ÿigygdZddlZddlZddlmZddlmZmZmZddl m Z m Z ddl m Z ddlmZddlmZmZmZdd lmZmZmZGd d eZdd ZddZdZdZdZdZdZ dZ!dZ"ddZ#e#Z$dZ%dS))generate construct import_keyRsaKeyoidN)Random)tobytesbordtostr) DerSequenceDerNull) bytes_to_long)Integer)test_probable_primegenerate_probable_prime COMPOSITE)_expand_subject_public_key_info_create_subject_public_key_info _extract_subject_public_key_infoceZdZdZdZedZedZedZedZ edZ edZ ed Z ed Z ed Zed Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZ d(dZdZd Z d!Z!d"Z"d#Z#d$Z$d%Z%d&Z&d'Z'dS))raClass defining an RSA key, private or public. Do not instantiate directly. Use :func:`generate`, :func:`construct` or :func:`import_key` instead. :ivar n: RSA modulus :vartype n: integer :ivar e: RSA public exponent :vartype e: integer :ivar d: RSA private exponent :vartype d: integer :ivar p: First factor of the RSA modulus :vartype p: integer :ivar q: Second factor of the RSA modulus :vartype q: integer :ivar invp: Chinese remainder component (:math:`p^{-1} \text{mod } q`) :vartype invp: integer :ivar invq: Chinese remainder component (:math:`q^{-1} \text{mod } p`) :vartype invq: integer :ivar u: Same as ``invp`` :vartype u: integer c t|}td}|tdz}|||fvrtd|D]\}}t |d|z|||kr7|j|jdz z|_|j|jdz z|_ d|_ dSdS)a.Build an RSA key. :Keywords: n : integer The modulus. e : integer The public exponent. d : integer The private exponent. Only required for private keys. p : integer The first factor of the modulus. Only required for private keys. q : integer The second factor of the modulus. Only required for private keys. u : integer The CRT coefficient (inverse of p modulo q). Only required for private keys. ne)pqduzSome RSA components are missing_N) setkeys ValueErroritemssetattr_d_p_dp_q_dq_invq)selfkwargs input_set public_set private_set componentvalues T/var/www/html/afkarena/venv/lib/python3.11/site-packages/Cryptodome/PublicKey/RSA.py__init__zRsaKey.__init__Rs& && __  3';#<#<< [*5 5 5>?? ? &  2 2 Iu D# /5 1 1 1 1  # #w$'A+.DHw$'A+.DHDJJJ $ #c*t|jSN)int_nr,s r3rzRsaKey.nq47||r5c*t|jSr7)r8_er:s r3rzRsaKey.eur;r5cp|stdt|jS)Nz-No private exponent available for public keys) has_privateAttributeErrorr8r&r:s r3rzRsaKey.dys4!! R !PQQ Q47||r5cp|stdt|jS)Nz.No CRT component 'p' available for public keys)r?r@r8r'r:s r3rzRsaKey.p4!! S !QRR R47||r5cp|stdt|jS)Nz.No CRT component 'q' available for public keys)r?r@r8r)r:s r3rzRsaKey.qrBr5cp|stdt|jS)Nz/No CRT component 'dp' available for public keys)r?r@r8r(r:s r3dpz RsaKey.dp4!! T !RSS S48}}r5cp|stdt|jS)Nz/No CRT component 'dq' available for public keys)r?r@r8r*r:s r3dqz RsaKey.dqrFr5c|std|j$|j|j|_t |jS)Nz1No CRT component 'invq' available for public keys)r?r@r+r)inverser'r8r:s r3invqz RsaKey.invqsS!! V !TUU U : 11DJ4:r5c|jSr7)rr:s r3invpz RsaKey.invps v r5cp|stdt|jS)Nz.No CRT component 'u' available for public keys)r?r@r8_ur:s r3rzRsaKey.urBr5c4|jS)zSize of the RSA modulus in bitsr9 size_in_bitsr:s r3rRzRsaKey.size_in_bitssw##%%%r5cF|jdz dzdzS)z9The minimal amount of bytes that can hold the RSA modulusr rQr:s r3 size_in_byteszRsaKey.size_in_bytess%$$&&*q0144r5cd|cxkr |jksntdttt ||j|jS)NrzPlaintext too large)r9r#r8powrr=)r, plaintexts r3_encryptzRsaKey._encryptsXI''''''''233 33wy))47DG<<===r5cDd|cxkr |jksntd|stdt jd|j}t |t ||j|jz|jz}t ||j|j }t ||j |j }||z |j z|j z}||j z|z}t j ||j||j}|S)NrzCiphertext too largezThis is not a private keyr ) min_inclusive max_exclusive)r9r#r? TypeErrorr random_rangerWr=r(r'r*r)rO_mult_modulo_bytesrJ) r, ciphertextrcpm1m2hmpresults r3_decrypt_to_byteszRsaKey._decrypt_to_bytessJ((((((((344 4!! 9788 8  q H H H Z 3q$'47#;#; ;dg E TXtw ' ' TXtw ' '2g DG + [2 +IIdg&&G r5cFt||S)zLegacy private method)rrhr,r`s r3_decryptzRsaKey._decrypts T33J??@@@r5c"t|dS)z"Whether this is an RSA private keyr&)hasattrr:s r3r?zRsaKey.has_privatestT"""r5cdSNTr:s r3 can_encryptzRsaKey.can_encrypttr5cdSrorpr:s r3can_signzRsaKey.can_signrrr5c8t|j|jS)z^A matching RSA public key. Returns: a new :class:`RsaKey` object r)rr9r=r:s r3 public_keyzRsaKey.public_keys 47++++r5c||krdS|j|jks|j|jkrdS|sdS|j|jkS)NFT)r?rrrr,others r3__eq__z RsaKey.__eq__st     !2!2!4!4 4 45 6UW  %' 1 15!! 4%'!"r5c||k Sr7rprxs r3__ne__z RsaKey.__ne__sEM""r5cddlm}|)Nr) PicklingError)pickler~)r,r~s r3 __getstate__zRsaKey.__getstate__s((((((r5c*|rRdt|jt|jt|jt|jfz}nd}dt|jt|j|fzS)Nz, d=%d, p=%d, q=%d, u=%dzRsaKey(n=%d, e=%d%s))r?r8r&r'r)rOr9r=)r,extras r3__repr__zRsaKey.__repr__s{      .#dg,,DG 25dg,,DG 2NNEEE%TWs47||U(KKKr5c\|rd}nd}d|t|fzS)NPrivatePublicz%s RSA key at 0x%X)r?id)r,key_types r3__str__zRsaKey.__str__s8       HHH#xD&:::r5PEMNr c |t|}| tj}|dkrd|j|jfD\}}t |ddzrd|z}t |ddzrd|z}d||g} dd | D} d tj| dd zS| r.td|j |j |j |j|j|j |jd z z|j |jd z zt!|j|jg } |d krd } |dkr|rt'dnddlm} |dkr/|-d} | | t.dt1} nd} |s|rt'dd}| | t.|||t1} d}n=d} t3t.t|j |j gt1} |dkr| S|dkr-ddlm}|| | ||}t|St'd|z)a Export this RSA key. Keyword Args: format (string): The desired output format: - ``'PEM'``. (default) Text output, according to `RFC1421`_/`RFC1423`_. - ``'DER'``. Binary output. - ``'OpenSSH'``. Text output, according to the OpenSSH specification. Only suitable for public keys (not private keys). Note that PEM contains a DER structure. passphrase (bytes or string): (*Private keys only*) The passphrase to protect the private key. pkcs (integer): (*Private keys only*) The standard to use for serializing the key: PKCS#1 or PKCS#8. With ``pkcs=1`` (*default*), the private key is encoded with a simple `PKCS#1`_ structure (``RSAPrivateKey``). The key cannot be securely encrypted. With ``pkcs=8``, the private key is encoded with a `PKCS#8`_ structure (``PrivateKeyInfo``). PKCS#8 offers the best ways to securely encrypt the key. .. note:: This parameter is ignored for a public key. For DER and PEM, the output is always an ASN.1 DER ``SubjectPublicKeyInfo`` structure. protection (string): (*For private keys only*) The encryption scheme to use for protecting the private key using the passphrase. You can only specify a value if ``pkcs=8``. For all possible protection schemes, refer to :ref:`the encryption parameters of PKCS#8`. The recommended value is ``'PBKDF2WithHMAC-SHA512AndAES256-CBC'``. If ``None`` (default), the behavior depends on :attr:`format`: - if ``format='PEM'``, the obsolete PEM encryption scheme is used. It is based on MD5 for key derivation, and 3DES for encryption. - if ``format='DER'``, the ``'PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC'`` scheme is used. prot_params (dict): (*For private keys only*) The parameters to use to derive the encryption key from the passphrase. ``'protection'`` must be also specified. For all possible values, refer to :ref:`the encryption parameters of PKCS#8`. The recommendation is to use ``{'iteration_count':21000}`` for PBKDF2, and ``{'iteration_count':131072}`` for scrypt. randfunc (callable): A function that provides random bytes. Only used for PEM encoding. The default is :func:`Cryptodome.Random.get_random_bytes`. Returns: bytes: the encoded key Raises: ValueError:when the format is unknown or when you try to encrypt a private key with *DER* format and PKCS#1. .. warning:: If you don't provide a pass phrase, the private key will be exported in the clear! .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _`PKCS#1`: http://www.ietf.org/rfc/rfc3447.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt NOpenSSHc6g|]}|Srp)to_bytes.0xs r3 z%RsaKey.export_key..ds III IIIr5rsssh-rsar5cXg|]'}tjdt||z(S)>I)structpacklen)rkps r3rz%RsaKey.export_key..js/!U!U!Ub&+dCGG"<"yy","B"BJJ 7H%J&S",-Q"R"RR%I !&J,6 8C7>yy","B"BJ"&JJ#H89DdfFJfFN:O:O9@;;J U??  U?? ) ) ) ) ) )jjXz8LLG7## #NQWWXXXr5c|j|i|S:meta private:)r)r,argsr-s r3 exportKeyzRsaKey.exportKeyst////r5c*|Sr)rvr:s r3 publickeyzRsaKey.publickeys   r5c tdrz0Use module Cryptodome.Signature.pkcs1_15 insteadNotImplementedError)r,MKs r3signz RsaKey.sign!"TUUUr5c tdrr)r,r signatures r3verifyz RsaKey.verifyrr5c tdrz/Use module Cryptodome.Cipher.PKCS1_OAEP insteadr)r,rXrs r3encryptzRsaKey.encrypt!"STTTr5c tdrrrjs r3decryptzRsaKey.decryptrr5ctrrr,rBs r3blindz RsaKey.blind!!r5ctrrrs r3unblindzRsaKey.unblindrr5ctrrr:s r3sizez RsaKey.sizerr5)rNr NNN)(__name__ __module__ __qualname____doc__r4propertyrrrrrrErHrKrMrrRrUrYrhrkr?rqrtrvrzr|rrrrrrrrrrrrrrpr5r3rr4s:>XXX X X X X XXX &&&555>>> 2AAA ### ,,,###### LLL;;;>??CYYYYYYYYx000!!! VVVVVVUUUUUU"""""""""""r5rc |dkrtddzdksdkrtd| tj}tdx}}t||kr|d|dzzkr |dz}||z }tdd|zdz zx ||kr*tdd|zdz z  fd }t ||| td|dzd z z  fd }t ||| } | z}dz | dz } | }||kr |d|dzzk | kr| c} | } t||| | S)aFCreate a new RSA key pair. The algorithm closely follows NIST `FIPS 186-4`_ in its sections B.3.1 and B.3.3. The modulus is the product of two non-strong probable primes. Each prime passes a suitable number of Miller-Rabin tests with random bases and a single Lucas test. Args: bits (integer): Key length, or size (in bits) of the RSA modulus. It must be at least 1024, but **2048 is recommended.** The FIPS standard only defines 1024, 2048 and 3072. Keyword Args: randfunc (callable): Function that returns random bytes. The default is :func:`Cryptodome.Random.get_random_bytes`. e (integer): Public RSA exponent. It must be an odd positive integer. It is typically a small number with very few ones in its binary representation. The FIPS standard requires the public exponent to be at least 65537 (the default). Returns: an RSA key object (:class:`RsaKey`, with private key). .. _FIPS 186-4: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf iz"RSA modulus length must be >= 1024rzBRSA public exponent must be a positive, odd integer larger than 2.Nr cH|ko|dz dkSNr )gcd) candidatermin_ps r3filter_pzgenerate..filter_ps*u$D)a-)<).filter_qsH%6]''**a/6 A &&5 7r5rrrrrr) r#rrrrRsqrtrlcmrJr)bitsrrrrsize_qsize_prrrrrrrrrs ` @@@@r3rrsB< d{{=>>>1uzzQUU]^^^* AJJA A ..  d " "qA$!),<'='= F Q7==??? V  QZZAJN399;;E E E E E E E $v-519 ; ; ;qzzdai#o6  7 7 7 7 7 7 7 7 $v-519 ; ; ; E1ukk!a%   IIcNN? ..  d " "qA$!),<'='=B 1uu!1 ! A Aa1Q / / //r5Tc6Gddt}|}td|D]#\}}t||t|$|j}|j}t |dst||}nM|j} t |dr|j } |j } n| |zdz } | } | dzd kr| dz} | dzd kd }td}|s|d krt| }|| krht|||}|dkrF||dz kr=t|d|dkr(t| |dz} d }n |dz}|| kh|dz }|s|d k|std || zd ksJ|| z} t |dr|j}n| | }t||| | | |}|r|dks||krtdt| |dkrtd|dzstd|rM| dks| |krtdt| | dkrtd| | z|krtdt#| t$krtdt#| t$krtd| dz | dz z}|| dz | dz z}|| zt'|zdkrtdt |dr6|dks|| krtd| |z| zdkrtd|S)a3Construct an RSA key from a tuple of valid RSA components. The modulus **n** must be the product of two primes. The public exponent **e** must be odd and larger than 1. In case of a private key, the following equations must apply: .. math:: \begin{align} p*q &= n \\ e*d &\equiv 1 ( \text{mod lcm} [(p-1)(q-1)]) \\ p*u &\equiv 1 ( \text{mod } q) \end{align} Args: rsa_components (tuple): A tuple of integers, with at least 2 and no more than 6 items. The items come in the following order: 1. RSA modulus *n*. 2. Public exponent *e*. 3. Private exponent *d*. Only required if the key is private. 4. First factor of *n* (*p*). Optional, but the other factor *q* must also be present. 5. Second factor of *n* (*q*). Optional. 6. CRT coefficient *q*, that is :math:`p^{-1} \text{mod }q`. Optional. Keyword Args: consistency_check (boolean): If ``True``, the library will verify that the provided components fulfil the main RSA properties. Raises: ValueError: when the key being imported fails the most basic RSA validity checks. Returns: An RSA key object (:class:`RsaKey`). ceZdZdS)construct..InputCompsN)rrrrpr5r3 InputCompsrDs r5rrrrrr rrFrTz2Unable to compute factors p and q from exponent d.rzInvalid RSA public exponentz-RSA public exponent is not coprime to moduluszRSA modulus is not oddzInvalid RSA private exponentz.RSA private exponent is not coprime to modulusz RSA factors do not match moduluszRSA factor p is compositezRSA factor q is compositezInvalid RSA conditionzInvalid RSA component uzInvalid RSA component u with p)objectzipr%rrrrmrrrrrWrr#rrJr?rrr8)rsa_componentsconsistency_checkr input_compscompr2rrkeyrrrktottspottedakcandrphirs r3rrs1R     V   *,,K;^LL33 u T75>>2222 A A ; $ $33qA M ; $ $'  A AA q519DAa%1**aa%1**G A !c''AJJ$hhq!Q<>!   ! !LMM M1u 7566 6 ??   GAvva !?@@@qzz~~a  A%% !QRRR1uzz !CDDD"1%%22 !<==="1%%22 !<===q5QU#C!a%QU+++CAC Q&& !8999sC   G66Q!VV$%>???EAI!##$%EFFF Jr5ct|dd}|ddkrtdt|ddt |d|d gzS) N T nr_elementsonly_ints_expectedrz(No PKCS#1 encoding of an RSA private keyr )r decoder#rrrJencodedr-ders r3_import_pkcs1_privatersx --  wA$  O OC 1v{{CDDD S1XQ!8!8Q!@!@ AA B BBr5cht|dd}t|S)NrTr )r rrrs r3_import_pkcs1_publicrs. --  wA$  O OC S>>r5ctdf}t|\}}}||vs|tdt|S)N1.2.840.113549.1.1.10zNo RSA subjectPublicKeyInfo)rrr#r)rr-oidsalgoid encoded_keyparamss r3_import_subjectPublicKeyInforsN ( )D"A'"J"JFK TV/6777  , ,,r5c>t|}t|Sr7)rr)rr-sp_infos r3_import_x509_certrs.w77G ' 0 00r5cddlm}tdf}|||}|d|vrt dt |d|S)NrrrzNo PKCS#8 encoded RSA keyr )rrrunwrapr#_import_keyDER)rrrrrs r3 _import_pkcs8r#sd###### ( )D Wj))At44555 !A$ + ++r5ctttttf}|D] } |||cS#t $rYwxYwt d)z@Import an RSA key (public or private half), encoded in DER form.RSA key format is not supported)rrrrr#r#) extern_keyr decodingsdecodings r3r"r"sy'%-"  I  8J 33 3 3 3    D  6 7 77s 4 AAc~ddlm}m}m}m}|||\}}|dkrt d||\}}||\} }||\} }||\} }||\} }||\} }||\}}||d|| | | | | fD}t |S)Nr )import_openssh_private_generic read_bytes read_string check_paddingzssh-rsazThis SSH key is not RSAc6g|]}tj|Srp)r from_bytesrs r3rz/_import_openssh_private_rsa.. s# B B BqW  " " B B Br5)_opensshr*r+r,r-r#r)datapasswordr*r+r,r-ssh_name decryptedrrriqmprrrpaddedbuilds r3_import_openssh_private_rsar8s@CCCCCCCCCCCC98xHHHi92333:i((LAy:i((LAy:i((LAy j++OD):i((LAy:i((LAy I&&IAvM& B BQ1aD,A B B BE U  r5c"ddlm}t|}|t|}|dr;t |}|||\}}}t ||}|S|dr;|t ||\}}}|rd}t||S|drtj | dd} g} t| d krctj d | dd d} | | d d | z| d | zd} t| d kctj| d} tj| d } t#| | gSt|dkr)t%|dd krt||St'd )aImport an RSA key (public or private). Args: extern_key (string or byte string): The RSA key to import. The following formats are supported for an RSA **public key**: - X.509 certificate (binary or PEM format) - X.509 ``subjectPublicKeyInfo`` DER SEQUENCE (binary or PEM encoding) - `PKCS#1`_ ``RSAPublicKey`` DER SEQUENCE (binary or PEM encoding) - An OpenSSH line (e.g. the content of ``~/.ssh/id_ecdsa``, ASCII) The following formats are supported for an RSA **private key**: - PKCS#1 ``RSAPrivateKey`` DER SEQUENCE (binary or PEM encoding) - `PKCS#8`_ ``PrivateKeyInfo`` or ``EncryptedPrivateKeyInfo`` DER SEQUENCE (binary or PEM encoding) - OpenSSH (text format, introduced in `OpenSSH 6.5`_) For details about the PEM encoding, see `RFC1421`_/`RFC1423`_. passphrase (string or byte string): For private keys only, the pass phrase that encrypts the key. Returns: An RSA key object (:class:`RsaKey`). Raises: ValueError/IndexError/TypeError: When the given key cannot be parsed (possibly because the pass phrase is wrong). .. _RFC1421: http://www.ietf.org/rfc/rfc1421.txt .. _RFC1423: http://www.ietf.org/rfc/rfc1423.txt .. _`PKCS#1`: http://www.ietf.org/rfc/rfc3447.txt .. _`PKCS#8`: http://www.ietf.org/rfc/rfc5208.txt .. _`OpenSSH 6.5`: https://flak.tedunangst.com/post/new-openssh-key-format-and-bcrypt-pbkdf rrNs-----BEGIN OPENSSH PRIVATE KEYs-----r r r rr0r%)rrr startswithr rr8r"r a2b_base64splitrrunpackappendrr/rr r#)r&rr text_encodedopenssh_encodedmarkerenc_flagrgrrrlengthrrs r3rr sR"!!!!!$$JZ(( >??Z(( ,/JJ|Z,P,P),_jII X&&/"%**U:->-> "K"Kfh  Jc:...[)) !' (8(8(>(>q(ABB )nnq  ]42A277:F OOIaF l3 4 4 4!!f*++.I)nnq    x{ + +  x{ + +!Q    :tJqM22d::j*555 6 7 77r5z1.2.840.113549.1.1.1)Nr)Tr7)&__all__rr CryptodomerCryptodome.Util.py3compatr r r Cryptodome.Util.asn1r r Cryptodome.Util.numberrCryptodome.Math.NumbersrCryptodome.Math.PrimalityrrrCryptodome.PublicKeyrrrrrrrrrrrr#r"r8r importKeyrrpr5r3rOs @    ::::::::::55555555000000++++++GGGGGGGGGG@@@@@@@@@@ R"R"R"R"R"VR"R"R"j O0O0O0O0dMMMM`CCC(---111 ,,,888$0L8L8L8L8`  r5