vdZddlmZddlZddlZddlmZdZdZdZ dZ da d Z Gd d e ZGd d e Zy)zPure Python crypto-related routines for oauth2client. Uses the ``rsa``, ``pyasn1`` and ``pyasn1_modules`` packages to parse PEM files storing PKCS#1 or PKCS#8 keys as well as certificates. )pemN)_helpersz\ PKCS12 format is not supported by the RSA library. Either install PyOpenSSL, or please convert .p12 format to .pem format: $ cat key.p12 | \ > openssl pkcs12 -nodes -nocerts -passin pass:notasecret | \ > openssl rsa > key.pem )@ )z-----BEGIN RSA PRIVATE KEY-----z-----END RSA PRIVATE KEY-----)z-----BEGIN PRIVATE KEY-----z-----END PRIVATE KEY-----ct|}t}tjj d|dD];}|||dz}t dt t|D}|j|=t|S)zConverts an iterable of 1's and 0's to bytes. Combines the list 8 at a time, treating each group of 8 bits as a single byte. rr c3,K|] \}}||zywN).0valdigits 2lib/third_party/oauth2client/_pure_python_crypt.py z%_bit_list_to_bytes..8s!@)>:3U{)>s) len bytearraysixmovesxrangesumzip_POW2appendbytes)bit_listnum_bits byte_valsstart curr_bitschar_vals r_bit_list_to_bytesr&.s} 8}H I!!!Xq1U519- @),UI)>@@" 2  c,eZdZdZdZdZedZy) RsaVerifierzVerifies the signature on a message. Args: pubkey: rsa.key.PublicKey (or equiv), The public key to verify with. c||_yr)_pubkey)selfpubkeys r__init__zRsaVerifier.__init__Es  r'ctj|d} tjj |||j S#t tjjf$rYywxYw)aVerifies a message against a signature. Args: message: string or bytes, The message to verify. If string, will be encoded to bytes as utf-8. signature: string or bytes, The signature on the message. If string, will be encoded to bytes as utf-8. Returns: True if message was signed by the private key associated with the public key that this object was constructed with. utf-8encodingF)r _to_bytesrsapkcs1verifyr+ ValueErrorVerificationError)r,message signatures rr6zRsaVerifier.verifyHsY$$Ww? 99##GY E ECII778  s*A#A*)A*ctj|}|rddlm}ddlm}t jj|d}|j||j\}}|dk7r td||dd }t|d } t jj| d } n t jj|d } || S) aConstruct an RsaVerifier instance from a string. Args: key_pem: string, public key in PEM format. is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it is expected to be an RSA key in PEM format. Returns: RsaVerifier instance. Raises: ValueError: if the key_pem can't be parsed. In either case, error will begin with 'No PEM start marker'. If ``is_x509_cert`` is True, will fail to find the "-----BEGIN CERTIFICATE-----" error, otherwise fails to find "-----BEGIN RSA PUBLIC KEY-----". rdecoder)rfc2459 CERTIFICATEasn1Specr' Unused bytestbsCertificatesubjectPublicKeyInfosubjectPublicKeyDERPEM)rr3pyasn1.codec.derr=pyasn1_modulesr>r4rload_pemdecode Certificater7r& PublicKey load_pkcs1) clskey_pem is_x509_certr=r>der asn1_cert remaining cert_info key_bytesr-s r from_stringzRsaVerifier.from_string[s&$$W-  0 .''""7M:C#*>>#@S@S@U>#V IyC ;;!"234JKI*95G+HII]]--i?F]]--gu=F6{r'N)__name__ __module__ __qualname____doc__r.r6 classmethodrWrr'rr)r)>s% &!!r'r)c.eZdZdZdZdZeddZy) RsaSignerz}Signs messages with a private key. Args: pkey: rsa.key.PrivateKey (or equiv), The private key to sign with. c||_yr)_key)r,pkeys rr.zRsaSigner.__init__s  r'ctj|d}tjj ||j dS)zSigns a message. Args: message: bytes, Message to be signed. Returns: string, The signature of the message for the given key. r0r1zSHA-256)rr3r4r5signr`)r,r9s rrczRsaSigner.signs1$$Ww?yy~~gtyy)<77%%008=1?D !^ 0 ."#224k")..K#1#1 HiC ;; 33LAI77%%001C1C1E8=1?D89 94yr'N) notasecret)rXrYrZr[r.rcr\rWrr'rr^r^s%  =''r'r^)r[rIrr4r oauth2clientr _PKCS12_ERRORrrkrlror&objectr)r^rr'rr{sW !  &2 .    ?&?D>>r'