HEX
Server: LiteSpeed
System: Linux shams.tasjeel.ae 5.14.0-611.5.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 08:09:09 EST 2025 x86_64
User: infowars (1469)
PHP: 8.2.29
Disabled: NONE
$ pwd: /usr/lib/python3.9/site-packages/jwcrypto/__pycache__/
Upload Files
File: //usr/lib/python3.9/site-packages/jwcrypto/__pycache__/jwa.cpython-39.pyc
a

�,�es��@s"ddlZddlZddlmZmZddlmZmZddlm	Z	ddl
mZddlm
Z
mZmZddlmZddlmZdd	lmZdd
lmZmZmZddlmZddlmZdd
lmZmZddl m!Z!ddl"m#Z#ddl"m$Z$ddl"m%Z%ddl"m&Z&ddl"m'Z'ddl"m(Z(m)Z)ddl"m*Z*ddl+m,Z,dZ-Gdd�ded�Z.dd�Z/dd�Z0dd �Z1d!d"�Z2d#d$�Z3Gd%d&�d&�Z4Gd'd(�d(e4�Z5Gd)d*�d*e4�Z6Gd+d,�d,e4�Z7Gd-d.�d.e4�Z8Gd/d0�d0e5e.�Z9Gd1d2�d2e5e.�Z:Gd3d4�d4e5e.�Z;Gd5d6�d6e6e.�Z<Gd7d8�d8e6e.�Z=Gd9d:�d:e6e.�Z>Gd;d<�d<e7e.�Z?Gd=d>�d>e7e.�Z@Gd?d@�d@e7e.�ZAGdAdB�dBe7e.�ZBGdCdD�dDe6e.�ZCGdEdF�dFe6e.�ZDGdGdH�dHe6e.�ZEGdIdJ�dJe8e.�ZFGdKdL�dL�ZGGdMdN�dNeG�ZHGdOdP�dPeHe.�ZIGdQdR�dReHe.�ZJGdSdT�dTeHe.�ZKGdUdV�dVeG�ZLGdWdX�dXeLe.�ZMGdYdZ�dZeLe.�ZNGd[d\�d\eLe.�ZOGd]d^�d^eG�ZPGd_d`�d`ePe.�ZQGdadb�dbePe.�ZRGdcdd�ddePe.�ZSGdedf�dfeG�ZTGdgdh�dheTe.�ZUGdidj�djeTe.�ZVGdkdl�dleTe.�ZWGdmdn�dneGe.�ZXGdodp�dpeGe.�ZYGdqdr�dreY�ZZGdsdt�dteY�Z[Gdudv�dveY�Z\Gdwdx�dxe4e.�Z]Gdydz�dz�Z^Gd{d|�d|e^�Z_Gd}d~�d~e_e.�Z`Gdd��d�e_e.�ZaGd�d��d�e_e.�ZbGd�d��d�e^�ZcGd�d��d�ece.�ZdGd�d��d�ece.�ZeGd�d��d�ece.�ZfGd�d��d�e7e.�ZgGd�d��d�e7e.�ZhGd�d��d�e7e.�ZiGd�d��d��ZjdS)��N)�ABCMeta�abstractmethod)�hexlify�	unhexlify)�InvalidSignature)�default_backend)�
constant_time�hashes�hmac)�ec)�padding)�utils)�Cipher�
algorithms�modes)�
ConcatKDFHash)�
PBKDF2HMAC)�aes_key_unwrap�aes_key_wrap)�PKCS7)�InvalidCEKeyLength)�InvalidJWAAlgorithm)�InvalidJWEKeyLength)�InvalidJWEKeyType)�InvalidJWEOperation)�base64url_decode�base64url_encode)�json_decode)�JWKi@c@sheZdZeedd���Zeedd���Zeedd���Zeedd���Zeed	d
���Z	edd��Z
d
S)�JWAAlgorithmcCsdS)zThe algorithm NameN���selfr r �0/usr/lib/python3.9/site-packages/jwcrypto/jwa.py�name$szJWAAlgorithm.namecCsdS)zA short descriptionNr r!r r r#�description)szJWAAlgorithm.descriptioncCsdS)zThe algorithm key sizeNr r!r r r#�keysize.szJWAAlgorithm.keysizecCsdS)zOne of 'alg', 'enc' or 'JWK'Nr r!r r r#�algorithm_usage_location3sz%JWAAlgorithm.algorithm_usage_locationcCsdS)zOne of 'sig', 'kex', 'enc'Nr r!r r r#�
algorithm_use8szJWAAlgorithm.algorithm_usecCs&z|jWSty |jYS0dS)zThe input key sizeN)�
wrap_key_size�AttributeErrorr&r!r r r#�
input_keysize=szJWAAlgorithm.input_keysizeN)�__name__�
__module__�__qualname__�propertyrr$r%r&r'r(r+r r r r#r"s"r)�	metaclasscCst|�dS�N�)�len��xr r r#�_bitsizeFsr6cCs|dSr1r r4r r r#�_inbytesJsr7cCs"|ddkrtd��t�t|��S)Nr2rzlength must be a multiple of 8)�
ValueError�os�urandomr7r4r r r#�_randombitsNsr;cCs2d�|�}|ddd}t|�|d�d|��S)Nz{:x}�r2��0)�formatr�rjust)�n�bits�eZilenr r r#�_encode_intUs
rDcCstt|�d�S)N�)�intr)rAr r r#�_decode_int[srGc@seZdZdd�Zdd�ZdS)�_RawJWScCst�dS�N��NotImplementedError�r"�key�payloadr r r#�signasz_RawJWS.signcCst�dSrIrJ�r"rMrN�	signaturer r r#�verifydsz_RawJWS.verifyN�r,r-r.rOrRr r r r#rH_srHc@s,eZdZdd�Zdd�Zdd�Zdd�Zd	S)
�_RawHMACcCst�|_||_dSrI)r�backend�hashfn�r"rVr r r#�__init__jsz_RawHMAC.__init__cCs"tj||j|jd�}|�|�|S)N�rU)r
�HMACrVrU�update)r"rMrN�hr r r#�_hmac_setupns
z_RawHMAC._hmac_setupcCs"t|�d��}|�||�}|��S�NrO)r�
get_op_keyr]�finalize)r"rMrN�skeyr\r r r#rOssz
_RawHMAC.signcCs(t|�d��}|�||�}|�|�dS�NrR)rr_r]rR)r"rMrNrQZvkeyr\r r r#rRxsz_RawHMAC.verifyN)r,r-r.rXr]rOrRr r r r#rThsrTc@s$eZdZdd�Zdd�Zdd�ZdS)�_RawRSAcCs||_||_dSrI)�padfnrV)r"rdrVr r r#rXsz_RawRSA.__init__cCs|�d�}|�||j|j�Sr^)r_rOrdrV�r"rMrNrar r r#rO�s
z_RawRSA.signcCs"|�d�}|�|||j|j�dSrb)r_rRrdrV�r"rMrNrQ�pkeyr r r#rR�s
z_RawRSA.verifyN)r,r-r.rXrOrRr r r r#rc~srcc@s0eZdZdd�Zedd��Zdd�Zdd�Zd	S)
�_RawECcCs||_||_dSrI)�_curverV)r"�curverVr r r#rX�sz_RawEC.__init__cCs|jSrI)rir!r r r#rj�sz_RawEC.curvecCsJ|�d|j�}|j}|�|t�|j��}t�|�\}}t	||�t	||�Sr^)
r_riZkey_sizerOr�ECDSArV�ec_utilsZdecode_dss_signaturerD)r"rMrNra�sizerQ�r�sr r r#rO�s
z_RawEC.signcCsp|�d|j�}|dt|�d�}|t|�dd�}t�tt|�d�tt|�d��}|�||t�	|j
��dS)NrRr=rE)r_rir3rlZencode_dss_signaturerFrrRrrkrV)r"rMrNrQrgrnroZ
enc_signaturer r r#rR�s�z
_RawEC.verifyN)r,r-r.rXr/rjrOrRr r r r#rh�s

rhc@seZdZdd�Zdd�ZdS)�_RawNonecCsdS)N�r rLr r r#rO�sz
_RawNone.signcCs$|ddks|��dkr td��dS)N�kty�octrqz'The "none" signature cannot be verified)r_rrPr r r#rR�sz_RawNone.verifyNrSr r r r#rp�srpcs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_HS256�HS256zHMAC using SHA-256��alg�sigcstt|��t���dSrI)�superrtrXr	�SHA256r!��	__class__r r#rX�sz_HS256.__init__�
r,r-r.r$r%r&r'r(rX�
__classcell__r r r{r#rt�srtcs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_HS384�HS384zHMAC using SHA-384�rwrxcstt|��t���dSrI)ryrrXr	�SHA384r!r{r r#rX�sz_HS384.__init__r}r r r{r#r�srcs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_HS512�HS512zHMAC using SHA-512�rwrxcstt|��t���dSrI)ryr�rXr	�SHA512r!r{r r#rX�sz_HS512.__init__r}r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_RS256�RS256zRSASSA-PKCS1-v1_5 using SHA-256�rwrxcstt|��t��t���dSrI)ryr�rXr�PKCS1v15r	rzr!r{r r#rX�sz_RS256.__init__r}r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_RS384�RS384zRSASSA-PKCS1-v1_5 using SHA-384r�rwrxcstt|��t��t���dSrI)ryr�rXrr�r	r�r!r{r r#rX�sz_RS384.__init__r}r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_RS512�RS512zRSASSA-PKCS1-v1_5 using SHA-512r�rwrxcstt|��t��t���dSrI)ryr�rXrr�r	r�r!r{r r#rX�sz_RS512.__init__r}r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_ES256�ES256zECDSA using P-256 and SHA-256rvrwrxcstt|��dt���dS)NzP-256)ryr�rXr	rzr!r{r r#rX�sz_ES256.__init__r}r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_ES256K�ES256Kz'ECDSA using secp256k1 curve and SHA-256rvrwrxcstt|��dt���dS)NZ	secp256k1)ryr�rXr	rzr!r{r r#rXsz_ES256K.__init__r}r r r{r#r�sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_ES384�ES384zECDSA using P-384 and SHA-384r�rwrxcstt|��dt���dS)NzP-384)ryr�rXr	r�r!r{r r#rXsz_ES384.__init__r}r r r{r#r�sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_ES512�ES512zECDSA using P-521 and SHA-512r�rwrxcstt|��dt���dS)NzP-521)ryr�rXr	r�r!r{r r#rX#sz_ES512.__init__r}r r r{r#r�sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_PS256�PS256z.RSASSA-PSS using SHA-256 and MGF1 with SHA-256r�rwrxcs4t�t�t���tjj�}tt|��|t���dSrI)	r�PSS�MGF1r	rz�digest_sizeryr�rX�r"rdr{r r#rX/s�z_PS256.__init__r}r r r{r#r�'sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_PS384�PS384z.RSASSA-PSS using SHA-384 and MGF1 with SHA-384r�rwrxcs4t�t�t���tjj�}tt|��|t���dSrI)	rr�r�r	r�r�ryr�rXr�r{r r#rX=s�z_PS384.__init__r}r r r{r#r�5sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_PS512�PS512z.RSASSA-PSS using SHA-512 and MGF1 with SHA-512r�rwrxcs4t�t�t���tjj�}tt|��|t���dSrI)	rr�r�r	r�r�ryr�rXr�r{r r#rXKs�z_PS512.__init__r}r r r{r#r�Csr�c@s eZdZdZdZdZdZdZdS)�_None�nonez%No digital signature or MAC performedrrwrxN�r,r-r.r$r%r&r'r(r r r r#r�Qs
r�c@seZdZdd�Zdd�ZdS)�_RawKeyMgmtcCst�dSrIrJ)r"rM�bitsize�cek�headersr r r#�wrap\sz_RawKeyMgmt.wrapcCst�dSrIrJ)r"rMr��ekr�r r r#�unwrap_sz_RawKeyMgmt.unwrapN)r,r-r.r�r�r r r r#r�Zsr�c@s,eZdZdd�Zdd�Zdd�Zdd�Zd	S)
�_RSAcCs
||_dSrI)rdr�r r r#rXesz
_RSA.__init__cCs0t|t�std��|ddkr,td|d��dS)N�key is not a JWK objectrrZRSA��
isinstancerr8r�r"rMr r r#�
_check_keyhs
z_RSA._check_keycCs8|�|�|st|�}|�d�}|�||j�}||d�S)N�wrapKey�r�r�)r�r;r_�encryptrd�r"rMr�r�r��rkr�r r r#r�os

z	_RSA.wrapcCs@|�|�|�d�}|�||j�}t|�|kr<t|t|���|S)N�	unwrapKey)r�r_�decryptrdr6r�r"rMr�r�r�r�r�r r r#r�ws

z_RSA.unwrapN)r,r-r.rXr�r�r�r r r r#r�csr�cs<eZdZdZdZdZdZdZ�fdd�Z�fdd	�Z	�Z
S)
�_Rsa15�RSA1_5zRSAES-PKCS1-v1_5r�rw�kexcstt|��t���dSrI)ryr�rXrr�r!r{r r#rX�sz_Rsa15.__init__csP|�|�t|�}z"tt|��||||�}td��WntyJ|YS0dS)NZDummy)r�r;ryr�r�r8�	Exception�r"rMr�r�r�r�r{r r#r��s
z
_Rsa15.unwrap)r,r-r.r$r%r&r'r(rXr�r~r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_RsaOaep�RSA-OAEPz#RSAES OAEP using default parametersr�rwr�cs,tt|��t�t�t���t��d��dSrI)ryr�rXr�OAEPr�r	ZSHA1r!r{r r#rX�s

��z_RsaOaep.__init__r}r r r{r#r��sr�cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_RsaOaep256�RSA-OAEP-256z.RSAES OAEP using SHA-256 and MGF1 with SHA-256r�rwr�cs,tt|��t�t�t���t��d��dSrI)ryr�rXrr�r�r	rzr!r{r r#rX�s

��z_RsaOaep256.__init__r}r r r{r#r��sr�c@s0eZdZdZdd�Zdd�Zdd�Zdd	�ZdS)
�_AesKwNcCst�|_dSrI�rrUr!r r r#rX�sz_AesKw.__init__cCs\t|t�std��|ddkr,td|d��t|�|��}t|�|jkrXt|jt|���|S�Nr�rrrs�	r�rr8rrr_r6r&r�r"rM�opr�r r r#�_get_key�s
z_AesKw._get_keycCs0|�|d�}|st|�}t||t��}||d�S)Nr�r�)r�r;rrr�r r r#r��s
z_AesKw.wrapcCs8|�|d�}t||t��}t|�|kr4t|t|���|S)Nr�)r�rrr6rr�r r r#r��s
z
_AesKw.unwrap�r,r-r.r&rXr�r�r�r r r r#r��s

	r�c@s eZdZdZdZdZdZdZdS)�_A128KW�A128KWzAES Key Wrap using 128-bit key�rwr�Nr�r r r r#r��s
r�c@s eZdZdZdZdZdZdZdS)�_A192KW�A192KWzAES Key Wrap using 192-bit key�rwr�Nr�r r r r#r��s
r�c@s eZdZdZdZdZdZdZdS)�_A256KW�A256KWzAES Key Wrap using 256-bit keyrvrwr�Nr�r r r r#r��s
r�c@s0eZdZdZdd�Zdd�Zdd�Zdd	�ZdS)
�	_AesGcmKwNcCst�|_dSrIr�r!r r r#rX�sz_AesGcmKw.__init__cCs\t|t�std��|ddkr,td|d��t|�|��}t|�|jkrXt|jt|���|Sr�r�r�r r r#r��s
z_AesGcmKw._get_keycCsv|�|d�}|st|�}td�}tt�|�t�|�|jd�}|��}|�	|�|�
�}	|j}
||	t|�t|
�d�d�S)Nr��`rY)�iv�tag)r�r��header)
r�r;rr�AESr�GCMrU�	encryptorr[r`r�r)r"rMr�r�r�r�r��cipherr�r�r�r r r#r�s���z_AesGcmKw.wrapcCs�|�|d�}d|vrtd��t|d�}d|vr8td��t|d�}tt�|�t�||�|jd�}|�	�}	|	�
|�|	��}
t|
�|kr�t
|t|
���|
S)Nr�r�z&Invalid Header, missing "iv" parameterr�z'Invalid Header, missing "tag" parameterrY)r�r8rrrr�rr�rU�	decryptorr[r`r6r)r"rMr�r�r�r�r�r�r�r�r�r r r#r�s�z_AesGcmKw.unwrapr�r r r r#r��s

r�c@s eZdZdZdZdZdZdZdS)�
_A128GcmKw�	A128GCMKWz+Key wrapping with AES GCM using 128-bit keyr�rwr�Nr�r r r r#r�+s
r�c@s eZdZdZdZdZdZdZdS)�
_A192GcmKw�	A192GCMKWz+Key wrapping with AES GCM using 192-bit keyr�rwr�Nr�r r r r#r�4s
r�c@s eZdZdZdZdZdZdZdS)�
_A256GcmKw�	A256GCMKWz+Key wrapping with AES GCM using 256-bit keyrvrwr�Nr�r r r r#r�=s
r�c@s8eZdZdZdZdZdd�Zdd�Zdd�Zdd	�Z	dS)
�
_Pbes2HsAesKwNcCst�|_tttd�|_dS�N)r�r�rv�rrUr�r�r��aeskwmapr!r r r#rXLsz_Pbes2HsAesKw.__init__c
Cs�|tkrtd��t|t�s6t|t�r*|}qB|�d�}nt|���}t|j�d��d|}|j	dkrnt
��}n0|j	dkr�t
��}n|j	dkr�t
�
�}ntd��t|t|j�|||jd�}|�|�}	t|	�|jkr�t|jt|	���td	d
t|	�d�S)NzInvalid p2c value, too large�utf8�rvr�r�zUnknown Hash Size)�	algorithm�length�saltZ
iterationsrUrs�enc�rr�use�k)�default_max_pbkdf2_iterationsr8r�r�bytes�encoderr_r$�hashsizer	rzr�r�rr7r&rU�deriver6rr3r)
r"rwrM�p2s�p2cZplainr�ZhashalgZkdfr�r r r#r�Ps,







�
z_Pbes2HsAesKw._get_keycCs�i}d|vr.t|d�}t|�dkrBtd��ntd�}t|�|d<d|vrT|d}nd}||d<|�|d|||�}|j|j�}	|	�||||�}
t|�dkr�||
d	<|
S)
Nr�r2z'Invalid Salt, must be 8 or more octectsr�r�i rwrr�)	rr3r8r;rr�r�r&r�)r"rMr�r�r�Z
ret_headerr�r��kek�aeskw�retr r r#r�os"

z_Pbes2HsAesKw.wrapc	Csfd|vrtd��d|vr td��t|d�}|d}|�|d|||�}|j|j�}|�||||�S)Nr�z'Invalid Header, missing "p2s" parameterr�z'Invalid Header, missing "p2c" parameterrw)r8rr�r�r&r�)	r"rMr�r�r�r�r�r�r�r r r#r��sz_Pbes2HsAesKw.unwrap)
r,r-r.r$r&r�rXr�r�r�r r r r#r�Fsr�c@s$eZdZdZdZdZdZdZdZdS)�_Pbes2Hs256A128Kw�PBES2-HS256+A128KWz-PBES2 with HMAC SHA-256 and "A128KW" wrappingr�rwr�rvN�	r,r-r.r$r%r&r'r(r�r r r r#r��sr�c@s$eZdZdZdZdZdZdZdZdS)�_Pbes2Hs384A192Kw�PBES2-HS384+A192KWz-PBES2 with HMAC SHA-384 and "A192KW" wrappingr�rwr�r�Nr�r r r r#r��sr�c@s$eZdZdZdZdZdZdZdZdS)�_Pbes2Hs512A256Kw�PBES2-HS512+A256KWz-PBES2 with HMAC SHA-512 and "A256KW" wrappingrvrwr�r�Nr�r r r r#r��sr�c@s8eZdZdZdZdZdZdZdd�Zdd	�Z	d
d�Z
dS)
�_Direct�dirz$Direct use of a shared symmetric keyr�rwr�cCs0t|t�std��|ddkr,td|d��dSr�r�r�r r r#r��s
z_Direct._check_keycCsF|�|�|r|dfSt|�d��}t|�|kr>t|t|���d|iS)Nr�r�)r�rr_r6r)r"rMr�r�r�r�r r r#r��s
z_Direct.wrapcCsF|�|�|dkrtd��t|�d��}t|�|krBt|t|���|S)N�zInvalid Encryption Key.r�)r�r8rr_r6rr�r r r#r��s
z_Direct.unwrapN)r,r-r.r$r%r&r'r(r�r�r�r r r r#r�s	rc@sHeZdZdZdZdZdZdZdd�Zdd	�Z	d
d�Z
dd
�Zdd�ZdS)�_EcdhEs�ECDH-ESzECDH-ES using Concat KDFrwr�NcCst�|_tttd�|_dSr�r�r!r r r#rX�sz_EcdhEs.__init__cCsVt|t�std��|ddvr,td|d��|ddkrR|ddvrRtd|d��dS)	Nr�rr)ZEC�OKPz	EC or OKPr�crv)ZX25519ZX448zX25519 or X448r�r�r r r#r��s
�z_EcdhEs._check_keycCs�t�dt|��}|t|�d��7}d|vr6t|d�nd}|t�dt|��7}||7}d|vrjt|d�nd}|t�dt|��7}||7}|t�d|�7}t|tj�r�|�	t�
�|�}	n
|�	|�}	tt�
�t|�||jd�}
|
�|	�S)Nz>Ir��apur�apv)r�r��	otherinforU)�struct�packr3r�r�rr�rZEllipticCurvePrivateKeyZexchangeZECDHrr	rzr7rUr�)r"ZprivkeyZpubkeyrwr�r�r
rr	Z
shared_keyZckdfr r r#�_derive�s$
�z_EcdhEs._derivecCs�|�|�|j}|jdur8|dur*td��|d}|}n|d}tj|d|dd�}|�|�d�|�d�|||�}|jdur�d	|i}	n0|j|j�}
td
dt|�d�}|
�	||||�}	dt
|���i|	d
<|	S)Nz"ECDH-ES cannot use an existing CEKr�rwrrr)rrrr�r�r�rsr��epkr�)r�r&rrZgenerater
r_r�rr�rZ
export_public)r"rMr�r�r��dk_sizerwr�dkr�r�r�r r r#r�
s(

�

z_EcdhEs.wrapcCs�d|vrtd��|�|�|j}|jdur8|d}|}n|d}tfi|d��}|�|�d�|�d�|||�}|jdur~|S|j|j�}	tddt|�d�}
|	�|
|||�}|SdS)	Nrz'Invalid Header, missing "epk" parameterr�rwr�r�rsr�)	r8r�r&rr
r_r�rr�)r"rMr�r�r�rrwrrr�r�r�r r r#r�$s&

�
z_EcdhEs.unwrap)
r,r-r.r$r%r'r(r&rXr�r
r�r�r r r r#r�s
#rc@s eZdZdZdZdZdZdZdS)�_EcdhEsAes128Kw�ECDH-ES+A128KWz.ECDH-ES using Concat KDF and "A128KW" wrappingr�rwr�Nr�r r r r#r<s
rc@s eZdZdZdZdZdZdZdS)�_EcdhEsAes192Kw�ECDH-ES+A192KWz.ECDH-ES using Concat KDF and "A192KW" wrappingr�rwr�Nr�r r r r#rEs
rc@s eZdZdZdZdZdZdZdS)�_EcdhEsAes256Kw�ECDH-ES+A256KWz.ECDH-ES using Concat KDF and "A256KW" wrappingrvrwr�Nr�r r r r#rNs
rc@s0eZdZdZdZdZdZdZdd�Zdd	�Z	dS)
�_EdDsa�EdDSAz'EdDSA using Ed25519 or Ed448 algorithmsrwrxNcCs(|ddvr |�d�}|�|�St�dS)Nr�ZEd25519ZEd448rO)r_rOrKrer r r#rO_s

z_EdDsa.signcCs*|ddvr"|�d�}|�||�St�dS)NrrrR)r_rRrKrfr r r#rRes
z
_EdDsa.verify)
r,r-r.r$r%r'r(r&rOrRr r r r#rWsrc@seZdZdd�Zdd�ZdS)�_RawJWEcCst�dSrIrJ)r"r��aad�mr r r#r�nsz_RawJWE.encryptcCst�dSrIrJ)r"r�rr�rC�tr r r#r�qsz_RawJWE.decryptN)r,r-r.r�r�r r r r#rlsrc@s0eZdZdZdd�Zdd�Zdd�Zdd	�ZdS)
�_AesCbcHmacSha2NcCs(t�|_||_tjj|_|jd|_dS)Nr=)	rrUrVrr�Z
block_size�	blocksizer&r)rWr r r#rXys
z_AesCbcHmacSha2.__init__cCsdtt|�d�}tj||j|jd�}|�|�|�|�|�|�|�|�|��}|dt|j	��S)N�@rY)
rDr6r
rZrVrUr[r`r7r&)r"r�rr�rCZalr\rr r r#�_macs



z_AesCbcHmacSha2._macc
Cs�t|�t|j�krtd��|dt|j��}|t|j�d�}t|j�}tt�	|�t
�|�|jd�}|�
�}t|j���}	|	�|�|	��}
|�|
�|��}|�||||�}|||fS)�� Encrypt according to the selected encryption and hashing
        functions.

        :param k: Encryption key
        :param aad: Additional Authentication Data
        :param m: Plaintext

        Returns a dictionary with the computed data.
        �Invalid input key sizeNrY)r3r7r)r8r&r;rrrr�r�CBCrUr�r�padderr[r`r!)
r"r�rr�hkeyZekeyr�r�r�r%Zpadded_datarCrr r r#r��s

�z_AesCbcHmacSha2.encryptc	Cs�t|�t|j�krtd��|dt|j��}|t|j�d�}t�||�||||��s^td��t	t
�|�t�
|�|jd�}|��}	|	�|�|	��}
t|j���}|�|
�|��S)�A Decrypt according to the selected encryption and hashing
        functions.
        :param k: Encryption key
        :param aad: Additional Authenticated Data
        :param iv: Initialization Vector
        :param e: Ciphertext
        :param t: Authentication Tag

        Returns plaintext or raises an error
        r#NzFailed to verify MACrY)r3r7r)r8r&rZbytes_eqr!rrrr�rr$rUr�r[r`rr�unpadder)r"r�rr�rCrr&Zdkeyr�r��dr(r r r#r��s�z_AesCbcHmacSha2.decrypt)r,r-r.r&rXr!r�r�r r r r#rus
rcs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�
_A128CbcHs256�
A128CBC-HS256z&AES_128_CBC_HMAC_SHA_256 authenticatedr�r�cstt|��t���dSrI)ryr*rXr	rzr!r{r r#rX�sz_A128CbcHs256.__init__r}r r r{r#r*�sr*cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�
_A192CbcHs384�
A192CBC-HS384z&AES_192_CBC_HMAC_SHA_384 authenticatedr�r�cstt|��t���dSrI)ryr,rXr	r�r!r{r r#rX�sz_A192CbcHs384.__init__r}r r r{r#r,�sr,cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�
_A256CbcHs512�
A256CBC-HS512z&AES_256_CBC_HMAC_SHA_512 authenticatedrvr�cstt|��t���dSrI)ryr.rXr	r�r!r{r r#rX�sz_A256CbcHs512.__init__r}r r r{r#r.�sr.c@s(eZdZdZdd�Zdd�Zdd�ZdS)�_AesGcmNcCst�|_|j|_dSrI)rrUr&r)r!r r r#rX�sz_AesGcm.__init__cCsTtd�}tt�|�t�|�|jd�}|��}|�|�|�	|�|�
�}|||jfS)r"r�rY)r;rrr�rr�rUr��authenticate_additional_datar[r`r�)r"r�rrr�r�r�rCr r r#r��s
�
z_AesGcm.encryptcCsBtt�|�t�||�|jd�}|��}|�|�|�|�|�	�S)r'rY)
rrr�rr�rUr�r1r[r`)r"r�rr�rCrr�r�r r r#r�s�
z_AesGcm.decrypt)r,r-r.r&rXr�r�r r r r#r0�sr0c@s eZdZdZdZdZdZdZdS)�_A128Gcm�A128GCMzAES GCM using 128-bit keyr�r�Nr�r r r r#r2s
r2c@s eZdZdZdZdZdZdZdS)�_A192Gcm�A192GCMzAES GCM using 192-bit keyr�r�Nr�r r r r#r4!s
r4c@s eZdZdZdZdZdZdZdS)�_A256Gcm�A256GCMzAES GCM using 256-bit keyrvr�Nr�r r r r#r6*s
r6cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_BP256R1�BP256R1zsECDSA using Brainpool256R1 curve and SHA-256 (unregistered, custom-defined in breach of IETF rules by gematik GmbH)rvrwrxcstt|��dt���dS)NzBP-256)ryr8rXr	rzr!r{r r#rX?sz_BP256R1.__init__r}r r r{r#r83s�r8cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_BP384R1�BP384R1zsECDSA using Brainpool384R1 curve and SHA-384 (unregistered, custom-defined in breach of IETF rules by gematik GmbH)r�rwrxcstt|��dt���dS)NzBP-384)ryr:rXr	r�r!r{r r#rXOsz_BP384R1.__init__r}r r r{r#r:Cs�r:cs0eZdZdZdZdZdZdZ�fdd�Z�Z	S)�_BP512R1�BP512R1zsECDSA using Brainpool512R1 curve and SHA-512 (unregistered, custom-defined in breach of IETF rules by gematik GmbH)r�rwrxcstt|��dt���dS)NzBP-512)ryr<rXr	r�r!r{r r#rX_sz_BP512R1.__init__r}r r r{r#r<Ss�r<c*@s�eZdZdZeeeeee	e
eee
eeeeeeeeeeeeeeeeeee e!e"e#e$e%e&e'e(e)e*e+e,d�)Z-e.ddd��Z/e.dd��Z0e.dd	��Z1e.d
d��Z2dS)
�JWAzSJWA Signing Algorithms.

    This class provides access to all JWA algorithms.
    ))rur�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrrrr�r�r�r�r�rr+r-r/r3r5r7r9r;r=NcCs&|j|}|dur |j|kr t�|�SrI)�algorithms_registryr(�KeyError)�clsr$r�rwr r r#�instantiate_alg�s
zJWA.instantiate_algcCs6z|j|dd�WSty0td|�d�Yn0dS)Nrx�r�z(%s is not a valid Signing algorithm name�rBr@r�rAr$r r r#�signing_alg�s��zJWA.signing_algcCs6z|j|dd�WSty0td|�d�Yn0dS)Nr�rCz/%s is not a valid Key Management algorithm namerDrEr r r#�keymgmt_alg�s��zJWA.keymgmt_algcCs6z|j|dd�WSty0td|�d�Yn0dS)Nr�rCz+%s is not a valid Encryption algorithm namerDrEr r r#�encryption_alg�s��zJWA.encryption_alg)N)3r,r-r.�__doc__rtrr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrrrr�r�r�r�r�r�r*r,r.r2r4r6r8r:r<r?�classmethodrBrFrGrHr r r r#r>csf�,

r>)kr9r�abcrrZbinasciirrZcryptography.exceptionsrZcryptography.hazmat.backendsrZcryptography.hazmat.primitivesrr	r
Z)cryptography.hazmat.primitives.asymmetricrrr
rlZ&cryptography.hazmat.primitives.ciphersrrrZ,cryptography.hazmat.primitives.kdf.concatkdfrZ)cryptography.hazmat.primitives.kdf.pbkdf2rZ&cryptography.hazmat.primitives.keywraprrZ&cryptography.hazmat.primitives.paddingrZjwcrypto.commonrrrrrrrrZjwcrypto.jwkrr�rr6r7r;rDrGrHrTrcrhrprtrr�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�r�rrrrrrrrr*r,r.r0r2r4r6r8r:r<r>r r r r#�<module>s�$	
		#			4			L


!k				Q.			
@ Telegram