a ù!fÛMã@sØddlZddlmZddlmZddlmZmZmZmZddl m Z ddl m Z m Z ddlmZmZmZdZd Zd Zd Zd Zd ZdZdZdZdZdZdZdZdZdZ Gdd„de!ƒZ"Gdd„de#ƒZ$Gdd„de#ƒZ%dS)éN)ÚHash)ÚRandom)Ú DerSequenceÚDerOctetStringÚ DerObjectIdÚ DerInteger)ÚAES)ÚpadÚunpad)ÚPBKDF1ÚPBKDF2Úscryptz1.2.840.113549.1.5.3z1.2.840.113549.1.5.6z1.2.840.113549.1.5.10z1.2.840.113549.1.5.11z1.2.840.113549.1.5.13z1.2.840.113549.1.5.12z1.3.6.1.4.1.11591.4.11z1.2.840.113549.2.7z1.2.840.113549.3.7z2.16.840.1.101.3.4.1.2z2.16.840.1.101.3.4.1.22z2.16.840.1.101.3.4.1.42z2.16.840.1.101.3.4.1.6z2.16.840.1.101.3.4.1.26z2.16.840.1.101.3.4.1.46c@s eZdZdS)Ú PbesErrorN)Ú__name__Ú __module__Ú __qualname__©rrúP/var/www/html/python-backend/venv/lib/python3.9/site-packages/Crypto/IO/_PBES.pyrCsrc@seZdZdZedd„ƒZdS)ÚPBES1z¼Deprecated encryption scheme with password-based key derivation (originally defined in PKCS#5 v1.5, but still present in `v2.0`__). .. __: http://www.ietf.org/rfc/rfc2898.txt cCsŠtƒ |¡}tƒ |d¡}tƒ |d¡j}tƒ |d¡j}i}|tkrnddlm}ddl m }|} |} n–|t kr ddlm}ddl m } |} | } d|d<nd|t krÊddlm} ddl m }| } |} n:|tkrüddlm} ddl m } | } | } d|d<ntd ƒ‚tƒj|dd d } tƒ | d¡j}| d}t||d || ƒ}|d d…|dd …}}| j|| j|fi|¤Ž}| |¡}t||jƒS)axDecrypt a piece of data using a passphrase and *PBES1*. The algorithm to use is automatically detected. :Parameters: data : byte string The piece of data to decrypt. passphrase : byte string The passphrase to use for decrypting the data. :Returns: The decrypted data, as a binary string. ré)ÚMD5)ÚDES)ÚARC2é@Zeffective_keylen)ÚSHA1zUnknown OID for PBES1é©Z nr_elementséNé)rÚdecoderÚpayloadrÚvalueÚ_OID_PBE_WITH_MD5_AND_DES_CBCZ Crypto.HashrÚ Crypto.CipherrÚ_OID_PBE_WITH_MD5_AND_RC2_CBCrÚ_OID_PBE_WITH_SHA1_AND_DES_CBCrÚ_OID_PBE_WITH_SHA1_AND_RC2_CBCrr ÚnewÚMODE_CBCÚdecryptr Ú block_size)ÚdataÚ passphraseÚenc_private_key_infoZencrypted_algorithmÚencrypted_dataÚpbe_oidZ cipher_paramsrrZhashmodÚmodulerrZ pbe_paramsÚsaltZ iterationsZkey_ivÚkeyÚivÚcipherÚptrrrr)„sH            z PBES1.decryptN)rrrÚ__doc__Ú staticmethodr)rrrrr}src@s*eZdZdZeddd„ƒZedd„ƒZdS)ÚPBES2z‡Encryption scheme with password-based key derivation (defined in `PKCS#5 v2.0`__). .. __: http://www.ietf.org/rfc/rfc2898.txt.Nc!Cs’|dur i}|durt ¡j}t d¡}| |¡}|durFtd|ƒ‚| d¡rjd}| d¡}| d¡} nd}| d¡} d } | d kr²d d l m } d } | } | j }t }d|dƒi}n| dkrÚd} t } t j }t}d|dƒi}nê| dkrd } t } t j }t}d|dƒi}nÀ| dkr.d} t } t j }t}d|dƒi}n–| dkr\d} t } t j}t}d|dƒi}d} nh| dkrŠd } t } t j}t}d|dƒi}d} n:| dkr¸d} t } t j}t}d|dƒi}d} n td| ƒ‚t| ¡ƒd }|| dd¡ƒ}|dkrŽ| dd¡}t |¡}t||| ||d}tt|ƒt|ƒgƒ}|d kr|ztjjd!|d"j}Wntyftd#ƒ‚Yn0|  tt!|ƒgƒ¡tt!t"ƒ|gƒ}n€|dkrü| dd$¡}| d%d¡}| d&d'¡}t#||| |||ƒ}tt!t$ƒtt|ƒt|ƒt|ƒt|ƒgƒgƒ}ntd(| d'¡ƒ‚| j||fi|¤Ž}| r@| %|¡\}}||}n| &t'||j(ƒ¡}tt!|ƒt|ƒgƒ}ttt!t)ƒt||gƒgƒt|ƒgƒ} |  *¡S))a¦ Encrypt a piece of data using a passphrase and *PBES2*. :Parameters: data : byte string The piece of data to encrypt. passphrase : byte string The passphrase to use for encrypting the data. protection : string The identifier of the encryption algorithm to use. The default value is '``PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC``'. prot_params : dictionary Parameters of the protection algorithm. +------------------+-----------------------------------------------+ | Key | Description | +==================+===============================================+ | iteration_count | The KDF algorithm is repeated several times to| | | slow down brute force attacks on passwords | | | (called *N* or CPU/memory cost in scrypt). | | | | | | The default value for PBKDF2 is 1 000. | | | The default value for scrypt is 16 384. | +------------------+-----------------------------------------------+ | salt_size | Salt is used to thwart dictionary and rainbow | | | attacks on passwords. The default value is 8 | | | bytes. | +------------------+-----------------------------------------------+ | block_size | *(scrypt only)* Memory-cost (r). The default | | | value is 8. | +------------------+-----------------------------------------------+ | parallelization | *(scrypt only)* CPU-cost (p). The default | | | value is 1. | +------------------+-----------------------------------------------+ randfunc : callable Random number generation function; it should accept a single integer N and return a string of random data, N bytes long. If not specified, a new RNG will be instantiated from ``Crypto.Random``. :Returns: The encrypted data, as a binary string. Nz5^(PBKDF2WithHMAC-([0-9A-Z-]+)|scrypt)And([0-9A-Z-]+)$zUnknown protection %sZPBKDFZpbkdf2rér Fz DES-EDE3-CBCr©ÚDES3ér3rz AES128-CBCrz AES192-CBCz AES256-CBCé z AES128-GCMÚnonceé Tz AES192-GCMz AES256-GCMzUnknown encryption mode '%s'Z salt_sizeÚiteration_countiè©Úhmac_hash_moduleró)Ú digestmodzNo OID for HMAC hash algorithmi@r*Zparallelizationrz Unknown KDF )+rr'ÚreadÚreÚcompileÚmatchÚ ValueErrorÚ startswithÚgroupr#r;r(Ú_OID_DES_EDE3_CBCrÚ_OID_AES128_CBCÚ_OID_AES192_CBCÚ_OID_AES256_CBCÚMODE_GCMÚ_OID_AES128_GCMÚ_OID_AES192_GCMÚ_OID_AES256_GCMÚlistÚvaluesÚgetrr rrrÚHMACÚoidÚKeyErrorÚappendrÚ _OID_PBKDF2r Ú _OID_SCRYPTZencrypt_and_digestÚencryptr r*Ú _OID_PBES2Úencode)!r+r,Z protectionZ prot_paramsZrandfuncÚpatternÚresZpbkdfZpbkdf2_hmac_algoÚenc_algoÚaeadr;Úkey_sizer0Ú cipher_modeÚenc_oidZ enc_paramÚiv_noncer1ÚcountrDr2Ú pbkdf2_paramsZhmac_oidÚkdf_infoÚscrypt_rÚscrypt_pr4ÚctÚtagr.Úenc_infor-rrrr]Èsø/                     üþ þ    ÿüþ  þþþ÷ z PBES2.encryptc#sätƒj|dd}tƒ |d¡}tƒ |d¡j}tƒ |d¡j}|tkrTtdƒ‚tƒj|ddd}tƒj|ddd}tƒ |d¡j}d} |tkrLtƒj|ddd} tƒ | d¡j} | d} t | ƒd} d}| dkrz | |d} | d8} |d7}Wnt yYn0t }| dkrºtƒ | |¡}tƒ |d¡j}nn|t kr²tƒj|ddd‰tƒ ˆd¡j} ‡fd d „d Dƒ\} }}t ˆƒd kr¬ˆd } nd} ntd ƒ‚tƒ |d¡}tƒ |d¡j}d}|t kr ddlm}|}|j}d}d}nÌ|tkr(t}tj}d}d}n®|tkrFt}tj}d}d}n|tkrdt}tj}d}d}nr|tkr†t}tj}d}d}d}nP|tkr¨t}tj}d}d}d}n.|tkrÊt}tj}d}d}d}n td|ƒ‚| rî| |krîtdƒ‚tƒ |d¡j}|tkrZztjj|}Wn ty:td|ƒ‚Yn0t |¡}t|| || |d}nt|| || ||ƒ}|j||fi||i¤Ž}t |ƒ|j krœt!dƒ‚|rÊ|j } | "|d| …|| d…¡}!n| #|¡}"t$|"|j ƒ}!|!S)axDecrypt a piece of data using a passphrase and *PBES2*. The algorithm to use is automatically detected. :Parameters: data : byte string The piece of data to decrypt. passphrase : byte string The passphrase to use for decrypting the data. :Returns: The decrypted data, as a binary string. rrrrzNot a PBES2 objectN)rr9é)rpécsg|] }ˆ|‘qSrr)Ú.0Úx©Z scrypt_paramsrrÚ Çsÿz!PBES2.decrypt..)rrr9rpzUnsupported PBES2 KDFFr:r<r3rr=r>TzUnsupported PBES2 cipher z9Mismatch between PBES2 KDF parameters and selected cipherzUnsupported HMAC %srAzToo little data to decrypt)%rrrr rr!r^rr[ÚlenÚ TypeErrorÚ_OID_HMAC_SHA1r\rLr#r;r(rMrrNrOrQrPrRrSrrWZ_hmac2hash_oidrYr'r r r*rIZdecrypt_and_verifyr)r )#r+r,r-rbr.r/Z pbes2_paramsrjZkdf_oidZkdf_key_lengthrir1r@ÚleftÚidxZpbkdf2_prf_oidZpbkdf2_prf_algo_idrkrlrorfrcr;r0rerdZ cipher_paramrgZhmac_hash_module_oidrBr2r4Ztag_lenr5Z pt_paddedrrtrr)ŠsÔ        ÿ              ÿ ÿ ÿ  z PBES2.decrypt)NN)rrrr6r7r]r)rrrrr8Âs  Br8)&rFZCryptorrZCrypto.Util.asn1rrrrr#rZCrypto.Util.Paddingr r ZCrypto.Protocol.KDFr r r r"r$r%r&r^r[r\rxrLrMrNrOrQrRrSrIrÚobjectrr8rrrrÚ"s0   :E