o tBhS@sddlZddlZddlZddlmZddlmZmZmZm Z m Z m Z m Z zRddl Zddl mZddlmZddlmZmZddlmZmZdd lmZmZdd lmZmZmZmZm Z m!Z!m"Z"m#Z#dd l$m%Z%m&Z&m'Z'm(Z(m)Z)m*Z*m+Z+d Z,Wn e-yd Z,YnwhdZ.ddZ/GdddZ0Gddde0Z1Gddde0Z2e,rGddde0Z3Gddde0Z4Gddde3Z5Gddde0Z6dSdS)NInvalidKeyError)base64url_decodebase64url_encodeder_to_raw_signature force_bytesfrom_base64url_uintraw_to_der_signatureto_base64url_uint)InvalidSignature)hashes)ecpadding)EllipticCurvePrivateKeyEllipticCurvePublicKey)Ed25519PrivateKeyEd25519PublicKey) RSAPrivateKeyRSAPrivateNumbers RSAPublicKeyRSAPublicNumbers rsa_crt_dmp1 rsa_crt_dmq1 rsa_crt_iqmprsa_recover_prime_factors)Encoding NoEncryption PrivateFormat PublicFormatload_pem_private_keyload_pem_public_keyload_ssh_public_keyTF> ES256ES384ES512ES521EdDSAPS256PS384PS512RS256RS384RS512ES256KcCstttjttjttjd}trG|ttjttjttjttjttjttjttjttjt t jt t jt t jt d |S)zE Returns the algorithms that are implemented by the library. )noneHS256HS384HS512) r+r,r-r#r.r$r&r%r(r)r*r') NoneAlgorithm HMACAlgorithmSHA256SHA384SHA512 has_cryptoupdate RSAAlgorithm ECAlgorithmRSAPSSAlgorithmEd25519Algorithm)default_algorithmsr?e/var/www/html/riverr-enterprise-integrations-main/venv/lib/python3.10/site-packages/jwt/algorithms.pyget_default_algorithmsEs0rAc@s@eZdZdZddZddZddZedd Zed d Z d S) AlgorithmzH The interface for an algorithm used to sign and verify tokens. cCt)z Performs necessary validation and conversions on the key and returns the key value in the proper format for sign() and verify(). NotImplementedErrorselfkeyr?r?r@ prepare_keylzAlgorithm.prepare_keycCrC)zn Returns a digital signature for the specified message using the specified key value. rDrGmsgrHr?r?r@signsrJzAlgorithm.signcCrC)zz Verifies that the specified digital signature is valid for the specified message and key values. rDrGrLrHsigr?r?r@verifyzrJzAlgorithm.verifycCrC)z7 Serializes a given RSA key into a JWK rDkey_objr?r?r@to_jwkrJzAlgorithm.to_jwkcCrC)zb Deserializes a given RSA key from JWK back into a PublicKey or PrivateKey object rD)jwkr?r?r@from_jwkrJzAlgorithm.from_jwkN) __name__ __module__ __qualname____doc__rIrMrP staticmethodrSrUr?r?r?r@rBgs rBc@s(eZdZdZddZddZddZdS) r3zZ Placeholder for use when no signing or verification operations are required. cCs |dkrd}|durtd|S)Nz*When alg = "none", key value must be None.rrFr?r?r@rIs zNoneAlgorithm.prepare_keycCdS)Nr?rKr?r?r@rMzNoneAlgorithm.signcCr\)NFr?rNr?r?r@rPr^zNoneAlgorithm.verifyN)rVrWrXrYrIrMrPr?r?r?r@r3s  r3c@sZeZdZdZejZejZej Z ddZ ddZ e ddZe dd Zd d Zd d ZdS)r4zf Performs signing and verification operations using HMAC and the specified hash function. cC ||_dSNhash_algrGrbr?r?r@__init__ zHMACAlgorithm.__init__cs2tgd}tfdd|DrtdS)N)s-----BEGIN PUBLIC KEY-----s-----BEGIN CERTIFICATE-----s-----BEGIN RSA PUBLIC KEY-----ssh-rsac3s|]}|vVqdSr`r?).0 string_valuerHr?r@ sz,HMACAlgorithm.prepare_key..zdThe specified key is an asymmetric key or x509 certificate and should not be used as an HMAC secret.)ranyr)rGrHinvalid_stringsr?rir@rIszHMACAlgorithm.prepare_keycCsttt|ddS)Noct)kkty)jsondumpsrrdecoderQr?r?r@rSs zHMACAlgorithm.to_jwkcCshzt|tr t|}n t|tr|}ntWn ty"tdw|ddkr.tdt|dS)NKey is not valid JSONrormzNot an HMAC keyrn) isinstancestrrploadsdict ValueErrorrgetr)rTobjr?r?r@rUs     zHMACAlgorithm.from_jwkcCst|||jSr`)hmacnewrbdigestrKr?r?r@rMzHMACAlgorithm.signcCst||||Sr`)r{compare_digestrMrNr?r?r@rPr~zHMACAlgorithm.verifyN)rVrWrXrYhashlibsha256r5sha384r6sha512r7rdrIrZrSrUrMrPr?r?r?r@r4s   r4c@sZeZdZdZejZejZejZddZddZ e ddZ e dd Z d d Z d d ZdS)r:z~ Performs signing and verification operations using RSASSA-PKCS-v1_5 and the specified hash function. cCr_r`rarcr?r?r@rdrezRSAAlgorithm.__init__cCst|ts t|tr |St|ttfr 2 primes not supported)rrrrrcsg|]}|vqSr?r?)rgproprzr?r@ Csz)RSAAlgorithm.from_jwk..z@RSA key must include all parameters if any are present besides drrrrr)rrrrrrrr)rtrurprvrwrxrryrkallrr rrrrrrr private_key public_key) rT other_props props_foundany_props_foundrrrrrr?rr@rU,sx                  zRSAAlgorithm.from_jwkcCs||t|Sr`)rMrPKCS1v15rbrKr?r?r@rMvszRSAAlgorithm.signcCs4z|||t|WdStyYdSw)NTF)rPrrrbr rNr?r?r@rPys  zRSAAlgorithm.verifyN)rVrWrXrYr r5r6r7rdrIrZrSrUrMrPr?r?r?r@r:s # I r:c@sNeZdZdZejZejZejZddZddZ ddZ dd Z e d d Z d S) r;zr Performs signing and verification operations using ECDSA and the specified hash function cCr_r`rarcr?r?r@rdrezECAlgorithm.__init__cCst|ts t|tr |St|ttfr=2.6`` to be installed. cKsdSr`r?)rGkwargsr?r?r@rd r^zEd25519Algorithm.__init__cCst|ttfr |St|ttfr=t|tr|d}|d}d|vr't|Sd|vr1t|ddS|dddkr=t |St d) Nutf-8z-----BEGIN PUBLICz-----BEGIN PRIVATErrzssh-z)Expecting a PEM-formatted or OpenSSH key.) rtrrrruencoderrr!r r"r)rGrHstr_keyr?r?r@rI#s    zEd25519Algorithm.prepare_keycCs$t|tur t|dn|}||S)a Sign a message ``msg`` using the Ed25519 private key ``key`` :param str|bytes msg: Message to sign :param Ed25519PrivateKey key: A :class:`.Ed25519PrivateKey` instance :return bytes signature: The signature, as bytes r)typerrMrKr?r?r@rM6s zEd25519Algorithm.signcCsrz,t|tur t|dn|}t|turt|dn|}t|tr$|}|||WdStjjy8YdSw)a Verify a given ``msg`` against a signature ``sig`` using the Ed25519 key ``key`` :param str|bytes sig: Ed25519 signature to check ``msg`` against :param str|bytes msg: Message to sign :param Ed25519PrivateKey|Ed25519PublicKey key: A private or public Ed25519 key instance :return bool verified: True if signature is valid, False if not. rTF) rrrtrrrP cryptography exceptionsr rNr?r?r@rP@s   zEd25519Algorithm.verifycCst|tr|jtjtjd}ttt | dddSt|t rN|j tjt jtd}|jtjtjd}ttt | tt | dddStd)N)encodingformatOKPEd25519)rror)rrencryption_algorithm)rrrorr)rtr public_bytesrRawrrprqrrrrr private_bytesrrrr)rHrrr?r?r@rSTs:   zEd25519Algorithm.to_jwkc Cszt|tr t|}n t|tr|}ntWn ty"tdw|ddkr.td|d}|dkr>td|d|vrFtd t|d}zd |vrXt |WSt|d }t |WStyu}ztd |d}~ww) NrsrorzNot an Octet Key PairrrrrzOKP should have "x" parameterrzInvalid key parameter) rtrurprvrwrxrryrrfrom_public_bytesrfrom_private_bytes)rTrzrrrerrr?r?r@rU{s6        zEd25519Algorithm.from_jwkN) rVrWrXrYrdrIrMrPrZrSrUr?r?r?r@r=s  &r=)7rr{rprrutilsrrrrr r r cryptography.exceptionsrr cryptography.hazmat.primitivesr )cryptography.hazmat.primitives.asymmetricrr,cryptography.hazmat.primitives.asymmetric.ecrr1cryptography.hazmat.primitives.asymmetric.ed25519rr-cryptography.hazmat.primitives.asymmetric.rsarrrrrrrr,cryptography.hazmat.primitives.serializationrrrrr r!r"r8ModuleNotFoundErrorrequires_cryptographyrArBr3r4r:r;r<r=r?r?r?r@s@ $   ($  ")@{