File manager

File manager - Edit - /home/newsbmcs.com/public_html/static/img/logo/crypt.tar

Back
_helpers.py��0000644��00000000000�15030207565�0006710 0��ustar�00��base.py��0000644��00000010136�15030207565�0006034 0��ustar�00��# Copyright 2016 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """Base classes for cryptographic signers and verifiers.""" import abc import io import json from google.auth import exceptions _JSON_FILE_PRIVATE_KEY = "private_key" _JSON_FILE_PRIVATE_KEY_ID = "private_key_id" class Verifier(metaclass=abc.ABCMeta): """Abstract base class for crytographic signature verifiers.""" @abc.abstractmethod def verify(self, message, signature): """Verifies a message against a cryptographic signature. Args: message (Union[str, bytes]): The message to verify. signature (Union[str, bytes]): The cryptography signature to check. Returns: bool: True if message was signed by the private key associated with the public key that this object was constructed with. """ # pylint: disable=missing-raises-doc,redundant-returns-doc # (pylint doesn't recognize that this is abstract) raise NotImplementedError("Verify must be implemented") class Signer(metaclass=abc.ABCMeta): """Abstract base class for cryptographic signers.""" @abc.abstractproperty def key_id(self): """Optional[str]: The key ID used to identify this private key.""" raise NotImplementedError("Key id must be implemented") @abc.abstractmethod def sign(self, message): """Signs a message. Args: message (Union[str, bytes]): The message to be signed. Returns: bytes: The signature of the message. """ # pylint: disable=missing-raises-doc,redundant-returns-doc # (pylint doesn't recognize that this is abstract) raise NotImplementedError("Sign must be implemented") class FromServiceAccountMixin(metaclass=abc.ABCMeta): """Mix-in to enable factory constructors for a Signer.""" @abc.abstractmethod def from_string(cls, key, key_id=None): """Construct an Signer instance from a private key string. Args: key (str): Private key as a string. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed. """ raise NotImplementedError("from_string must be implemented") @classmethod def from_service_account_info(cls, info): """Creates a Signer instance instance from a dictionary containing service account info in Google format. Args: info (Mapping[str, str]): The service account info in Google format. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the info is not in the expected format. """ if _JSON_FILE_PRIVATE_KEY not in info: raise exceptions.MalformedError( "The private_key field was not found in the service account " "info." ) return cls.from_string( info[_JSON_FILE_PRIVATE_KEY], info.get(_JSON_FILE_PRIVATE_KEY_ID) ) @classmethod def from_service_account_file(cls, filename): """Creates a Signer instance from a service account .json file in Google format. Args: filename (str): The path to the service account .json file. Returns: google.auth.crypt.Signer: The constructed signer. """ with io.open(filename, "r", encoding="utf-8") as json_file: data = json.load(json_file) return cls.from_service_account_info(data) ��es256.py��0000644��00000014153�15030207565�0005771 0��ustar�00��# Copyright 2017 Google Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """ECDSA (ES256) verifier and signer that use the ``cryptography`` library. """ from cryptography import utils # type: ignore import cryptography.exceptions from cryptography.hazmat import backends from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.asymmetric import padding from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature from cryptography.hazmat.primitives.asymmetric.utils import encode_dss_signature import cryptography.x509 from google.auth import _helpers from google.auth.crypt import base _CERTIFICATE_MARKER = b"-----BEGIN CERTIFICATE-----" _BACKEND = backends.default_backend() _PADDING = padding.PKCS1v15() class ES256Verifier(base.Verifier): """Verifies ECDSA cryptographic signatures using public keys. Args: public_key ( cryptography.hazmat.primitives.asymmetric.ec.ECDSAPublicKey): The public key used to verify signatures. """ def __init__(self, public_key): self._pubkey = public_key @_helpers.copy_docstring(base.Verifier) def verify(self, message, signature): # First convert (r\|\|s) raw signature to ASN1 encoded signature. sig_bytes = _helpers.to_bytes(signature) if len(sig_bytes) != 64: return False r = ( int.from_bytes(sig_bytes[:32], byteorder="big") if _helpers.is_python_3() else utils.int_from_bytes(sig_bytes[:32], byteorder="big") ) s = ( int.from_bytes(sig_bytes[32:], byteorder="big") if _helpers.is_python_3() else utils.int_from_bytes(sig_bytes[32:], byteorder="big") ) asn1_sig = encode_dss_signature(r, s) message = _helpers.to_bytes(message) try: self._pubkey.verify(asn1_sig, message, ec.ECDSA(hashes.SHA256())) return True except (ValueError, cryptography.exceptions.InvalidSignature): return False @classmethod def from_string(cls, public_key): """Construct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: Verifier: The constructed verifier. Raises: ValueError: If the public key can't be parsed. """ public_key_data = _helpers.to_bytes(public_key) if _CERTIFICATE_MARKER in public_key_data: cert = cryptography.x509.load_pem_x509_certificate( public_key_data, _BACKEND ) pubkey = cert.public_key() else: pubkey = serialization.load_pem_public_key(public_key_data, _BACKEND) return cls(pubkey) class ES256Signer(base.Signer, base.FromServiceAccountMixin): """Signs messages with an ECDSA private key. Args: private_key ( cryptography.hazmat.primitives.asymmetric.ec.ECDSAPrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. """ def __init__(self, private_key, key_id=None): self._key = private_key self._key_id = key_id @property # type: ignore @_helpers.copy_docstring(base.Signer) def key_id(self): return self._key_id @_helpers.copy_docstring(base.Signer) def sign(self, message): message = _helpers.to_bytes(message) asn1_signature = self._key.sign(message, ec.ECDSA(hashes.SHA256())) # Convert ASN1 encoded signature to (r\|\|s) raw signature. (r, s) = decode_dss_signature(asn1_signature) return ( (r.to_bytes(32, byteorder="big") + s.to_bytes(32, byteorder="big")) if _helpers.is_python_3() else (utils.int_to_bytes(r, 32) + utils.int_to_bytes(s, 32)) ) @classmethod def from_string(cls, key, key_id=None): """Construct a RSASigner from a private key in PEM format. Args: key (Union[bytes, str]): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt._cryptography_rsa.RSASigner: The constructed signer. Raises: ValueError: If ``key`` is not ``bytes`` or ``str`` (unicode). UnicodeDecodeError: If ``key`` is ``bytes`` but cannot be decoded into a UTF-8 ``str``. ValueError: If ``cryptography`` "Could not deserialize key data." """ key = _helpers.to_bytes(key) private_key = serialization.load_pem_private_key( key, password=None, backend=_BACKEND ) return cls(private_key, key_id=key_id) def __getstate__(self): """Pickle helper that serializes the _key attribute.""" state = self.__dict__.copy() state["_key"] = self._key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption(), ) return state def __setstate__(self, state): """Pickle helper that deserializes the _key attribute.""" state["_key"] = serialization.load_pem_private_key(state["_key"], None) self.__dict__.update(state) ��__pycache__/_cryptography_rsa.cpython-310.pyc��0000644��00000012061�15030207565�0015217 0��ustar�00��o ��h&��@��s��d�Z�ddlZddlmZ�ddlmZ�ddlmZ�ddlm Z �ddl ZddlmZ�ddl mZ�d Ze��Ze ��Ze��ZG�d d��dej�ZG�dd ��d ejej�ZdS�)z�RSA verifier and signer that use the ``cryptography`` library. This is a much faster implementation than the default (in ``google.auth.crypt._python_rsa``), which depends on the pure-Python ``rsa`` library. ��N)�backends)�hashes)� serialization)�padding)�_helpers)�bases��-----BEGIN CERTIFICATE-----c��@��s8��e�Zd�ZdZdd��Ze�ej�dd��Z e dd��ZdS�) �RSAVerifierz�Verifies RSA cryptographic signatures using public keys. Args: public_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey): The public key used to verify signatures. c��C��s ��\|\|�_�d�S��N)�_pubkey)�self� public_key��r ��V/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/_cryptography_rsa.py�__init__/��s�� zRSAVerifier.__init__c�� C��s@��t��\|�}z\|�j�\|\|tt��W�dS��ttjj fy��Y�dS�w�)NTF) r��to_bytesr ��verify�_PADDING�_SHA256� ValueError�cryptography� exceptions�InvalidSignature)r��message� signaturer ��r ��r��r��2��s�� zRSAVerifier.verifyc��C��sD��t��\|�}t\|v�rtj�\|t�}\|��}\|�\|�S�t� \|t�}\|�\|�S�)ay��Construct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: Verifier: The constructed verifier. Raises: ValueError: If the public key can't be parsed. ) r��r��_CERTIFICATE_MARKERr��x509�load_pem_x509_certificate�_BACKENDr��r��load_pem_public_key)�clsr��public_key_data�cert�pubkeyr ��r ��r��from_string;��s�� zRSAVerifier.from_stringN)�__name__� __module__�__qualname__�__doc__r��r��copy_docstringr��Verifierr��classmethodr#��r ��r ��r ��r��r��&��s�� r��c��@��sd��e�Zd�ZdZddd�Zee�ej �dd��Z e�ej �dd��Zedd d ��Z dd��Zd d��ZdS�)� RSASignera��Signs messages with an RSA private key. Args: private_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. Nc��C��s��\|\|�_�\|\|�_d�S�r ��)�_key�_key_id)r��private_key�key_idr ��r ��r��r��d��s�� zRSASigner.__init__c��C��s��\|�j�S�r ��)r-��)r��r ��r ��r��r/��h��s��zRSASigner.key_idc��C��s��t��\|�}\|�j�\|tt�S�r ��)r��r��r,��signr��r��)r��r��r ��r ��r��r0��m��s�� zRSASigner.signc��C��s&��t��\|�}tj\|dtd�}\|�\|\|d�S�)al��Construct a RSASigner from a private key in PEM format. Args: key (Union[bytes, str]): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt._cryptography_rsa.RSASigner: The constructed signer. Raises: ValueError: If ``key`` is not ``bytes`` or ``str`` (unicode). UnicodeDecodeError: If ``key`` is ``bytes`` but cannot be decoded into a UTF-8 ``str``. ValueError: If ``cryptography`` "Could not deserialize key data." N)�password�backend)r/��)r��r��r��load_pem_private_keyr��)r��keyr/��r.��r ��r ��r��r#��r��s �� zRSASigner.from_stringc��C��s0��\|�j��}\|�jjtjjtjjt� ��d�\|d<�\|S�)z1Pickle helper that serializes the _key attribute.)�encoding�format�encryption_algorithmr,��) �__dict__�copyr,�� private_bytesr��Encoding�PEM� PrivateFormat�PKCS8�NoEncryption�r��stater ��r ��r��__getstate__��s�� zRSASigner.__getstate__c��C��s$��t��\|d�d�\|d<�\|�j�\|��dS�)z3Pickle helper that deserializes the _key attribute.r,��N)r��r3��r8��updater@��r ��r ��r��__setstate__��s��zRSASigner.__setstate__r ��)r$��r%��r&��r'��r��propertyr��r(��r��Signerr/��r0��r��r#��rB��rD��r ��r ��r ��r��r+��X��s�� r+��)r'��cryptography.exceptionsr��cryptography.hazmatr��cryptography.hazmat.primitivesr��r��)cryptography.hazmat.primitives.asymmetricr��cryptography.x509�google.authr��google.auth.cryptr��r��default_backendr��PKCS1v15r��SHA256r��r)��r��rF��FromServiceAccountMixinr+��r ��r ��r ��r��<module>��s��2��__pycache__/__init__.cpython-310.pyc��0000644��00000004664�15030207565�0013231 0��ustar�00��o ��h��@��s��d�Z�ddlmZ�ddlmZ�zddlmZ�W�n�ey!��dZY�nw�edur+g�d�Zng�d�ZejZejZej Z ej Z edurEejZejZej fdd �Z dS�) a\��Cryptography helpers for verifying and signing messages. The simplest way to verify signatures is using :func:`verify_signature`:: cert = open('certs.pem').read() valid = crypt.verify_signature(message, signature, cert) If you're going to verify many messages with the same certificate, you can use :class:`RSAVerifier`:: cert = open('certs.pem').read() verifier = crypt.RSAVerifier.from_string(cert) valid = verifier.verify(message, signature) To sign messages use :class:`RSASigner` with a private key:: private_key = open('private_key.pem').read() signer = crypt.RSASigner.from_string(private_key) signature = signer.sign(message) The code above also works for :class:`ES256Signer` and :class:`ES256Verifier`. Note that these two classes are only available if your `cryptography` dependency version is at least 1.4.0. ��)�base)�rsa)�es256N)�ES256Signer� ES256Verifier� RSASigner�RSAVerifier�Signer�Verifier)r��r��r ��r ��c��C��s>��t�\|ttf�r \|g}\|D�]}\|�\|�}\|�\|�\|�r�dS�qdS�)a��Verify an RSA or ECDSA cryptographic signature. Checks that the provided ``signature`` was generated from ``bytes`` using the private key associated with the ``cert``. Args: message (Union[str, bytes]): The plaintext message. signature (Union[str, bytes]): The cryptographic signature to check. certs (Union[Sequence, str, bytes]): The certificate or certificates to use to check the signature. verifier_cls (Optional[~google.auth.crypt.base.Signer]): Which verifier class to use for verification. This can be used to select different algorithms, such as RSA or ECDSA. Default value is :class:`RSAVerifier`. Returns: bool: True if the signature is valid, otherwise False. TF)� isinstance�str�bytes�from_string�verify)�message� signature�certs�verifier_cls�cert�verifier��r��M/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/__init__.py�verify_signatureI��s�� r��)�__doc__�google.auth.cryptr��r��r��ImportError�__all__r ��r ��r��r��r��r��r��r��r��r��r��<module>��s&�� __pycache__/es256.cpython-310.pyc��0000644��00000013064�15030207565�0012330 0��ustar�00��o ��hk��@��s��d�Z�ddlmZ�ddlZddlmZ�ddlmZ�ddlmZ�ddl m Z �ddl mZ�dd lm Z �dd lmZ�ddlZddlmZ�ddlmZ�d Ze��Ze��ZG�dd��dej�ZG�dd��dejej�ZdS�)zIECDSA (ES256) verifier and signer that use the ``cryptography`` library. ��)�utilsN)�backends)�hashes)� serialization)�ec)�padding)�decode_dss_signature)�encode_dss_signature)�_helpers)�bases��-----BEGIN CERTIFICATE-----c��@��s8��e�Zd�ZdZdd��Ze�ej�dd��Z e dd��ZdS�) � ES256Verifierz�Verifies ECDSA cryptographic signatures using public keys. Args: public_key ( cryptography.hazmat.primitives.asymmetric.ec.ECDSAPublicKey): The public key used to verify signatures. c��C��s ��\|\|�_�d�S��N)�_pubkey)�self� public_key��r��J/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/es256.py�__init__/��s�� zES256Verifier.__init__c�� C��s��t��\|�}t\|�dkr dS�t��rtj\|d�d��dd�n tj\|d�d��dd�}t��r6tj\|dd��dd�n tj\|dd��dd�}t\|\|�}t��\|�}z\|�j � \|\|t�t ��W�dS��ttjjfyi��Y�dS�w�)N�@��F� ��big�� byteorderT)r ��to_bytes�len�is_python_3�int� from_bytesr��int_from_bytesr ��r��verifyr��ECDSAr��SHA256� ValueError�cryptography� exceptions�InvalidSignature)r��message� signature� sig_bytes�r�s�asn1_sigr��r��r��r��2��s&�� zES256Verifier.verifyc��C��sD��t��\|�}t\|v�rtj�\|t�}\|��}\|�\|�S�t� \|t�}\|�\|�S�)ay��Construct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: Verifier: The constructed verifier. Raises: ValueError: If the public key can't be parsed. ) r ��r��_CERTIFICATE_MARKERr#��x509�load_pem_x509_certificate�_BACKENDr��r��load_pem_public_key)�clsr��public_key_data�cert�pubkeyr��r��r��from_stringK��s�� zES256Verifier.from_stringN)�__name__� __module__�__qualname__�__doc__r��r ��copy_docstringr��Verifierr��classmethodr5��r��r��r��r��r��&��s�� r��c��@��sd��e�Zd�ZdZddd�Zee�ej �dd��Z e�ej �dd��Zedd d ��Z dd��Zd d��ZdS�)�ES256Signera��Signs messages with an ECDSA private key. Args: private_key ( cryptography.hazmat.primitives.asymmetric.ec.ECDSAPrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. Nc��C��s��\|\|�_�\|\|�_d�S�r ��)�_key�_key_id)r��private_key�key_idr��r��r��r��t��s�� zES256Signer.__init__c��C��s��\|�j�S�r ��)r?��)r��r��r��r��rA��x��s��zES256Signer.key_idc��C��sj��t��\|�}\|�j�\|t�t��}t\|�\}}t�� r)\|jddd�\|jddd��S�t �\|d�t �\|d��S�)Nr��r��r��)r ��r��r>��signr��r ��r��r!��r��r��r��int_to_bytes)r��r&��asn1_signaturer)��r��r��r��r��rB��}��s�� zES256Signer.signc��C��s&��t��\|�}tj\|dtd�}\|�\|\|d�S�)al��Construct a RSASigner from a private key in PEM format. Args: key (Union[bytes, str]): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt._cryptography_rsa.RSASigner: The constructed signer. Raises: ValueError: If ``key`` is not ``bytes`` or ``str`` (unicode). UnicodeDecodeError: If ``key`` is ``bytes`` but cannot be decoded into a UTF-8 ``str``. ValueError: If ``cryptography`` "Could not deserialize key data." N)�password�backend)rA��)r ��r��r��load_pem_private_keyr/��)r1��keyrA��r@��r��r��r��r5��s �� zES256Signer.from_stringc��C��s0��\|�j��}\|�jjtjjtjjt� ��d�\|d<�\|S�)z1Pickle helper that serializes the _key attribute.)�encoding�format�encryption_algorithmr>��) �__dict__�copyr>�� private_bytesr��Encoding�PEM� PrivateFormat�PKCS8�NoEncryption�r��stater��r��r��__getstate__��s�� zES256Signer.__getstate__c��C��s$��t��\|d�d�\|d<�\|�j�\|��dS�)z3Pickle helper that deserializes the _key attribute.r>��N)r��rG��rL��updaterT��r��r��r��__setstate__��s��zES256Signer.__setstate__r ��)r6��r7��r8��r9��r��propertyr ��r:��r��SignerrA��rB��r<��r5��rV��rX��r��r��r��r��r=��h��s�� r=��)r9��r#��r��cryptography.exceptions�cryptography.hazmatr��cryptography.hazmat.primitivesr��r��)cryptography.hazmat.primitives.asymmetricr��r��/cryptography.hazmat.primitives.asymmetric.utilsr��r ��cryptography.x509�google.authr ��google.auth.cryptr��r,��default_backendr/��PKCS1v15�_PADDINGr;��r��rZ��FromServiceAccountMixinr=��r��r��r��r��<module>��s$��B��__pycache__/_python_rsa.cpython-310.pyc��0000644��00000013221�15030207565�0014004 0��ustar�00��o ��h��@��s��d�Z�ddlmZ�ddlZddlmZ�ddlmZ�ddlm Z �ddl mZ�ddlZddl mZ�dd l mZ�dd lmZ�dZdZd ZdZe��Zdd��ZG�dd��dej�ZG�dd��dejej�ZdS�)z�Pure-Python RSA cryptography implementation. Uses the ``rsa``, ``pyasn1`` and ``pyasn1_modules`` packages to parse PEM files storing PKCS#1 or PKCS#8 keys as well as certificates. There is no support for p12 files. ��)�absolute_importN)�decoder)�pem)�Certificate)�PrivateKeyInfo)�_helpers)� exceptions)�base)��@�� s��-----BEGIN CERTIFICATE-----)z-----BEGIN RSA PRIVATE KEY-----z-----END RSA PRIVATE KEY-----)z-----BEGIN PRIVATE KEY-----z-----END PRIVATE KEY-----c��C��sZ��t�\|��}t��}td\|d�D�]}\|�\|\|d��}tdd��tt\|�D��}\|�\|��q t\|�S�)z�Converts an iterable of 1s and 0s to bytes. Combines the list 8 at a time, treating each group of 8 bits as a single byte. Args: bit_list (Sequence): Sequence of 1s and 0s. Returns: bytes: The decoded bytes. r��r��c��s��s��\|�] \}}\|\|�V��qd�S��N��)�.0�val�digitr��r��P/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/_python_rsa.py� <genexpr>;��s��z%_bit_list_to_bytes.<locals>.<genexpr>)�len� bytearray�range�sum�zip�_POW2�append�bytes)�bit_list�num_bits� byte_vals�start� curr_bits�char_valr��r��r��_bit_list_to_bytes+��s��r'��c��@��s8��e�Zd�ZdZdd��Ze�ej�dd��Z e dd��ZdS�) �RSAVerifierz�Verifies RSA cryptographic signatures using public keys. Args: public_key (rsa.key.PublicKey): The public key used to verify signatures. c��C��s ��\|\|�_�d�S�r��)�_pubkey)�self� public_keyr��r��r��__init__H��s�� zRSAVerifier.__init__c�� C��s<��t��\|�}z tj�\|\|\|�j�W�S��ttjjfy��Y�dS�w�)NF)r��to_bytes�rsa�pkcs1�verifyr)�� ValueError�VerificationError)r��message� signaturer��r��r��r0��K��s�� zRSAVerifier.verifyc�� C��s��t��\|�}t\|v�}\|r=tj�\|d�}tj\|t��d�\}}\|dkr&t � d\|��\|d�d�}t\|d��}tj� \|d�}\|�\|�S�tj� \|d �}\|�\|�S�) a��Construct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: google.auth.crypt._python_rsa.RSAVerifier: The constructed verifier. Raises: ValueError: If the public_key can't be parsed. �CERTIFICATE��asn1Spec��Unused bytes�tbsCertificate�subjectPublicKeyInfo�subjectPublicKey�DER�PEM)r��r-��_CERTIFICATE_MARKERr.��r��load_pemr��decoder��r��InvalidValuer'�� PublicKey� load_pkcs1) �clsr+��is_x509_cert�der� asn1_cert� remaining� cert_info� key_bytes�pubkeyr��r��r��from_stringS��s�� zRSAVerifier.from_stringN)�__name__� __module__�__qualname__�__doc__r,��r��copy_docstringr ��Verifierr0��classmethodrM��r��r��r��r��r(��@��s�� r(��c��@��sT��e�Zd�ZdZddd�Zee�ej �dd��Z e�ej �dd��Zedd d ��Z dS�)� RSASignera?��Signs messages with an RSA private key. Args: private_key (rsa.key.PrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. Nc��C��s��\|\|�_�\|\|�_d�S�r��)�_key�_key_id)r��private_key�key_idr��r��r��r,��~��s�� zRSASigner.__init__c��C��s��\|�j�S�r��)rW��)r��r��r��r��rY��s��zRSASigner.key_idc��C��s��t��\|�}tj�\|\|�jd�S�)NzSHA-256)r��r-��r.��r/��signrV��)r��r3��r��r��r��rZ��s�� zRSASigner.signc�� C��s��t��\|�}t�t�\|�tt�\}}\|dkrtj j j\|dd�}n-\|dkrGtj \|td�\}}\|dkr6t�d\|��\|�d�}tj j j\|��dd�}nt�d ��\|�\|\|d �S�)a��Construct an Signer instance from a private key in PEM format. Args: key (str): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed as PKCS#1 or PKCS#8 in PEM format. r��r=��)�formatr��r6��r8��r9�� privateKeyzNo key could be detected.)rY��)r�� from_bytesr��readPemBlocksFromFile�io�StringIO� _PKCS1_MARKER� _PKCS8_MARKERr.��key� PrivateKeyrD��r��rA��_PKCS8_SPECr��rB��getComponentByName�asOctets�MalformedError) rE��rc��rY�� marker_idrK��rX��key_inforI��private_key_infor��r��r��rM��s �� zRSASigner.from_stringr��)rN��rO��rP��rQ��r,��propertyr��rR��r ��SignerrY��rZ��rT��rM��r��r��r��r��rU��t��s�� rU��)rQ�� __future__r��r_��pyasn1.codec.derr��pyasn1_modulesr��pyasn1_modules.rfc2459r��pyasn1_modules.rfc5208r��r.��google.authr��r��google.auth.cryptr ��r��r?��ra��rb��re��r'��rS��r(��rm��FromServiceAccountMixinrU��r��r��r��r��<module>��s&��4��__pycache__/rsa.cpython-310.pyc��0000644��00000000633�15030207565�0012247 0��ustar�00��o ��hU��@��sP��d�Z�zddlmZ�ejZejZW�dS��ey'��ddlmZ�ejZejZY�dS�w�)z%RSA cryptography signer and verifier.��)�_cryptography_rsa)�_python_rsaN)�__doc__�google.auth.cryptr�� RSASigner�RSAVerifier�ImportErrorr��r ��r ��H/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/rsa.py�<module>��s��__pycache__/base.cpython-310.pyc��0000644��00000010044�15030207565�0012371 0��ustar�00��o ��h^��@��sp��d�Z�ddlZddlZddlZddlmZ�dZdZG�dd��dejd�Z G�d d ��d ejd�Z G�dd��dejd�ZdS�) z5Base classes for cryptographic signers and verifiers.��N)� exceptions�private_key�private_key_idc��@��s��e�Zd�ZdZejdd��ZdS�)�Verifierz9Abstract base class for crytographic signature verifiers.c��C��t�d��)a��Verifies a message against a cryptographic signature. Args: message (Union[str, bytes]): The message to verify. signature (Union[str, bytes]): The cryptography signature to check. Returns: bool: True if message was signed by the private key associated with the public key that this object was constructed with. zVerify must be implemented��NotImplementedError)�self�message� signature��r��I/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/base.py�verify��zVerifier.verifyN)�__name__� __module__�__qualname__�__doc__�abc�abstractmethodr��r��r��r��r ��r��s��r��)� metaclassc��@��s,��e�Zd�ZdZejdd��Zejdd��ZdS�)�Signerz.Abstract base class for cryptographic signers.c��C��r��)z<Optional[str]: The key ID used to identify this private key.zKey id must be implementedr��)r ��r��r��r ��key_id2��s��z Signer.key_idc��C��r��)z�Signs a message. Args: message (Union[str, bytes]): The message to be signed. Returns: bytes: The signature of the message. zSign must be implementedr��)r ��r ��r��r��r ��sign7��s��zSigner.signN) r��r��r��r��r��abstractpropertyr��r��r��r��r��r��r ��r��/��s�� r��c��@��s8��e�Zd�ZdZejd dd��Zedd��Zedd��Z dS�) �FromServiceAccountMixinz3Mix-in to enable factory constructors for a Signer.Nc��C��r��)ad��Construct an Signer instance from a private key string. Args: key (str): Private key as a string. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed. zfrom_string must be implementedr��)�cls�keyr��r��r��r ��from_stringI��r��z#FromServiceAccountMixin.from_stringc��C��s(��t�\|vr t�d��\|��\|t��\|�t��S�)a��Creates a Signer instance instance from a dictionary containing service account info in Google format. Args: info (Mapping[str, str]): The service account info in Google format. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the info is not in the expected format. z@The private_key field was not found in the service account info.)�_JSON_FILE_PRIVATE_KEYr��MalformedErrorr��get�_JSON_FILE_PRIVATE_KEY_ID)r��infor��r��r ��from_service_account_infoY��s��z1FromServiceAccountMixin.from_service_account_infoc��C��sD��t�j\|ddd�� }t�\|�}W�d��n1�sw��Y��\|��\|�S�)a��Creates a Signer instance from a service account .json file in Google format. Args: filename (str): The path to the service account .json file. Returns: google.auth.crypt.Signer: The constructed signer. �rzutf-8)�encodingN)�io�open�json�loadr$��)r��filename� json_file�datar��r��r ��from_service_account_fileq��s�� z1FromServiceAccountMixin.from_service_account_file)N) r��r��r��r��r��r��r��classmethodr$��r.��r��r��r��r ��r��F��s�� r��)r��r��r'��r)��google.authr��r��r"��ABCMetar��r��r��r��r��r��r ��<module>��s��__pycache__/_helpers.cpython-310.pyc��0000644��00000000252�15030207565�0013260 0��ustar�00��o ��h��@��s��d�S�)N��r��r��r��M/usr/local/CyberCP/lib/python3.10/site-packages/google/auth/crypt/_helpers.py�<module>��s��rsa.py��0000644��00000002125�15030207565�0005706 0��ustar�00��# Copyright 2017 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """RSA cryptography signer and verifier.""" try: # Prefer cryptograph-based RSA implementation. from google.auth.crypt import _cryptography_rsa RSASigner = _cryptography_rsa.RSASigner RSAVerifier = _cryptography_rsa.RSAVerifier except ImportError: # pragma: NO COVER # Fallback to pure-python RSA implementation if cryptography is # unavailable. from google.auth.crypt import _python_rsa RSASigner = _python_rsa.RSASigner # type: ignore RSAVerifier = _python_rsa.RSAVerifier # type: ignore ��_cryptography_rsa.py��0000644��00000012046�15030207565�0010663 0��ustar�00��# Copyright 2017 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """RSA verifier and signer that use the ``cryptography`` library. This is a much faster implementation than the default (in ``google.auth.crypt._python_rsa``), which depends on the pure-Python ``rsa`` library. """ import cryptography.exceptions from cryptography.hazmat import backends from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import padding import cryptography.x509 from google.auth import _helpers from google.auth.crypt import base _CERTIFICATE_MARKER = b"-----BEGIN CERTIFICATE-----" _BACKEND = backends.default_backend() _PADDING = padding.PKCS1v15() _SHA256 = hashes.SHA256() class RSAVerifier(base.Verifier): """Verifies RSA cryptographic signatures using public keys. Args: public_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey): The public key used to verify signatures. """ def __init__(self, public_key): self._pubkey = public_key @_helpers.copy_docstring(base.Verifier) def verify(self, message, signature): message = _helpers.to_bytes(message) try: self._pubkey.verify(signature, message, _PADDING, _SHA256) return True except (ValueError, cryptography.exceptions.InvalidSignature): return False @classmethod def from_string(cls, public_key): """Construct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: Verifier: The constructed verifier. Raises: ValueError: If the public key can't be parsed. """ public_key_data = _helpers.to_bytes(public_key) if _CERTIFICATE_MARKER in public_key_data: cert = cryptography.x509.load_pem_x509_certificate( public_key_data, _BACKEND ) pubkey = cert.public_key() else: pubkey = serialization.load_pem_public_key(public_key_data, _BACKEND) return cls(pubkey) class RSASigner(base.Signer, base.FromServiceAccountMixin): """Signs messages with an RSA private key. Args: private_key ( cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. """ def __init__(self, private_key, key_id=None): self._key = private_key self._key_id = key_id @property # type: ignore @_helpers.copy_docstring(base.Signer) def key_id(self): return self._key_id @_helpers.copy_docstring(base.Signer) def sign(self, message): message = _helpers.to_bytes(message) return self._key.sign(message, _PADDING, _SHA256) @classmethod def from_string(cls, key, key_id=None): """Construct a RSASigner from a private key in PEM format. Args: key (Union[bytes, str]): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt._cryptography_rsa.RSASigner: The constructed signer. Raises: ValueError: If ``key`` is not ``bytes`` or ``str`` (unicode). UnicodeDecodeError: If ``key`` is ``bytes`` but cannot be decoded into a UTF-8 ``str``. ValueError: If ``cryptography`` "Could not deserialize key data." """ key = _helpers.to_bytes(key) private_key = serialization.load_pem_private_key( key, password=None, backend=_BACKEND ) return cls(private_key, key_id=key_id) def __getstate__(self): """Pickle helper that serializes the _key attribute.""" state = self.__dict__.copy() state["_key"] = self._key.private_bytes( encoding=serialization.Encoding.PEM, format=serialization.PrivateFormat.PKCS8, encryption_algorithm=serialization.NoEncryption(), ) return state def __setstate__(self, state): """Pickle helper that deserializes the _key attribute.""" state["_key"] = serialization.load_pem_private_key(state["_key"], None) self.__dict__.update(state) ��__init__.py��0000644��00000006374�15030207565�0006672 0��ustar�00��# Copyright 2016 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """Cryptography helpers for verifying and signing messages. The simplest way to verify signatures is using :func:`verify_signature`:: cert = open('certs.pem').read() valid = crypt.verify_signature(message, signature, cert) If you're going to verify many messages with the same certificate, you can use :class:`RSAVerifier`:: cert = open('certs.pem').read() verifier = crypt.RSAVerifier.from_string(cert) valid = verifier.verify(message, signature) To sign messages use :class:`RSASigner` with a private key:: private_key = open('private_key.pem').read() signer = crypt.RSASigner.from_string(private_key) signature = signer.sign(message) The code above also works for :class:`ES256Signer` and :class:`ES256Verifier`. Note that these two classes are only available if your `cryptography` dependency version is at least 1.4.0. """ from google.auth.crypt import base from google.auth.crypt import rsa try: from google.auth.crypt import es256 except ImportError: # pragma: NO COVER es256 = None # type: ignore if es256 is not None: # pragma: NO COVER __all__ = [ "ES256Signer", "ES256Verifier", "RSASigner", "RSAVerifier", "Signer", "Verifier", ] else: # pragma: NO COVER __all__ = ["RSASigner", "RSAVerifier", "Signer", "Verifier"] # Aliases to maintain the v1.0.0 interface, as the crypt module was split # into submodules. Signer = base.Signer Verifier = base.Verifier RSASigner = rsa.RSASigner RSAVerifier = rsa.RSAVerifier if es256 is not None: # pragma: NO COVER ES256Signer = es256.ES256Signer ES256Verifier = es256.ES256Verifier def verify_signature(message, signature, certs, verifier_cls=rsa.RSAVerifier): """Verify an RSA or ECDSA cryptographic signature. Checks that the provided ``signature`` was generated from ``bytes`` using the private key associated with the ``cert``. Args: message (Union[str, bytes]): The plaintext message. signature (Union[str, bytes]): The cryptographic signature to check. certs (Union[Sequence, str, bytes]): The certificate or certificates to use to check the signature. verifier_cls (Optional[~google.auth.crypt.base.Signer]): Which verifier class to use for verification. This can be used to select different algorithms, such as RSA or ECDSA. Default value is :class:`RSAVerifier`. Returns: bool: True if the signature is valid, otherwise False. """ if isinstance(certs, (str, bytes)): certs = [certs] for cert in certs: verifier = verifier_cls.from_string(cert) if verifier.verify(message, signature): return True return False ��_python_rsa.py��0000644��00000013753�15030207565�0007457 0��ustar�00��# Copyright 2016 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. """Pure-Python RSA cryptography implementation. Uses the ``rsa``, ``pyasn1`` and ``pyasn1_modules`` packages to parse PEM files storing PKCS#1 or PKCS#8 keys as well as certificates. There is no support for p12 files. """ from __future__ import absolute_import import io from pyasn1.codec.der import decoder # type: ignore from pyasn1_modules import pem # type: ignore from pyasn1_modules.rfc2459 import Certificate # type: ignore from pyasn1_modules.rfc5208 import PrivateKeyInfo # type: ignore import rsa # type: ignore from google.auth import _helpers from google.auth import exceptions from google.auth.crypt import base _POW2 = (128, 64, 32, 16, 8, 4, 2, 1) _CERTIFICATE_MARKER = b"-----BEGIN CERTIFICATE-----" _PKCS1_MARKER = ("-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----") _PKCS8_MARKER = ("-----BEGIN PRIVATE KEY-----", "-----END PRIVATE KEY-----") _PKCS8_SPEC = PrivateKeyInfo() def _bit_list_to_bytes(bit_list): """Converts an iterable of 1s and 0s to bytes. Combines the list 8 at a time, treating each group of 8 bits as a single byte. Args: bit_list (Sequence): Sequence of 1s and 0s. Returns: bytes: The decoded bytes. """ num_bits = len(bit_list) byte_vals = bytearray() for start in range(0, num_bits, 8): curr_bits = bit_list[start : start + 8] char_val = sum(val * digit for val, digit in zip(_POW2, curr_bits)) byte_vals.append(char_val) return bytes(byte_vals) class RSAVerifier(base.Verifier): """Verifies RSA cryptographic signatures using public keys. Args: public_key (rsa.key.PublicKey): The public key used to verify signatures. """ def __init__(self, public_key): self._pubkey = public_key @_helpers.copy_docstring(base.Verifier) def verify(self, message, signature): message = _helpers.to_bytes(message) try: return rsa.pkcs1.verify(message, signature, self._pubkey) except (ValueError, rsa.pkcs1.VerificationError): return False @classmethod def from_string(cls, public_key): """Construct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: google.auth.crypt._python_rsa.RSAVerifier: The constructed verifier. Raises: ValueError: If the public_key can't be parsed. """ public_key = _helpers.to_bytes(public_key) is_x509_cert = _CERTIFICATE_MARKER in public_key # If this is a certificate, extract the public key info. if is_x509_cert: der = rsa.pem.load_pem(public_key, "CERTIFICATE") asn1_cert, remaining = decoder.decode(der, asn1Spec=Certificate()) if remaining != b"": raise exceptions.InvalidValue("Unused bytes", remaining) cert_info = asn1_cert["tbsCertificate"]["subjectPublicKeyInfo"] key_bytes = _bit_list_to_bytes(cert_info["subjectPublicKey"]) pubkey = rsa.PublicKey.load_pkcs1(key_bytes, "DER") else: pubkey = rsa.PublicKey.load_pkcs1(public_key, "PEM") return cls(pubkey) class RSASigner(base.Signer, base.FromServiceAccountMixin): """Signs messages with an RSA private key. Args: private_key (rsa.key.PrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. """ def __init__(self, private_key, key_id=None): self._key = private_key self._key_id = key_id @property # type: ignore @_helpers.copy_docstring(base.Signer) def key_id(self): return self._key_id @_helpers.copy_docstring(base.Signer) def sign(self, message): message = _helpers.to_bytes(message) return rsa.pkcs1.sign(message, self._key, "SHA-256") @classmethod def from_string(cls, key, key_id=None): """Construct an Signer instance from a private key in PEM format. Args: key (str): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed as PKCS#1 or PKCS#8 in PEM format. """ key = _helpers.from_bytes(key) # PEM expects str in Python 3 marker_id, key_bytes = pem.readPemBlocksFromFile( io.StringIO(key), _PKCS1_MARKER, _PKCS8_MARKER ) # Key is in pkcs1 format. if marker_id == 0: private_key = rsa.key.PrivateKey.load_pkcs1(key_bytes, format="DER") # Key is in pkcs8. elif marker_id == 1: key_info, remaining = decoder.decode(key_bytes, asn1Spec=_PKCS8_SPEC) if remaining != b"": raise exceptions.InvalidValue("Unused bytes", remaining) private_key_info = key_info.getComponentByName("privateKey") private_key = rsa.key.PrivateKey.load_pkcs1( private_key_info.asOctets(), format="DER" ) else: raise exceptions.MalformedError("No key could be detected.") return cls(private_key, key_id=key_id) ��

| ver. 1.4 | Github | . | PHP 8.2.28 | Generation time: 0.02 | proxy | phpinfo | Settings