U /j[@sdZddlmZddlZddlZddlmZddlmZddl m Z ddl m Z ddl Z ddlmZdd lmZdd lmZd Zd Zd ZdZe ZdZddZGdddejZGdddejejZdS)zPure-Python RSA cryptography implementation. Uses the ``rsa``, ``pyasn1`` and ``pyasn1_modules`` packages to parse PEM files storing PKCS#1 or PKCS#8 keys as well as certificates. There is no support for p12 files. )absolute_importN)decoder)pem) Certificate)PrivateKeyInfo)_helpers) exceptions)base)@ s-----BEGIN CERTIFICATE-----)z-----BEGIN RSA PRIVATE KEY-----z-----END RSA PRIVATE KEY-----)z-----BEGIN PRIVATE KEY-----z-----END PRIVATE KEY-----zjThe 'rsa' library is deprecated and will be removed in a future release. Please migrate to 'cryptography'.cCsZt|}t}td|dD]6}|||d}tddtt|D}||qt|S)zConverts an iterable of 1s and 0s to bytes. Combines the list 8 at a time, treating each group of 8 bits as a single byte. Args: bit_list (Sequence): Sequence of 1s and 0s. Returns: bytes: The decoded bytes. rrcss|]\}}||VqdSN).0valdigitrrA/tmp/pip-unpacked-wheel-l8yytoim/google/auth/crypt/_python_rsa.py Asz%_bit_list_to_bytes..)len bytearrayrangesumzip_POW2appendbytes)Zbit_listZnum_bitsZ byte_valsstartZ curr_bitschar_valrrr_bit_list_to_bytes1s  r#c@s8eZdZdZddZeejddZ e ddZ dS) RSAVerifieraVerifies RSA cryptographic signatures using public keys. .. deprecated:: The `rsa` library has been archived. Please migrate to `cryptography`. Args: public_key (rsa.key.PublicKey): The public key used to verify signatures. cCstjttdd||_dSNr)category stacklevel)warningswarn _warning_msgDeprecationWarning_pubkey)self public_keyrrr__init__Rs zRSAVerifier.__init__c CsBt|}ztj|||jWSttjjfk r<YdSXdS)NF)rto_bytesrsapkcs1verifyr, ValueErrorZVerificationError)r-message signaturerrrr3Zs  zRSAVerifier.verifyc Cst|}t|k}|rttj|d}tj|td\}}|dkrLt d||dd}t |d}tj |d}ntj |d }||S) aConstruct an Verifier instance from a public key or public certificate string. Args: public_key (Union[str, bytes]): The public key in PEM format or the x509 public key certificate. Returns: google.auth.crypt._python_rsa.RSAVerifier: The constructed verifier. Raises: ValueError: If the public_key can't be parsed. CERTIFICATEZasn1Spec Unused bytesZtbsCertificateZsubjectPublicKeyInfoZsubjectPublicKeyDERZPEM)rr0_CERTIFICATE_MARKERr1rZload_pemrdecoderr InvalidValuer#Z PublicKey load_pkcs1) clsr.Z is_x509_certZderZ asn1_cert remainingZ cert_info key_bytesZpubkeyrrr from_stringbs    zRSAVerifier.from_stringN) __name__ __module__ __qualname____doc__r/rcopy_docstringr Verifierr3 classmethodrCrrrrr$Fs    r$c@sTeZdZdZd ddZeeej ddZ eej ddZ e d d d Z dS) RSASigneraSigns messages with an RSA private key. .. deprecated:: The `rsa` library has been archived. Please migrate to `cryptography`. Args: private_key (rsa.key.PrivateKey): The private key to sign with. key_id (str): Optional key ID used to identify this private key. This can be useful to associate the private key with its associated public key or certificate. NcCs tjttdd||_||_dSr%)r(r)r*r+_key_key_id)r- private_keykey_idrrrr/szRSASigner.__init__cCs|jSr)rM)r-rrrrOszRSASigner.key_idcCst|}tj||jdS)NzSHA-256)rr0r1r2signrL)r-r5rrrrPs zRSASigner.signc Cst|}tt|tt\}}|dkr>tj j j |dd}nZ|dkrt j |td\}}|dkrltd||d}tj j j |dd}n td |||d S) aConstruct an Signer instance from a private key in PEM format. Args: key (str): Private key in PEM format. key_id (str): An optional key id used to identify the private key. Returns: google.auth.crypt.Signer: The constructed signer. Raises: ValueError: If the key cannot be parsed as PKCS#1 or PKCS#8 in PEM format. rr;)formatrr8r9r:Z privateKeyzNo key could be detected.)rO)r from_bytesrZreadPemBlocksFromFileioStringIO _PKCS1_MARKER _PKCS8_MARKERr1keyZ PrivateKeyr?rr= _PKCS8_SPECrr>ZgetComponentByNameZasOctetsZMalformedError) r@rWrOZ marker_idrBrNZkey_inforAZprivate_key_inforrrrCs&    zRSASigner.from_string)N)N)rDrErFrGr/propertyrrHr SignerrOrPrJrCrrrrrKs     rK)rG __future__rrSr(Zpyasn1.codec.derrZpyasn1_modulesrZpyasn1_modules.rfc2459rZpyasn1_modules.rfc5208rr1Z google.authrrZgoogle.auth.cryptr rr<rUrVrXr*r#rIr$rZZFromServiceAccountMixinrKrrrrs*        =