,hjWgdZddlZddlZddlZddlmZmZmZmZm Z ddl m Z ddl m Z mZddlmZddlmZmZmZmZmZddlmZdd lmZmZmZdd lmZmZm Z Gd d e!Z"d Z#ddZ$ddZ%dZ&dZ'dZ(dZ)dZ*ddZ+e+Z,dZ-y))generate constructDsaKey import_keyN)bchrbordtobytestostr iter_range)Random)PKCS8PEM)SHA256) DerObject DerSequence DerInteger DerObjectId DerBitString)Integer)test_probable_prime COMPOSITEPROBABLY_PRIME)_expand_subject_public_key_info_create_subject_public_key_info _extract_subject_public_key_infoceZdZdZgdZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZ ddZeZe ZdZdZdZdZdZdZdZy)raClass defining an actual DSA key. Do not instantiate directly. Use :func:`generate`, :func:`construct` or :func:`import_key` instead. :ivar p: DSA modulus :vartype p: integer :ivar q: Order of the subgroup :vartype q: integer :ivar g: Generator :vartype g: integer :ivar y: Public key :vartype y: integer :ivar x: Private key :vartype x: integer :undocumented: exportKey, publickey ygpqxc 2t|j}td}|j|stdt ||z z||z }|r1|tdk7r#tdt |tdz zt ||_y)Nrrr r!z$Some DSA components are missing = %sr"zUnknown DSA components = %s)setkeysissubset ValueErrorstrdict_key)selfkey_dict input_set public_set extra_sets V/var/www/html/Resume-Scraper/venv/lib/python3.12/site-packages/Crypto/PublicKey/DSA.py__init__zDsaKey.__init__gs ( ./ ""9-C i!789: : * c&k1: S[!89:; ;N c|js tdd|cxkr|jkstdtddDcgc]}|j|c}\}}}}t j d|}||zj|} ||z} t||||z} | ||z| | zzz|z} tt| | fScc}w)Nz)DSA public key cannot be used for signingzk is not between 2 and q-1)r"r!r r) min_inclusive max_exclusive) has_private TypeErrorr!r)r,r random_rangeinversepowmapint) r-mkcompr"r!r r blind_factor inv_blind_kblind_xrss r2_signz DsaKey._signss!GH HA9: :9: :2FG$diioG 1a++!9:< #a'003 l" 1aL1  L1,w{: ;q @3AHs C c2|\}}dDcgc]}|j|c}\}}}} d|cxkr|krnyd|cxkr|ksyyt|j|} | |z|z} | |z|z} t| | |t|| |z|z|z} | |k(Scc}w)N)rr!r rrF)r,rr<r=)r-r@sigrFrGrBrr!r rwu1u2vs r2_verifyzDsaKey._verifys12FG$diioG 1aA  $%q919$- AJ  q !!eq[!eq[ B]SB] *Q .! 3Av HsBcd|jvS)z!Whether this is a DSA private keyr"r,r-s r2r9zDsaKey.has_privatesdiir4cy)NFrRs r2 can_encryptzDsaKey.can_encryptsr4cy)NTrTrRs r2can_signzDsaKey.can_signsr4cBtfddD}t|S)z^A matching DSA public key. Returns: a new :class:`DsaKey` object c3@K|]}|j|fywNrQ).0rAr-s r2 z$DsaKey.public_key..s Qq!TYYq\!2 Qsr$)r+r)r-public_componentss` r2 public_keyzDsaKey.public_keys#! Q

,) rarr size_in_bitsappendhasattrr9 __class____name__idjoin)r-attrsrAbitss r2__repr__zDsaKey.__repr__s ACxtvv335 Ww./q! Q      LL #$.."9"92d8SXXe_!UUUr4cd t|j|S#t$r t|wxYwrZ)r?r,KeyErrorAttributeError)r-items r2 __getattr__zDsaKey.__getattr__s4 'tyy' ' ' & & 's/Nc | t|}|tj}|dk(rdDcgc]}|j|j !}}d}|Dcgc] }|| } }dg| z} dj | D cgc]$} t jdt| | z&c} } dtj| dd zSt|j|j|jg} |jr|d }|rP|sd }t!|j"j%}t'j(|t*||| | }|rd }nd}d}n|dk7r |r t-dd|j|j|j|j.|j"g}t|j%}d}n3|r t-dt1t*t!|j.| }d}|dk(r|S|dk(r&t3j$||dz||}t|St-d|zcc}wcc}wcc} w)aExport this DSA key. Args: format (string): The encoding for the output: - *'PEM'* (default). ASCII as per `RFC1421`_/ `RFC1423`_. - *'DER'*. Binary ASN.1 encoding. - *'OpenSSH'*. ASCII one-liner as per `RFC4253`_. Only suitable for public keys, not for private keys. passphrase (string): *Private keys only*. The pass phrase to protect the output. pkcs8 (boolean): *Private keys only*. If ``True`` (default), the key is encoded with `PKCS#8`_. If ``False``, it is encoded in the custom OpenSSL/OpenSSH container. protection (string): *Only in combination with a pass phrase*. The encryption scheme to use to protect the output. If :data:`pkcs8` takes value ``True``, this is the PKCS#8 algorithm to use for deriving the secret and encrypting the private DSA key. For a complete list of algorithms, see :mod:`Crypto.IO.PKCS8`. The default is *PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC*. If :data:`pkcs8` is ``False``, the obsolete PEM encryption scheme is used. It is based on MD5 for key derivation, and Triple DES for encryption. Parameter :data:`protection` is then ignored. The combination ``format='DER'`` and ``pkcs8=False`` is not allowed if a passphrase is present. randfunc (callable): A function that returns random bytes. By default it is :func:`Crypto.Random.get_random_bytes`. Returns: byte string : the encoded key Raises: ValueError : when the format is unknown or when you try to encrypt a private key with *DER* format and OpenSSL/OpenSSH. .. warning:: If you don't provide a pass phrase, the private key will be exported in the clear! .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _RFC4253: http://www.ietf.org/rfc/rfc4253.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt NOpenSSH)r r!rrcDt|ddzrtd|zS|S)Nr)rrr%s r2funczDsaKey.export_key..funcs%1J%7Q;&Hr4ssh-dssr4>Issh-dss Tz"PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC) key_paramsrandfunczENCRYPTED PRIVATEPRIVATErz#DSA private key cannot be encryptedrz DSA PRIVATEz*PKCS#8 is only meaningful for private keysPUBLICDERz KEYz3Unknown key format '%s'. Cannot export the DSA key.)r r get_random_bytesr,to_bytesrwstructpacklenbinascii b2a_base64rr r!rr9rr"encoder wrapoidr)rrr)r-formatpkcs8 passphrase protectionrr"tup1rtup2keypartskp keystringparams private_key binary_keykey_typeintspem_strs r2 export_keyzDsaKey.export_keys6v  ! ,J  ..H Y 5IJDIIaL))+JDJ  &**DG*D*"|d*HGOPV[[s2w7"<PI!4!4Y!?!DD Ddffdffdff56    }!!EJ(0779 "ZZ +S* *v)1" 2H(H! U?z$%JKK466466466466466B(.557 ( !MNN8 *466 2FctdNz'Use module Crypto.Signature.DSS insteadNotImplementedError)r-MKs r2signz DsaKey.signU!"KLLr4ctdrr)r-r signatures r2verifyz DsaKey.verifyXrr4ctrZr)r- plaintextrs r2encryptzDsaKey.encrypt[!!r4ctrZr)r- ciphertexts r2decryptzDsaKey.decrypt^rr4ctrZrr-rBs r2blindz DsaKey.blindarr4ctrZrrs r2unblindzDsaKey.unblinddrr4ctrZrrRs r2sizez DsaKey.sizegrr4)rNNNN)ru __module__ __qualname____doc__rar3rHrOr9rUrWr^rergrkrmrzrr exportKey publickeyrrrrrrrrTr4r2rrNs,)H # "  )& B V' ?C,0{Y|IIMM"""""r4rc ddddj|}|td|ztjdz}||zdz |zdz }|dz ||zz }t d}d|dz z}t ||t k7r`|d }t jtj|j|dz z} | |zdz}t ||t k7r`|j|k(sJd} d|dz z} t|dzD cgc]B} tjt | | zjzjD} } | D cgc]} t j| } } tt|Dcgc]}| |d||zzzc}| |d|zdz zd||zzz}t ||z}|j|k(sJ||d zz}||dz z }|j|k(rt ||t k(rn | |dzz } #|dz |z}tjdD]w}d zt!dzt |jz} t jtj| j}t#|||}|dk7swn||fScc} wcc} wcc}w) z+Generate a new set of DSA domain parameters) zInvalid modulus length (%d)r6@sggen)getr)r digest_sizerrr from_bytesnewdigestrqr rsum itertoolscountrr=)LrNoutlennb_r! upper_bitseedUoffsetjVrNiWXcr errs r2_generate_domainrks3(,,Q/Ay6:;;   ! #F VaF"Q&A Q!f* B  Aa!e I a *n <|   vzz$/668 9Y] K MA  a *n < >> q !Fa!e I !!a%( +jj 3 < < >>?FFH + +-. 0g  # 0 0 Z]C1q6z*+C1!r'Q'A!f*,=> @ A M "~~1$% QK QK >> q q( +~ =!a% $ Q1 A# 7NT!W $wu~'>'>'@ @   vzz!}335 6 1aL 6   q!T?3 + 0CsAJ8J=Kc|tj}|rxtt|\}}}t |t k(}|t |t k(z}||dz |zdk7z}||dkxs||k\z}|t |||dk7z}|rtdt||\}}}}|j}|j} ||k7rtd||fz|| fdvrtd|| fzd|cxkr|kstdtdtj| dz| } | |dz zdz} t || |} | |||| d } t| S) aGenerate a new DSA key pair. The algorithm follows Appendix A.1/A.2 and B.1 of `FIPS 186-4`_, respectively for domain generation and key pair generation. Args: bits (integer): Key length, or size (in bits) of the DSA modulus *p*. It must be 1024, 2048 or 3072. randfunc (callable): Random number generation function; it accepts a single integer N and return a string of random data N bytes long. If not specified, :func:`Crypto.Random.get_random_bytes` is used. domain (tuple): The DSA domain parameters *p*, *q* and *g* as a list of 3 integers. Size of *p* and *q* must comply to `FIPS 186-4`_. If not specified, the parameters are created anew. Returns: :class:`DsaKey` : a new DSA key object Raises: ValueError : when **bits** is too little, too big, or not a multiple of 64. .. _FIPS 186-4: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf r6rzInvalid DSA domain parametersz?Mismatch between size of modulus (%d) and 'bits' parameter (%d)))rr)rr)rr)rrz;Lengths of p and q (%d, %d) are not compatibleto FIPS 186-3zIncorrent DSA generatorr) exact_bitsrr) r rr>rrrr=r)rrqrandomr)ryrrmr r!r fmt_error_rrrr"rr.s r2rrs<** gv&1a(*i7 (+y88 q1uka'' Q!V%qAv% SAq\Q&& <= =%dH5 1a A ADy69:D BC C 1v00),-q623 3 q919233 233 !b&8ttdtt|}t |}d}|r\t |j tk(}|t |jtk(z}||j dz |jzdk7z}||jdkxs|j|j k\z}|t|j|j|j dk7z}||jdkxs|j|j k\z}t|drh||jdkxs|j|jk\z}|t|j|j|j |jk7z}|r td|S)aConstruct a DSA key from a tuple of valid DSA components. Args: tup (tuple): A tuple of long integers, with 4 or 5 items in the following order: 1. Public key (*y*). 2. Sub-group generator (*g*). 3. Modulus, finite field order (*p*). 4. Sub-group order (*q*). 5. Private key (*x*). Optional. consistency_check (boolean): If ``True``, the library will verify that the provided components fulfil the main DSA properties. Raises: ValueError: when the key being imported fails the most basic DSA validity checks. Returns: :class:`DsaKey` : a DSA key object rFr6rr"zInvalid DSA key components)r+zipr>rrrr rr!rr=rrsr"r))tupconsistency_checkr.keyrs r2rrsN2C13w3DEFH  CI'.); (/9<< suuqyCEE)a// SUUaZ1355CEE>1 Ssuu-22 SUUaZ1355CEE>1 3  !5suu~ 5I SUUCEE3551SUU: :I566 Jr4c|r tdtj|dd}|ddk7r tddDcgc]}|| }}t|Scc}w)Nz-DSA private key already comes with parametersT) nr_elementsonly_ints_expectedrzNo version found)rr6r)r)rdecoder)encodedrrderrBrs r2_import_openssl_privater!sg HII -  wA$  OC 1v{+,,!0 13t9 1C 1 S> 2s Ac"t|\}}}|tk7r td|r |r tdtj |j }t tj |xs|\}}} || ||f} t| S)NzNo DSA subjectPublicKeyInfozToo many DSA parameters) rrr)rrvaluelistrr) rrralgoid encoded_key emb_paramsrr r!rrs r2_import_subjectPublicKeyInfor+s'Fw'O#FK }677 *233 K(..A;=''(<*=>GAq! aA,C S>r4c2t|}t|d|SrZ)rr)rrrsp_infos r2_import_x509_certr9s.w7G 'v >>r4cN|r tdtj||}|dtk7r tdt j |dj }ttj |d\}}}t|||||||f}t|S)Nz"PKCS#8 already includes parametersrzNo PKCS#8 encoded DSA keyr6r) r)r unwraprrrrrrr=r) rrrrAr"r r!rrs r2 _import_pkcs8r ?s =>> Wj)Ats{455 AaD!''A;=''!-.GAq! q!Q<Aq! $C S>r4cttttf}|D]} ||||cSt d#t$rY'wxYw)z?Import a DSA key (public or private half), encoded in DER form.DSA key format is not supported)rrrr r))key_datarr decodingsdecodings r2_import_key_derrKs^)-" I  Hj&9 9 6 77   s 5 AAct|}| t|}|jdr4tjt ||\}}}|rd}t ||dS|jdrt j|jdd}g}t|dkDrJtjd|ddd}|j|dd|z|d|zd}t|dkDrJ|dd k(r0d Dcgc]}tj||} }t| St|dkDrt!|dd k(r t ||dSt#d cc}w) aImport a DSA key. Args: extern_key (string or byte string): The DSA key to import. The following formats are supported for a DSA **public** key: - X.509 certificate (binary DER or PEM) - X.509 ``subjectPublicKeyInfo`` (binary DER or PEM) - OpenSSH (ASCII one-liner, see `RFC4253`_) The following formats are supported for a DSA **private** key: - `PKCS#8`_ ``PrivateKeyInfo`` or ``EncryptedPrivateKeyInfo`` DER SEQUENCE (binary or PEM) - OpenSSL/OpenSSH custom format (binary or PEM) For details about the PEM encoding, see `RFC1421`_/`RFC1423`_. passphrase (string): In case of an encrypted private key, this is the pass phrase from which the decryption key is derived. Encryption may be applied either at the `PKCS#8`_ or at the PEM level. Returns: :class:`DsaKey` : a DSA key object Raises: ValueError : when the given key cannot be parsed (possibly because the pass phrase is wrong). .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _RFC4253: http://www.ietf.org/rfc/rfc4253.txt .. _PKCS#8: http://www.ietf.org/rfc/rfc5208.txt Ns-----r r6rrrr)rrr6r0r )r startswithrrr rr a2b_base64splitrrunpackrrrrrrr)) extern_keyrrmarkerenc_flagrrlengthr"rs r2rr\sfP$JZ( X&"%**U:-> "Kfh JsJ55[)'' (8(8(>q(AB )nq ]]42A7:F OOIaF 3 4!!f*+.I)nq  A;* $ ! :tJqM2d:z:t<< 6 77Js<Ez1.2.840.10040.4.1)NN)TrZ).__all__rrrCrypto.Util.py3compatrrr r r Cryptor Crypto.IOr r Crypto.HashrCrypto.Util.asn1rrrrrCrypto.Math.NumbersrCrypto.Math.PrimalityrrrCrypto.PublicKeyrrrobjectrrrrrrrr rr importKeyrrTr4r2r(s2 = HH  (33@@@Z"VZ"z2jFR.p ? 8"C8N  r4