ff?ddlmZddlmZmZmZmZddlmZm Z ddl m Z m Z m Z mZmZmZddlmZmZmZmZddlmZmZmZdZdZd Zd Zd Zd Zd Z dZ!dZ"dZ#dZ$dZ%dZ&dZ'dZ(dZ)Gdde*Z+Gdde,Z-Gdde,Z.dS))Random) DerSequenceDerOctetString DerObjectId DerInteger)padunpad)MD5SHA1SHA224SHA256SHA384SHA512)DESARC2DES3AES)PBKDF1PBKDF2scryptz1.2.840.113549.1.5.3z1.2.840.113549.1.5.6z1.2.840.113549.1.5.10z1.2.840.113549.1.5.11z1.2.840.113549.1.5.13z1.2.840.113549.1.5.12z1.3.6.1.4.1.11591.4.111.2.840.113549.2.7z1.2.840.113549.2.8z1.2.840.113549.2.9z1.2.840.113549.2.10z1.2.840.113549.2.11z1.2.840.113549.3.7z2.16.840.1.101.3.4.1.2z2.16.840.1.101.3.4.1.22z2.16.840.1.101.3.4.1.42ceZdZdS) PbesErrorN)__name__ __module__ __qualname__q/builddir/build/BUILD/imunify360-venv-2.3.5/opt/imunify360/venv/lib64/python3.11/site-packages/Crypto/IO/_PBES.pyrrCsDrrc(eZdZdZedZdS)PBES1zDeprecated encryption scheme with password-based key derivation (originally defined in PKCS#5 v1.5, but still present in `v2.0`__). .. __: http://www.ietf.org/rfc/rfc2898.txt ct|}t|d}t|dj}t |dj}i}|t krt}t}ng|tkrt}t}d|d<nH|tkrt}t}n.|tkrt}t}d|d<ntdt|dd} t| dj} | d} t|| d| |} | d d | d d }} |j| |j|fi|}||}t'||jS) axDecrypt a piece of data using a passphrase and *PBES1*. The algorithm to use is automatically detected. :Parameters: data : byte string The piece of data to decrypt. passphrase : byte string The passphrase to use for decrypting the data. :Returns: The decrypted data, as a binary string. r@effective_keylenzUnknown OID for PBES1 nr_elementsN)rdecoderpayloadrvalue_OID_PBE_WITH_MD5_AND_DES_CBCr r_OID_PBE_WITH_MD5_AND_RC2_CBCr_OID_PBE_WITH_SHA1_AND_DES_CBCr _OID_PBE_WITH_SHA1_AND_RC2_CBCrrnewMODE_CBCdecryptr block_size)data passphraseenc_private_key_infoencrypted_algorithmencrypted_datapbe_oid cipher_paramshashmod ciphermod pbe_paramssalt iterationskey_ivkeyivcipherpts rr4z PBES1.decryptys +}}33D99)mm223G3JKK'))001Ea1HIIQ--&&':1'=>>D 3 3 3GII 5 5 5GI02M, - - 6 6 6GII 6 6 6GI02M, - -344 4 ]]))*=a*@a)PP &&z!}55=]  D"j'BB!*fQRRjRsI$6LLmLL ^^N + +R*+++rN)rrr__doc__ staticmethodr4rrrr!r!rs9 2,2,\2,2,2,rr!c@eZdZdZeddZedZdS)PBES2zEncryption scheme with password-based key derivation (defined in `PKCS#5 v2.0`__). .. __: http://www.ietf.org/rfc/rfc2898.txt.Nc |i}|tjj}|dkrd}t}tj}t }nr|dvrd}t }t j}t}nQ|dvrd}t }t j}t}n0|dvrd}t }t j}t}ntd ||j } || d d } | d ru| d d} t|| || } tt!t"tt%| t'| gg} n| d d} | dd }| dd}t)|| || ||} tt!t*tt%| t'| t'|t'|gg} || || }|t/||j }tt!|t%| g}ttt!t0t| |ggt%|g}|S)a Encrypt a piece of data using a passphrase and *PBES2*. :Parameters: data : byte string The piece of data to encrypt. passphrase : byte string The passphrase to use for encrypting the data. protection : string The identifier of the encryption algorithm to use. The default value is '``PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC``'. prot_params : dictionary Parameters of the protection algorithm. +------------------+-----------------------------------------------+ | Key | Description | +==================+===============================================+ | iteration_count | The KDF algorithm is repeated several times to| | | slow down brute force attacks on passwords | | | (called *N* or CPU/memory cost in scrypt). | | | | | | The default value for PBKDF2 is 1 000. | | | The default value for scrypt is 16 384. | +------------------+-----------------------------------------------+ | salt_size | Salt is used to thwart dictionary and rainbow | | | attacks on passwords. The default value is 8 | | | bytes. | +------------------+-----------------------------------------------+ | block_size | *(scrypt only)* Memory-cost (r). The default | | | value is 8. | +------------------+-----------------------------------------------+ | parallelization | *(scrypt only)* CPU-cost (p). The default | | | value is 1. | +------------------+-----------------------------------------------+ randfunc : callable Random number generation function; it should accept a single integer N and return a string of random data, N bytes long. If not specified, a new RNG will be instantiated from ``Crypto.Random``. :Returns: The encrypted data, as a binary string. Nz"PBKDF2WithHMAC-SHA1AndDES-EDE3-CBC)z PBKDF2WithHMAC-SHA1AndAES128-CBCzscryptAndAES128-CBCr))z PBKDF2WithHMAC-SHA1AndAES192-CBCzscryptAndAES192-CBC)z PBKDF2WithHMAC-SHA1AndAES256-CBCzscryptAndAES256-CBC zUnknown PBES2 mode salt_sizer*riteration_countii@r5parallelizationr#)rr2readrr3_OID_DES_EDE3_CBCr_OID_AES128_CBC_OID_AES192_CBC_OID_AES256_CBC ValueErrorr5get startswithrrr _OID_PBKDF2rrr _OID_SCRYPTencryptr _OID_PBES2encode)r6r7 protection prot_paramsrandfunckey_sizemodule cipher_modeenc_oidrDr@countrCkdf_infoscrypt_rscrypt_prEr:enc_infor8s rr[z PBES2.encrypts^  K  z||(H = = =HF-K'GG '''HF,K%GG '''HF,K%GG '''HF,K%GG122 2Xf' ( (x  Q7788   * * OO$5t< * * , $**,,,rc t|d}t|d}t|dj}t |dj}|t krtdt|dd}t|dd}t |dj}d} |tkrt|dd} t| dj} | d} t| dz } d}| dkr' | |dz } | dz} |dz }n#t$rYnwxYwd}| dkrSt| |}t |dj}n|tkrt|dd tdj} fd d D\} }}td kr d } nd} ntd t|d}t |dj}|tkr t}d}nN|tkr t}d}n9|t kr t}d}n$|t"kr t}d}ntd| r| |krtdt|dj}|tkr|t$krt&}n^|t(krt*}nK|t,krt.}n8|t0krt2}n%|t4krt6}ntd|zt9|| || |}nt;|| || ||}|||j|}| |}tC||j"S)axDecrypt a piece of data using a passphrase and *PBES2*. The algorithm to use is automatically detected. :Parameters: data : byte string The piece of data to decrypt. passphrase : byte string The passphrase to use for decrypting the data. :Returns: The decrypted data, as a binary string. r&r'rr#zNot a PBES2 objectN)r&r)rlc g|] }| Srr).0x scrypt_paramss r z!PBES2.decrypt..us53G3G3G784A3C3G3G3Gr)r#r&rkrlzUnsupported PBES2 KDFrLr)rMzUnsupported PBES2 cipherz9Mismatch between PBES2 KDF parameters and selected cipherzUnsupported HMAC %s)hmac_hash_module)#rr+rr,rr-r\rrYlen TypeErrorrZrRrrSrrTrU_OID_HMAC_SHA1r _OID_HMAC_SHA224r _OID_HMAC_SHA256r _OID_HMAC_SHA384r_OID_HMAC_SHA512rrrr2r3r4r r5)r6r7r8enc_algor:r; pbes2_paramsrfkdf_oidkdf_key_length pbkdf2_paramsr@rOleftidxpbkdf2_prf_oidpbkdf2_prf_algo_idrgrhrirdr>raIVrsrCrErFrqs @rr4z PBES2.decrypt:s +}}33Da3HH==''(rsD +*******AAAAAAAAAAAAAAAA............6666666666 6 6!8!8 $ % & %''(((*++        ^:,:,:,:,:,F:,:,:,zD,D,D,D,D,FD,D,D,D,D,r