U 6d@sdZddlmZddlmZddlmZddlmZddl m Z ddl Z ddl Z ddl mZdd l mZdd lmZd Zd Zd ZdZe ZddZGdddejZGdddejejZdS)zPure-Python RSA cryptography implementation. Uses the ``rsa``, ``pyasn1`` and ``pyasn1_modules`` packages to parse PEM files storing PKCS#1 or PKCS#8 keys as well as certificates. There is no support for p12 files. )absolute_import)decoder)pem) Certificate)PrivateKeyInfoN)_helpers) exceptions)base)@ s-----BEGIN CERTIFICATE-----)z-----BEGIN RSA PRIVATE KEY-----z-----END RSA PRIVATE KEY-----)z-----BEGIN PRIVATE KEY-----z-----END PRIVATE KEY-----cCsbt|}t}tjd|dD]:}|||d}tddtjt|D}||qt |S)zConverts an iterable of 1s and 0s to bytes. Combines the list 8 at a time, treating each group of 8 bits as a single byte. Args: bit_list (Sequence): Sequence of 1s and 0s. Returns: bytes: The decoded bytes. rrcss|]\}}||VqdSN).0valdigitrrA/tmp/pip-unpacked-wheel-h3lf9jv9/google/auth/crypt/_python_rsa.py :sz%_bit_list_to_bytes..) len bytearraysixmovesxrangesumzip_POW2appendbytes)Zbit_listZnum_bitsZ byte_valsstartZ curr_bitschar_valrrr_bit_list_to_bytes*s  r%c@s8eZdZdZddZeejddZ e ddZ dS) RSAVerifierzVerifies RSA cryptographic signatures using public keys. Args: public_key (rsa.key.PublicKey): The public key used to verify signatures. cCs ||_dSr)_pubkey)self public_keyrrr__init__GszRSAVerifier.__init__c CsBt|}ztj|||jWSttjjfk r<YdSXdS)NF)rto_bytesrsapkcs1verifyr' ValueErrorZVerificationError)r(message signaturerrrr.Js  zRSAVerifier.verifyc Cst|}t|k}|rttj|d}tj|td\}}|dkrLt d||dd}t |d}tj |d}ntj |d }||S) aConstruct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: google.auth.crypt._python_rsa.RSAVerifier: The constructed verifier. Raises: ValueError: If the public_key can't be parsed. CERTIFICATEZasn1Spec Unused bytesZtbsCertificateZsubjectPublicKeyInfoZsubjectPublicKeyDERZPEM)rr+_CERTIFICATE_MARKERr,rZload_pemrdecoderr InvalidValuer%Z PublicKey load_pkcs1) clsr)Z is_x509_certZderZ asn1_cert remainingZ cert_info key_bytesZpubkeyrrr from_stringRs    zRSAVerifier.from_stringN) __name__ __module__ __qualname____doc__r*rcopy_docstringr Verifierr. classmethodr>rrrrr&?s   r&c@sTeZdZdZd ddZeeej ddZ eej ddZ e d d d Z dS) RSASignera?Signs messages with an RSA private key. Args: private_key (rsa.key.PrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. NcCs||_||_dSr)_key_key_id)r( private_keykey_idrrrr*}szRSASigner.__init__cCs|jSr)rH)r(rrrrJszRSASigner.key_idcCst|}tj||jdS)NzSHA-256)rr+r,r-signrG)r(r0rrrrKs zRSASigner.signc Cst|}tt|tt\}}|dkr>tj j j |dd}nZ|dkrt j |td\}}|dkrltd||d}tj j j |dd}n td |||d S) aConstruct an Signer instance from a private key in PEM format. Args: key (str): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed as PKCS#1 or PKCS#8 in PEM format. rr6)formatrr3r4r5Z privateKeyzNo key could be detected.)rJ)r from_bytesrZreadPemBlocksFromFilerStringIO _PKCS1_MARKER _PKCS8_MARKERr,keyZ PrivateKeyr:rr8 _PKCS8_SPECrr9ZgetComponentByNameZasOctetsZMalformedError) r;rQrJZ marker_idr=rIZkey_infor<Zprivate_key_inforrrr>s&    zRSASigner.from_string)N)N)r?r@rArBr*propertyrrCr SignerrJrKrEr>rrrrrFss     rF)rB __future__rZpyasn1.codec.derrZpyasn1_modulesrZpyasn1_modules.rfc2459rZpyasn1_modules.rfc5208rr,rZ google.authrrZgoogle.auth.cryptr r r7rOrPrRr%rDr&rTZFromServiceAccountMixinrFrrrrs$        4