEc�$�eZdZdZd�Zd�Zd�ZdS)r5zZ
Placeholder for use when no signing or verification
operations are required.
c�8�|dkrd}|�td���|S)N�z*When alg = "none", key value must be None.rrIs rArLzNoneAlgorithm.prepare_key�s)���"�9�9��C��?�!�"N�O�O�O��
rCc��dS)NrCrbrOs rArQzNoneAlgorithm.sign�s���srCc��dS)NFrbrSs rArUzNoneAlgorithm.verify�s���urCN)r]r^r_r`rLrQrUrbrCrAr5r5�sK��������
����������rCr5c��eZdZdZejZejZej Z
d�Zd�Ze
d���Ze
d���Zd�Zd�ZdS) r6zf
Performs signing and verification operations using HMAC
and the specified hash function.
c��||_dS�N��hash_alg�rJrls rA�__init__zHMACAlgorithm.__init__�s
�� ��
�
�
rCc���t����gd�}t�fd�|D����rtd����S)N)s-----BEGIN PUBLIC KEY-----s-----BEGIN CERTIFICATE-----s-----BEGIN RSA PUBLIC KEY-----�ssh-rsac3� �K�|]}|�vV�� dSrjrb)�.0�string_valuerKs �rA� <genexpr>z,HMACAlgorithm.prepare_key.<locals>.<genexpr>�s(�����G�G�|�|�s�"�G�G�G�G�G�GrCzdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)r �anyr)rJrK�invalid_stringss ` rArLzHMACAlgorithm.prepare_key�sf����#����
�
�
���G�G�G�G��G�G�G�G�G� �!�9���
�
�
rCc��tjtt|�������dd���S)N�oct)�k�kty)�json�dumpsrr �decoderWs rArYzHMACAlgorithm.to_jwk�sB���z�%�k�'�&:�&:�;�;�B�B�D�D��
�
�
�
�
rCc�L� t|t��rtj|��}nt|t��r|}nt
�n#t
$rt
d���wxYw|�d��dkrt
d���t|d��S)N�Key is not valid JSONrzrxzNot an HMAC keyry) �
isinstance�strr{�loads�dict�
ValueErrorr�getr)r[�objs rAr\zHMACAlgorithm.from_jwk�s��� ;��#�s�#�#�
!��j��o�o����C��&�&�
!���� � ���� ;� ;� ;�!�"9�:�:�:� ;�����7�7�5�>�>�U�"�"�!�"3�4�4�4���C��)�)�)��A A�A&c�\�tj|||j�����Srj)�hmac�newrl�digestrOs rArQzHMACAlgorithm.sign�s$���x��S�$�-�0�0�7�7�9�9�9rCc�T�tj||�||����Srj)r��compare_digestrQrSs rArUzHMACAlgorithm.verify�s#���"�3�� � �#�s�(;�(;�<�<�<rCN)r]r^r_r`�hashlib�sha256r7�sha384r8�sha512r9rnrLrarYr\rQrUrbrCrAr6r6�s���������
�^�F�
�^�F�
�^�F�!�!�!����$�
�
��\�
��*�*��\�*� :�:�:�=�=�=�=�=rCr6c��eZdZdZejZejZejZd�Zd�Z e
d���Ze
d���Zd�Z
d�ZdS) r<z~
Performs signing and verification operations using
RSASSA-PKCS-v1_5 and the specified hash function.
c��||_dSrjrkrms rArnzRSAAlgorithm.__init__��
��$�D�M�M�MrCc��t|t��st|t��r|St|ttf��rft|��} |�d��rt|��}nt|d���}n.#t$rt|��}YnwxYwtd���|S)Nrp��password�Expecting a PEM-formatted key.)r�rr�bytesr�r �
startswithr#r!r�r"� TypeErrorrIs rArLzRSAAlgorithm.prepare_key�s����#�}�-�-�
��C��1N�1N�
��
��#��s�|�,�,�
B�!�#�&�&��3��~�~�j�1�1�G�1�#�6�6���2�3��F�F�F����!�3�3�3�-�c�2�2�C�C�C�3���� � @�A�A�A��Js�6B�B,�+B,c��d}t|dd���rM|���}ddgt|jj�����t|jj�����t|j�����t|j�����t|j �����t|j
�����t|j�����t|j�����d�
}n�t|dd��re|���}ddgt|j�����t|j�����d�}ntd���tj|��S)N�private_numbers�RSArQ)
rz�key_ops�n�e�d�p�q�dp�dq�qirU)rzr�r�r��Not a public or private key)�getattrr�r�public_numbersr�r}r�r�r�r��dmp1�dmq1�iqmprr{r|)rXr��numberss rArYzRSAAlgorithm.to_jwks����C��w� 1�4�8�8�
E�!�1�1�3�3��!� &�x�*�7�+A�+C�D�D�K�K�M�M�*�7�+A�+C�D�D�K�K�M�M�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>�+�G�L�9�9�@�@�B�B�+�G�L�9�9�@�@�B�B�+�G�L�9�9�@�@�B�B�������(�D�1�1�
E�!�0�0�2�2��!� (�z�*�7�9�5�5�<�<�>�>�*�7�9�5�5�<�<�>�>� ����&�&C�D�D�D��:�c�?�?�"rCc�<� � t|t��rtj|��� nt|t��r|� nt
�n#t
$rt
d���wxYw� �d��dkrt
d���d� v�r�d� v�r�d� v�r�d� vrt
d ���gd
�}� fd�|D��}t|��}|rt|��st
d���tt� d��t� d����}|r�tt� d��t� d
��t� d��t� d��t� d��t� d��|���}nst� d��}t|j||j��\}}t|||t!||��t#||��t%||��|���}|���Sd� vrNd� vrJtt� d��t� d����}|���St
d���)Nrrzr�zNot an RSA keyr�r�r��othz5Unsupported RSA private key: > 2 primes not supported)r�r�r�r�r�c���g|]}|�v��Srbrb)rr�propr�s �rA�
<listcomp>z)RSAAlgorithm.from_jwk.<locals>.<listcomp>Cs���C�C�C�t�t�s�{�C�C�CrCz@RSA key must include all parameters if any are present besides dr�r�r�r�r�)r�r�r�r�r�r�r�r�)r�r�r{r�r�r�rr�ru�allrr
rrr�r�rrr�private_key�
public_key)
r[�other_props�props_found�any_props_foundr�r�r�r�r�r�s
@rAr\zRSAAlgorithm.from_jwk,s����
?��c�3�'�'�%��*�S�/�/�C�C���T�*�*�%��C�C�$�$����
?�
?�
?�%�&=�>�>�>�
?�����w�w�u�~�~��&�&�%�&6�7�7�7��c�z�z�c�S�j�j�S�C�Z�Z��C�<�<�)�O����;�:�:��C�C�C�C�{�C�C�C��"%�k�"2�"2��"��3�{�+;�+;��)�Z����"2�'��C��1�1�'��C��1�1�"�"��
#��/�-�c�#�h�7�7�-�c�#�h�7�7�-�c�#�h�7�7�0��T��;�;�0��T��;�;�0��T��;�;�'5����G�G�,�C��H�5�5�A�4�&�(�!�^�-=���D�A�q�0����)�!�Q�/�/�)�!�Q�/�/�)�!�Q�/�/�'5����G��*�*�,�,�,������s�
�
�*�'��C��1�1�'��C��1�1����
�)�)�+�+�+�%�&C�D�D�Ds�A A
�
A'c�v�|�|tj��|�����Srj)rQr�PKCS1v15rlrOs rArQzRSAAlgorithm.signvs)���8�8�C��!1�!3�!3�T�]�]�_�_�E�E�ErCc�� |�||tj��|�����dS#t$rYdSwxYw)NTF)rUrr�rlr
rSs rArUzRSAAlgorithm.verifyysW��
��
�
�3��W�%5�%7�%7������I�I�I��t��#�
�
�
��u�u�
���s�;?�
A
�A
N)r]r^r_r`rr7r8r9rnrLrarYr\rQrUrbrCrAr<r<�s������� � �
��������� %� %� %� � � �&
�! #�! #�
��! #�F
�G E�G E�
��G E�R F� F� F� � � � � rCr<c�j�eZdZdZejZejZejZd�Zd�Z d�Z
d�Zed���Z
dS)r=zr
Performs signing and verification operations using
ECDSA and the specified hash function
c��||_dSrjrkrms rArnzECAlgorithm.__init__�r�rCc��t|t��st|t��r|St|ttf��rft|��} |�d��rt|��}nt|��}n0#t$rt|d���}YnwxYwtd���|S)Nsecdsa-sha2-r�r�)r�rrr�r�r r�r#r"r�r!r�rIs rArLzECAlgorithm.prepare_key�s����#�6�7�7�
�:��+�<�<�
��
��#��s�|�,�,�
B�!�#�&�&��
C��~�~�n�5�5�7�1�#�6�6���1�#�6�6����!�C�C�C�.�s�T�B�B�B�C�C�C�C���� � @�A�A�A��Js�4B�B,�+B,c��|�|tj|�������}t ||j��Srj)rQr�ECDSArlr�curve)rJrPrK�der_sigs rArQzECAlgorithm.sign�s9���h�h�s�B�H�T�]�]�_�_�$=�$=�>�>�G�'����;�;�;rCc�B� t||j��}n#t$rYdSwxYw t|t��r|���}|�||tj|� ������dS#t$rYdSwxYw)NFT)rr�r�r�rr�rUrr�rlr
)rJrPrKrTr�s rArUzECAlgorithm.verify�s���
�.�s�C�I�>�>�����
�
�
��u�u�
����
��c�#:�;�;�+��.�.�*�*�C��
�
�7�C���$�-�-�/�/�)B�)B�C�C�C��t��#�
�
�
��u�u�
���s��
&�&�A$B�
B�Bc��� t|t��rtj|��}nt|t��r|}nt
�n#t
$rt
d���wxYw|�d��dkrt
d���d|vsd|vrt
d���t|�d����}t|�d����}|�d��}|dkrNt|��t|��cxkrd krnntj��}�nt
d
���|dkrMt|��t|��cxkrdkrnntj��}n�t
d
���|dkrMt|��t|��cxkrdkrnntj
��}ntt
d���|dkrMt|��t|��cxkrd krnntj��}n!t
d���t
d|�����tjt �|d���t �|d���|���}d|vr|���St|�d����}t|��t|��krt
dt|��|���tjt �|d���|�����S)Nrrz�ECzNot an Elliptic curve key�x�y�crvzP-256� z)Coords should be 32 bytes for curve P-256zP-384�0z)Coords should be 48 bytes for curve P-384zP-521�Bz)Coords should be 66 bytes for curve P-521� secp256k1z-Coords should be 32 bytes for curve secp256k1�Invalid curve: �big)� byteorder)r�r�r�r�z!D should be {} bytes for curve {})r�r�r{r�r�r�rr�r�lenr� SECP256R1� SECP384R1� SECP521R1� SECP256K1�EllipticCurvePublicNumbers�int�
from_bytesr��EllipticCurvePrivateNumbersr�)r[r�r�r�r�� curve_objr�r�s rAr\zECAlgorithm.from_jwk�sG��
?��c�3�'�'�%��*�S�/�/�C�C���T�*�*�%��C�C�$�$����
?�
?�
?�%�&=�>�>�>�
?�����w�w�u�~�~��%�%�%�&A�B�B�B��#�~�~��C���%�&A�B�B�B� �������.�.�A� �������.�.�A��G�G�E�N�N�E������q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� "����I�I�)�*U�V�V�V��'�!�!��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� "����I�I�)�*U�V�V�V��'�!�!��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� "����I�I�)�*U�V�V�V��+�%�%��q�6�6�S��V�V�)�)�)�)�r�)�)�)�)�)� "����I�I�)�G����&�&?��&?�&?�@�@�@��:��.�.��e�.�4�4��.�.��e�.�4�4�����N��#�~�~�%�0�0�2�2�2� �������.�.�A��1�v�v��Q�����%�7��Q��������1����q�E��2�2�N����k�m�m�
r�N)r]r^r_r`rr7r8r9rnrLrQrUrar\rbrCrAr=r=�s������� � �
��������� %� %� %� � � �2 <� <� <�
� � �
�? �? �
��? �? �? rCr=c��eZdZdZd�Zd�ZdS)r>zA
Performs a signature using RSASSA-PSS with MGF1
c ���|�|tjtj|�����|jj���|�����S)N��mgf�salt_length)rQr�PSS�MGF1rl�digest_sizerOs rArQzRSAPSSAlgorithm.signsY���8�8������T�]�]�_�_�5�5� $�
� 9�����
�
���
��
rCc
�� |�||tjtj|�����|jj���|�����dS#t$rYdSwxYw)Nr�TF)rUrr�r�rlr�r
rSs rArUzRSAPSSAlgorithm.verify
s���
��
�
����K�#�L������9�9�$(�M�$=�����M�M�O�O�����t��#�
�
�
��u�u�
���s�A,A0�0
A>�=A>N)r]r^r_r`rQrUrbrCrAr>r>�s<������ � � � � �
�
�
�
�
rCr>c�V�eZdZdZd�Zd�Zd�Zd�Zed���Z ed���Z
dS) r?z�
Performs signing and verification operations using Ed25519
This class requires ``cryptography>=2.6`` to be installed.
c��dSrjrb)rJ�kwargss rArnzEd25519Algorithm.__init__ s���DrCc��t|ttf��r|St|ttf��r�t|t��r|�d��}|�d��}d|vrt|��Sd|vrt|d���S|dd�dkrt|��Std���) N�utf-8z-----BEGIN PUBLICz-----BEGIN PRIVATEr�r�zssh-z)Expecting a PEM-formatted or OpenSSH key.)r�rrr�r��encoder}r"r!r#r�)rJrK�str_keys rArLzEd25519Algorithm.prepare_key#s����#� 1�3C�D�E�E�
��
��#��s�|�,�,�
4��c�3�'�'�.��*�*�W�-�-�C��*�*�W�-�-��&�'�1�1�.�s�3�3�3�'�7�2�2�/��d�C�C�C�C��1�Q�3�<�6�)�)�.�s�3�3�3��G�H�H�HrCc�|�t|��turt|d��n|}|�|��S)a
Sign a message ``msg`` using the Ed25519 private key ``key``
:param str|bytes msg: Message to sign
:param Ed25519PrivateKey key: A :class:`.Ed25519PrivateKey` instance
:return bytes signature: The signature, as bytes
r�)�typer�rQrOs rArQzEd25519Algorithm.sign6s8��*.�c���%�)?�)?�%��W�%�%�%�S�C��8�8�C�=�=� rCc�\� t|��turt|d��n|}t|��turt|d��n|}t|t��r|���}|�||��dS#tjj$rYdSwxYw)a�
Verify a given ``msg`` against a signature ``sig`` using the Ed25519 key ``key``
:param str|bytes sig: Ed25519 signature to check ``msg`` against
:param str|bytes msg: Message to sign
:param Ed25519PrivateKey|Ed25519PublicKey key: A private or public Ed25519 key instance
:return bool verified: True if signature is valid, False if not.
r�TF) r�r�r�rr�rU�cryptography�
exceptionsr
rSs rArUzEd25519Algorithm.verify@s���
�-1�#�Y�Y�e�-C�-C�e�C��)�)�)���-1�#�Y�Y�e�-C�-C�e�C��)�)�)����c�#4�5�5�+��.�.�*�*�C��
�
�3��$�$�$��t���*�;�
�
�
��u�u�
���s�BB�B+�*B+c��t|t��ro|�tjt
j���}t
jtt|�����
��ddd���St|t��r�|�tjtjt�����}|����tjt
j���}t
jtt|�����
��tt|�����
��ddd���St!d���)N)�encoding�format�OKP�Ed25519)r�rzr�)r�r��encryption_algorithm)r�r�rzr�r�)r�r�public_bytesr�Rawr r{r|rr r}r�
private_bytesrrr�r)rKr�r�s rArYzEd25519Algorithm.to_jwkTs`���#�/�0�0�
��$�$�%�\�'�+�%����
�z�-�k�!�n�n�=�=�D�D�F�F�$�(�������#�0�1�1�
��%�%�%�\�(�,�)5���&�����N�N�$�$�1�1�%�\�'�+�2����
�z�-�k�!�n�n�=�=�D�D�F�F�-�k�!�n�n�=�=�D�D�F�F�$�(� �����"�"?�@�@�@rCc��� t|t��rtj|��}nt|t��r|}nt
�n#t
$rt
d���wxYw|�d��dkrt
d���|�d��}|dkrt
d|�����d|vrt
d ���t|�d����} d
|vrtj
|��St|�d
����}tj|��S#t
$r}t
d��|�d}~wwxYw)Nrrzr�zNot an Octet Key Pairr�r�r�r�zOKP should have "x" parameterr�zInvalid key parameter)
r�r�r{r�r�r�rr�rr�from_public_bytesr�from_private_bytes)r[r�r�r�r��errs rAr\zEd25519Algorithm.from_jwk{st��
?��c�3�'�'�%��*�S�/�/�C�C���T�*�*�%��C�C�$�$����
?�
?�
?�%�&=�>�>�>�
?�����w�w�u�~�~��&�&�%�&=�>�>�>��G�G�E�N�N�E�� �!�!�%�&?��&?�&?�@�@�@��#�~�~�%�&E�F�F�F� �������.�.�A�
H��c�>�>�+�=�a�@�@�@�$�S�W�W�S�\�\�2�2��(�;�A�>�>�>���
H�
H�
H�%�&=�>�>�C�G�����
H���s*�A A�A&�4E�5E�
E!�E�E!N)r]r^r_r`rnrLrQrUrarYr\rbrCrAr?r?s������� � � � � � I� I� I�& !� !� !� � � �(
�$ A�$ A�
��$ A�L
� H� H�
�� H� H� HrCr?)7r�r�r{r�r�utilsrrrr r
rr�cryptography.exceptionsr�r
�cryptography.hazmat.primitivesr�)cryptography.hazmat.primitives.asymmetricrr�,cryptography.hazmat.primitives.asymmetric.ecrr�1cryptography.hazmat.primitives.asymmetric.ed25519rr�-cryptography.hazmat.primitives.asymmetric.rsarrrrrrrr�,cryptography.hazmat.primitives.serializationrrrr r!r"r#r:�ModuleNotFoundError�requires_cryptographyrBrEr5r6r<r=r>r?rbrCrA�<module>rs���������������'�'�'�'�'�'�������������������#�"�"�"�"�8�8�8�8�8�8�5�5�5�5�5�5�E�E�E�E�E�E�E�E����������������� � � � � � � � � � � � � � � � � � � � ��������������������J�J�������J�J�J�����
�
�
�� ���D&"�&"�&"�&"�&"�&"�&"�&"�R�����I����,==�==�==�==�==�I�==�==�==�@�rH�V�V�V�V�V�y�V�V�V�py�y�y�y�y�i�y�y�y�v�����,����<H�H�H�H�H�9�H�H�H�H�H�g rH�rHs�AA7�7B�B