U #FZh@sdZddlmZddlZddlmZddlmZddlm Z ddl m Z ddl Z ddl mZdd l mZdd lmZd Zd Zd ZdZe ZddZGdddejZGdddejejZdS)zPure-Python RSA cryptography implementation. Uses the ``rsa``, ``pyasn1`` and ``pyasn1_modules`` packages to parse PEM files storing PKCS#1 or PKCS#8 keys as well as certificates. There is no support for p12 files. )absolute_importN)decoder)pem) Certificate)PrivateKeyInfo)_helpers) exceptions)base)@ s-----BEGIN CERTIFICATE-----)z-----BEGIN RSA PRIVATE KEY-----z-----END RSA PRIVATE KEY-----)z-----BEGIN PRIVATE KEY-----z-----END PRIVATE KEY-----cCsZt|}t}td|dD]6}|||d}tddtt|D}||qt|S)zConverts an iterable of 1s and 0s to bytes. Combines the list 8 at a time, treating each group of 8 bits as a single byte. Args: bit_list (Sequence): Sequence of 1s and 0s. Returns: bytes: The decoded bytes. rrcss|]\}}||VqdSN).0valdigitrrd/home/aprabhat/apps/x.techxrdev.in/venv/lib/python3.8/site-packages/google/auth/crypt/_python_rsa.py ;sz%_bit_list_to_bytes..)len bytearrayrangesumzip_POW2appendbytes)Zbit_listZnum_bitsZ byte_valsstartZ curr_bitsZchar_valrrr_bit_list_to_bytes+s  r"c@s8eZdZdZddZeejddZ e ddZ dS) RSAVerifierzVerifies RSA cryptographic signatures using public keys. Args: public_key (rsa.key.PublicKey): The public key used to verify signatures. cCs ||_dSr)_pubkey)self public_keyrrr__init__HszRSAVerifier.__init__c CsBt|}ztj|||jWSttjjfk r<YdSXdS)NF)rto_bytesrsapkcs1verifyr$ ValueErrorZVerificationError)r%message signaturerrrr+Ks  zRSAVerifier.verifyc Cst|}t|k}|rttj|d}tj|td\}}|dkrLt d||dd}t |d}tj |d}ntj |d }||S) aConstruct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: google.auth.crypt._python_rsa.RSAVerifier: The constructed verifier. Raises: ValueError: If the public_key can't be parsed. CERTIFICATEZasn1Spec Unused bytesZtbsCertificateZsubjectPublicKeyInfoZsubjectPublicKeyDERZPEM)rr(_CERTIFICATE_MARKERr)rZload_pemrdecoderr InvalidValuer"Z PublicKey load_pkcs1) clsr&Z is_x509_certZderZ asn1_cert remainingZ cert_info key_bytesZpubkeyrrr from_stringSs    zRSAVerifier.from_stringN) __name__ __module__ __qualname____doc__r'rcopy_docstringr Verifierr+ classmethodr;rrrrr#@s   r#c@sTeZdZdZd ddZeeej ddZ eej ddZ e d d d Z dS) RSASignera?Signs messages with an RSA private key. Args: private_key (rsa.key.PrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. NcCs||_||_dSr)_key_key_id)r% private_keykey_idrrrr'~szRSASigner.__init__cCs|jSr)rE)r%rrrrGszRSASigner.key_idcCst|}tj||jdS)NzSHA-256)rr(r)r*signrD)r%r-rrrrHs zRSASigner.signc Cst|}tt|tt\}}|dkr>tj j j |dd}nZ|dkrt j |td\}}|dkrltd||d}tj j j |dd}n td |||d S) aConstruct an Signer instance from a private key in PEM format. Args: key (str): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed as PKCS#1 or PKCS#8 in PEM format. rr3)formatrr0r1r2Z privateKeyzNo key could be detected.)rG)r from_bytesrZreadPemBlocksFromFileioStringIO _PKCS1_MARKER _PKCS8_MARKERr)keyZ PrivateKeyr7rr5 _PKCS8_SPECrr6ZgetComponentByNameZasOctetsZMalformedError) r8rOrGZ marker_idr:rFZkey_infor9Zprivate_key_inforrrr;s&    zRSASigner.from_string)N)N)r<r=r>r?r'propertyrr@r SignerrGrHrBr;rrrrrCts     rC)r? __future__rrKZpyasn1.codec.derrZpyasn1_modulesrZpyasn1_modules.rfc2459rZpyasn1_modules.rfc5208rr)Z google.authrrZgoogle.auth.cryptr rr4rMrNrPr"rAr#rRZFromServiceAccountMixinrCrrrrs$        4