,huygdZddlZddlZddlmZddlmZmZmZddl m Z m Z ddl m Z ddlmZddlmZmZmZdd lmZmZmZGd d eZdd Zdd ZdZdZdZdZdZ dZ!dZ"ddZ#e#Z$dZ%y))generate construct import_keyRsaKeyoidN)Random)tobytesbordtostr) DerSequenceDerNull) bytes_to_long)Integer)test_probable_primegenerate_probable_prime COMPOSITE)_expand_subject_public_key_info_create_subject_public_key_info _extract_subject_public_key_infocLeZdZdZdZedZedZedZedZ edZ edZ ed Z ed Z ed Zed Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZ d&dZdZdZ dZ!d Z"d!Z#d"Z$d#Z%d$Z&d%Z'y)'raClass defining an RSA key, private or public. Do not instantiate directly. Use :func:`generate`, :func:`construct` or :func:`import_key` instead. :ivar n: RSA modulus :vartype n: integer :ivar e: RSA public exponent :vartype e: integer :ivar d: RSA private exponent :vartype d: integer :ivar p: First factor of the RSA modulus :vartype p: integer :ivar q: Second factor of the RSA modulus :vartype q: integer :ivar invp: Chinese remainder component (:math:`p^{-1} \text{mod } q`) :vartype invp: integer :ivar invq: Chinese remainder component (:math:`q^{-1} \text{mod } p`) :vartype invq: integer :ivar u: Same as ``invp`` :vartype u: integer c xt|j}td}|tdz}|||fvr td|jD]\}}t |d|z|||k(rJ|j |j dz z|_|j |jdz z|_ d|_ yy)a.Build an RSA key. :Keywords: n : integer The modulus. e : integer The public exponent. d : integer The private exponent. Only required for private keys. p : integer The first factor of the modulus. Only required for private keys. q : integer The second factor of the modulus. Only required for private keys. u : integer The CRT coefficient (inverse of p modulo q). Only required for private keys. ne)pqduzSome RSA components are missing_N) setkeys ValueErroritemssetattr_d_p_dp_q_dq_invq)selfkwargs input_set public_set private_set componentvalues V/var/www/html/Resume-Scraper/venv/lib/python3.12/site-packages/Crypto/PublicKey/RSA.py__init__zRsaKey.__init__Rs& & _  3';#<< [*5 5>? ? &  2 Iu D# /5 1 2  #ww$''A+.DHww$''A+.DHDJ $c,t|jSN)int_nr,s r3rzRsaKey.nq477|r5c,t|jSr7)r8_er:s r3rzRsaKey.eur;r5cb|js tdt|jS)Nz-No private exponent available for public keys) has_privateAttributeErrorr8r&r:s r3rzRsaKey.dys(! !PQ Q477|r5cb|js tdt|jS)Nz.No CRT component 'p' available for public keys)r?r@r8r'r:s r3rzRsaKey.p(! !QR R477|r5cb|js tdt|jS)Nz.No CRT component 'q' available for public keys)r?r@r8r)r:s r3rzRsaKey.qrBr5cb|js tdt|jS)Nz/No CRT component 'dp' available for public keys)r?r@r8r(r:s r3dpz RsaKey.dp(! !RS S488}r5cb|js tdt|jS)Nz/No CRT component 'dq' available for public keys)r?r@r8r*r:s r3dqz RsaKey.dqrFr5c|js td|j*|jj |j |_t |jS)Nz1No CRT component 'invq' available for public keys)r?r@r+r)inverser'r8r:s r3invqz RsaKey.invqsJ! !TU U :: 1DJ4::r5c|jSr7)rr:s r3invpz RsaKey.invps vv r5cb|js tdt|jS)Nz.No CRT component 'u' available for public keys)r?r@r8_ur:s r3rzRsaKey.urBr5c6|jjS)zSize of the RSA modulus in bitsr9 size_in_bitsr:s r3rRzRsaKey.size_in_bitssww##%%r5cH|jjdz dzdzS)z9The minimal amount of bytes that can hold the RSA modulusr rQr:s r3 size_in_byteszRsaKey.size_in_bytess$$$&*q0144r5cd|cxkr|jkstdtdttt ||j |jS)NrzPlaintext too large)r9r#r8powrr=)r, plaintexts r3_encryptzRsaKey._encryptsQI''23 3(23 33wy)477DGG<==r5cd|cxkr|jkstdtd|js tdt j d|j}t |t ||j|jz|jz}t ||j|j}t ||j|j}||z |jz|jz}||jz|z}t j|j|j||j}|S)NrzCiphertext too largezThis is not a private keyr ) min_inclusive max_exclusive)r9r#r? TypeErrorr random_rangerWr=r(r'r*r)rO_mult_modulo_bytesrJ) r, ciphertextrcpm1m2hmpresults r3_decrypt_to_byteszRsaKey._decrypt_to_bytessJ((34 4)34 4!78 8  q H Z 3q$''477#; ;dgg E TXXtww ' TXXtww '2g DGG + [2 ++IIdgg&GG r5c6t|j|S)zLegacy private method)rrhr,r`s r3_decryptzRsaKey._decryptsT33J?@@r5ct|dS)z"Whether this is an RSA private keyr&)hasattrr:s r3r?zRsaKey.has_privatestT""r5cyNTr:s r3 can_encryptzRsaKey.can_encryptr5cyrorpr:s r3can_signzRsaKey.can_signrrr5cDt|j|jS)z^A matching RSA public key. Returns: a new :class:`RsaKey` object r)rr9r=r:s r3 public_keyzRsaKey.public_keys 477++r5c|j|jk7ry|j|jk7s|j|jk7ry|jsy|j|jk(S)NFT)r?rrrr,others r3__eq__z RsaKey.__eq__sc    !2!2!4 4 66UWW %'' 1!%''!"r5c||k( Sr7rprxs r3__ne__z RsaKey.__ne__sEM""r5cddlm}|)Nr) PicklingError)pickler~)r,r~s r3 __getstate__zRsaKey.__getstate__s (r5c.|jrVdt|jt|jt|jt|j fz}nd}dt|j t|j|fzS)Nz, d=%d, p=%d, q=%d, u=%dzRsaKey(n=%d, e=%d%s))r?r8r&r'r)rOr9r=)r,extras r3__repr__zRsaKey.__repr__sq    .#dgg,DGG 25dgg,DGG 2NNEE%TWWs477|U(KKKr5cL|jrd}nd}d|t|fzS)NPrivatePublicz%s RSA key at 0x%X)r?id)r,key_types r3__str__zRsaKey.__str__s,     HH#xD&:::r5Nc d| t|}|tj}|dk(r|j|jfDcgc]}|j c}\}} t |ddzrd|z}t | ddzrd| z} d|| g} dj| D cgc]$} tjdt| | z&c} } d tj| dd zS|jr7td|j|j |j"|j$|j&|j"|j$d z z|j"|j&d z zt)|j&j+|j$g j-} |d k(rd }|d k(r|rt/dddlm}|dk(r&|$d}|j5| t6dt9} nsd}|s|r t/dd}|j5| t6|||t9} d}n:d}t;t6t|j|j gt9} |d k(r| S|dk(r%ddlm}|j-| |||}t|St/d|zcc}wcc} w)a Export this RSA key. Keyword Args: format (string): The desired output format: - ``'PEM'``. (default) Text output, according to `RFC1421`_/`RFC1423`_. - ``'DER'``. Binary output. - ``'OpenSSH'``. Text output, according to the OpenSSH specification. Only suitable for public keys (not private keys). Note that PEM contains a DER structure. passphrase (bytes or string): (*Private keys only*) The passphrase to protect the private key. pkcs (integer): (*Private keys only*) The standard to use for serializing the key: PKCS#1 or PKCS#8. With ``pkcs=1`` (*default*), the private key is encoded with a simple `PKCS#1`_ structure (``RSAPrivateKey``). The key cannot be securely encrypted. With ``pkcs=8``, the private key is encoded with a `PKCS#8`_ structure (``PrivateKeyInfo``). PKCS#8 offers the best ways to securely encrypt the key. .. note:: This parameter is ignored for a public key. For DER and PEM, the output is always an ASN.1 DER ``SubjectPublicKeyInfo`` structure. protection (string): (*For private keys only*) The encryption scheme to use for protecting the private key using the passphrase. You can only specify a value if ``pkcs=8``. For all possible protection schemes, refer to :ref:`the encryption parameters of PKCS#8`. The recommended value is ``'PBKDF2WithHMAC-SHA512AndAES256-CBC'``. If ``None`` (default), the behavior depends on :attr:`format`: - if ``format='PEM'``, the obsolete PEM encryption scheme is used. It is based on MD5 for key derivation, and 3DES for encryption. - if ``format='DER'``, the ``'PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC'`` scheme is used. prot_params (dict): (*For private keys only*) The parameters to use to derive the encryption key from the passphrase. ``'protection'`` must be also specified. For all possible values, refer to :ref:`the encryption parameters of PKCS#8`. The recommendation is to use ``{'iteration_count':21000}`` for PBKDF2, and ``{'iteration_count':131072}`` for scrypt. randfunc (callable): A function that provides random bytes. Only used for PEM encoding. The default is :func:`Crypto.Random.get_random_bytes`. Returns: bytes: the encoded key Raises: ValueError:when the format is unknown or when you try to encrypt a private key with *DER* format and PKCS#1. .. warning:: If you don't provide a pass phrase, the private key will be exported in the clear! .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _`PKCS#1`: http://www.ietf.org/rfc/rfc3447.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt NOpenSSHrsssh-rsar5>Issh-rsa r zRSA PRIVATE KEYDERz&PKCS#1 private key cannot be encryptedPKCS8PEMz PRIVATE KEY) key_paramszENCRYPTED PRIVATE KEYz"'protection' parameter must be setz"PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC) prot_paramsrz PUBLIC KEYrz3Unknown key format '%s'. Cannot export the RSA key.)r rget_random_bytesr=r9to_bytesr joinstructpacklenbinascii b2a_base64r?r rrrrrrrJencoder# Crypto.IOrwraprr rr)r,format passphrasepkcs protectionrandfuncrxe_bytesn_byteskeypartskp keystring binary_keyrrrpem_strs r3 export_keyzRsaKey.export_keysl  ! ,J  ..H Y 7;ww6HI I GWGAJ$&!G+GAJ$&!G+"GW5HH!Ub&++dCG"y","BJ 7H%&",-Q"RR%I !&J,6 8C7>y","BJ"&J#H89DdffFJffFN:O9@;J U?  U? %jjXz8LG7# #NQWWXXy J "Vs J()J-c&|j|i|S:meta private:)r)r,argsr-s r3 exportKeyzRsaKey.exportKeyst///r5c"|jSr)rvr:s r3 publickeyzRsaKey.publickeys  r5ctdrz,Use module Crypto.Signature.pkcs1_15 insteadNotImplementedError)r,MKs r3signz RsaKey.sign!"PQQr5ctdrr)r,r signatures r3verifyz RsaKey.verifyrr5ctdrz+Use module Crypto.Cipher.PKCS1_OAEP insteadr)r,rXrs r3encryptzRsaKey.encrypt!"OPPr5ctdrrrjs r3decryptzRsaKey.decryptrr5ctrrr,rBs r3blindz RsaKey.blind!!r5ctrrrs r3unblindzRsaKey.unblindrr5ctrrr:s r3sizez RsaKey.sizerr5)rNr NNN)(__name__ __module__ __qualname____doc__r4propertyrrrrrrErHrKrMrrRrUrYrhrkr?rqrtrvrzr|rrrrrrrrrrrrrrpr5r3rr4s]:>      &5> 2A # ,## L;>??CYYx0! RRQQ"""r5rc |dkr tddzdk(sdkr td|tj}tdx}}t|j |k7r|d|dzzkr|dz}||z }tdd|zdz zj x ||k7r"tdd|zdz zj  fd}t ||| td|dzd z z  fd }t ||| } | z}dz j| dz } j| }|j |k7r |d|dzzkr߉ kDr| c} j| } t||| | S) aBCreate a new RSA key pair. The algorithm closely follows NIST `FIPS 186-4`_ in its sections B.3.1 and B.3.3. The modulus is the product of two non-strong probable primes. Each prime passes a suitable number of Miller-Rabin tests with random bases and a single Lucas test. Args: bits (integer): Key length, or size (in bits) of the RSA modulus. It must be at least 1024, but **2048 is recommended.** The FIPS standard only defines 1024, 2048 and 3072. Keyword Args: randfunc (callable): Function that returns random bytes. The default is :func:`Crypto.Random.get_random_bytes`. e (integer): Public RSA exponent. It must be an odd positive integer. It is typically a small number with very few ones in its binary representation. The FIPS standard requires the public exponent to be at least 65537 (the default). Returns: an RSA key object (:class:`RsaKey`, with private key). .. _FIPS 186-4: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf iz"RSA modulus length must be >= 1024rzBRSA public exponent must be a positive, odd integer larger than 2.r c@|kDxr|dz jdk(SNr )gcd) candidatermin_ps r3filter_pzgenerate..filter_ps'u$D)a-)<).filter_qsB%6]''*a/6 A &5 7r5rrrrrr) r#rrrrRsqrtrlcmrJr)bitsrrrrsize_qsize_prrrrrrrrrs ` @@@@r3rrs< d{=>>1uzQU]^^** AJA A .. d "qA$!),<'= F Q7==?? V QZAJN399;E E $v-519 ;qzdai#o6  7 $v-519 ; E1ukk!a%  IIcN? .. d "qA$!),<'=B 1u!1 ! A Aa1Q //r5cGddt}|}td|D]\}}t||t||j}|j }t |dst||}n.|j} t |dr|j} |j} n| |zdz } | } | dzd k(r| dz} | dzd k(rd }td}|sw|d krrt| }|| krUt|||}|dk7r8||dz k7r0t|d|dk(r t|j|dz} d }n |dz}|| krU|dz }|s|d krr|s td | zd k(sJ|| z} t |dr |j}n| j| }t||| | | |}|rc|dks||k\r tdt|j|dk7r td|dzs td|j!r dks| |k\r tdt|j| dk7r td  z|k7r tdt#| t$k(r tdt#| t$k(r td| dz | dz z}|| dz j| dz z}|| zt'|zdk7r tdt |dr+dks|| k\r td| |z| zdk7r td|S)a3Construct an RSA key from a tuple of valid RSA components. The modulus **n** must be the product of two primes. The public exponent **e** must be odd and larger than 1. In case of a private key, the following equations must apply: .. math:: \begin{align} p*q &= n \\ e*d &\equiv 1 ( \text{mod lcm} [(p-1)(q-1)]) \\ p*u &\equiv 1 ( \text{mod } q) \end{align} Args: rsa_components (tuple): A tuple of integers, with at least 2 and no more than 6 items. The items come in the following order: 1. RSA modulus *n*. 2. Public exponent *e*. 3. Private exponent *d*. Only required if the key is private. 4. First factor of *n* (*p*). Optional, but the other factor *q* must also be present. 5. Second factor of *n* (*q*). Optional. 6. CRT coefficient *q*, that is :math:`p^{-1} \text{mod }q`. Optional. Keyword Args: consistency_check (boolean): If ``True``, the library will verify that the provided components fulfil the main RSA properties. Raises: ValueError: when the key being imported fails the most basic RSA validity checks. Returns: An RSA key object (:class:`RsaKey`). c eZdZy)construct..InputCompsN)rrrrpr5r3 InputCompsrDs r5rrrrrr rrFrTz2Unable to compute factors p and q from exponent d.rzInvalid RSA public exponentz-RSA public exponent is not coprime to moduluszRSA modulus is not oddzInvalid RSA private exponentz.RSA private exponent is not coprime to modulusz RSA factors do not match moduluszRSA factor p is compositezRSA factor q is compositezInvalid RSA conditionzInvalid RSA component uzInvalid RSA component u with p)objectzipr%rrrrmrrrrrWrr#rrJr?rrr8)rsa_componentsconsistency_checkr input_compscompr2rrkeyrrrktottspottedakcandrphirs r3rrs:R V ,K;^L3 u T75>23  A A ; $qA MM ; $ A A q519DAa%1*aa%1*G A!c'AJ$hq!Q>!  !LM M1u56 6 ?? Ava !?@@qz~~a A% !QRR1uz !CDD"1%2 !<=="1%2 !<==q5QU#C!a%QU++CAC Q& !899sC 6Q!V$%>??EAI!#$%EFF Jr5ctj|dd}|ddk7r tdt|ddt |dj |d gzS) N T nr_elementsonly_ints_expectedrz(No PKCS#1 encoding of an RSA private keyr )r decoder#rrrJencodedr-ders r3_import_pkcs1_privater sd -  wA$  OC 1v{CDD S1XQ!8!8Q!@ AA BBr5cPtj|dd}t|S)NrTr)r r rr s r3_import_pkcs1_publicrs' -  wA$  OC S>r5chtdf}t|\}}}||vs| tdt|S)N1.2.840.113549.1.1.10zNo RSA subjectPublicKeyInfo)rrr#r)r r-oidsalgoid encoded_keyparamss r3_import_subjectPublicKeyInforsB ( )D"A'"JFK TV/677  ,,r5c.t|}t|Sr7)rr)r r-sp_infos r3_import_x509_certrs.w7G ' 00r5cddlm}tdf}|j||}|d|vr t dt |d|S)NrrrzNo PKCS#8 encoded RSA keyr )rrrunwrapr#_import_keyDER)r rrrrs r3 _import_pkcs8rsI ( )D Wj)At4455 !A$ ++r5ctttttf}|D] } |||cSt d#t $rY&wxYw)z@Import an RSA key (public or private half), encoded in DER form.RSA key format is not supported)r rrrrr#) extern_keyr decodingsdecodings r3rrs_'%-"  I  J 3 3 6 77   s9 AAclddlm}m}m}m}|||\}}|dk7r t d||\}}||\} }||\} }||\} }||\} }||\} }||\}}|||| | | | | fDcgc]}t j|}}t|Scc}w)Nr )import_openssh_private_generic read_bytes read_string check_paddingzssh-rsazThis SSH key is not RSA) _opensshr$r%r&r'r#r from_bytesr)datapasswordr$r%r&r'ssh_name decryptedrrriqmprrrpaddedrbuilds r3_import_openssh_private_rsar1sCC9xHHi9233i(LAyi(LAyi(LAy +OD)i(LAyi(LAyI&IAv&-.1aD,A BqW   " BE B U  CsB1cHddlm}t|}| t|}|jdr/t |}|j ||\}}}t ||}|S|jdr/|j t ||\}}}|rd}t||S|jdrtj|jdd} g} t| d kDrJtjd | dd d} | j| d d | z| d | zd} t| d kDrJtj | d} tj | d } t#| | gSt|dkDrt%|dd k(r t||St'd )aImport an RSA key (public or private). Args: extern_key (string or byte string): The RSA key to import. The following formats are supported for an RSA **public key**: - X.509 certificate (binary or PEM format) - X.509 ``subjectPublicKeyInfo`` DER SEQUENCE (binary or PEM encoding) - `PKCS#1`_ ``RSAPublicKey`` DER SEQUENCE (binary or PEM encoding) - An OpenSSH line (e.g. the content of ``~/.ssh/id_ecdsa``, ASCII) The following formats are supported for an RSA **private key**: - PKCS#1 ``RSAPrivateKey`` DER SEQUENCE (binary or PEM encoding) - `PKCS#8`_ ``PrivateKeyInfo`` or ``EncryptedPrivateKeyInfo`` DER SEQUENCE (binary or PEM encoding) - OpenSSH (text format, introduced in `OpenSSH 6.5`_) For details about the PEM encoding, see `RFC1421`_/`RFC1423`_. passphrase (string or byte string): For private keys only, the pass phrase that encrypts the key. Returns: An RSA key object (:class:`RsaKey`). Raises: ValueError/IndexError/TypeError: When the given key cannot be parsed (possibly because the pass phrase is wrong). .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _`PKCS#1`: http://www.ietf.org/rfc/rfc3447.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt .. _`OpenSSH 6.5`: https://flak.tedunangst.com/post/new-openssh-key-format-and-bcrypt-pbkdf rrNs-----BEGIN OPENSSH PRIVATE KEYs-----r r rrr0r)rrr startswithr r r1rr a2b_base64splitrrunpackappendrr)rr r#)r rr text_encodedopenssh_encodedmarkerenc_flagrgr rrlengthrrs r3rr sR$JZ( >?Z( ,/JJ|Z,P),_jI X&"%**U:-> "Kfh Jc:..[)'' (8(8(>q(AB )nq ]]42A7:F OOIaF 3 4!!f*+.I)nq    x{ +   x{ +!Q   :tJqM2d:j*55 6 77r5z1.2.840.113549.1.1.1)Ni)Tr7)&__all__rrCryptorCrypto.Util.py3compatr r r Crypto.Util.asn1r r Crypto.Util.numberrCrypto.Math.NumbersrCrypto.Math.PrimalityrrrCrypto.PublicKeyrrrrrrrr rrrrrr1r importKeyrrpr5r3rHs@  661,'GG@@ R"VR"j O0dM`C(-1 ,8$0L8`  r5