| Server IP : 85.193.89.191 / Your IP : 3.143.25.80 Web Server : Apache System : Linux 956367-cx40159.tmweb.ru 3.10.0-1160.105.1.el7.x86_64 #1 SMP Thu Dec 7 15:39:45 UTC 2023 x86_64 User : bitrix ( 600) PHP Version : 8.1.27 Disable Function : NONE MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /proc/979/cwd/lib/python2.7/site-packages/keyczar/ |
Upload File : |
�
N�Pc�����������@���s���d��Z��d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l�Z�d�d�l �Z �d�d�l
�Z
�d�Z
�d�Z
�d�Z
�d�e
�Z�d�e�f�d�������YZ�d �e�f�d
�������YZ�d
�e�f�d
�������YZ�d
�e�f�d�������YZ�d�e�f�d�������YZ�d�e�f�d�������YZ�d�e�f�d�������YZ�d�e�f�d�������YZ�d�Z�d�e�f�d�������YZ�d�e�f�d�������YZ�d
�e�f�d
�������YZ�d
�e�f�d �������YZ
�d �e�f�d!�������YZ
�d�S("���s����
Collection of all Keyczar classes used to perform cryptographic functions:
encrypt, decrypt, sign and verify.
@author: arkajit.dey@gmail.com (Arkajit Dey)
i����Ni����t����i���i���t���Keyczarc�����������B���s����e��Z�d��Z�e�j�Z�d����Z�e�d����d�d��Z�e�d����d�d��Z �d����Z
�d����Z
�e
�d ������Z
�d
����Z�d
����Z�d
����Z�RS(
���s
���Abstract Keyczar base class.c���������C���s<��t��j�j�|�j������|��_�i��|��_�d��|��_�|��j�j�j �|��_ �|��j
�|��j�j
���sp�t
�j
�d�|��j�j
�����n��|��j�j�r��t�|�t�j���
r��t
�j
�d�����n��x��|��j�j�D]��}�|�j�t�j�k�r��|��j�d��k �r��t
�j
�d�����n��|�|��_�n��t�j�|��j�j�|�j�|�j�����}�|�|��j�|�<|�|��j�|�j�<q��Wd��S(���Ns���Unacceptable purpose: %ss���Need encrypted reader.s/���Key sets may only have a single primary version(���t���keydatat
���KeyMetadatat���Readt
���GetMetadatat���metadatat���_keyst���Nonet���primary_versiont���typet
���default_sizet���IsAcceptablePurposet���purposet���errorst
���KeyczarErrort ���encryptedt
���isinstancet���readerst���EncryptedReadert���versionst���statust���keyinfot���PRIMARYt���keyst���ReadKeyt���GetKeyt���version_numbert���hash_id(���t���selft���readert���versiont���key(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���__init__-���s(����
c���������C���s2���g��|��j��j����D]
�}�t�|�t�j���r�|�^�q�S(���N(���R���R���R���R���t
���KeyVersion(���R
���t���k(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���<lambda>F���s���t���docs
���List of versions in key set.c���������C���s���|��j��|��j���S(���N(���R���R ���(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR$���I���s����s!���The primary key for this key set.c���������C���s
���t��|��j���S(���N(���t���strR���(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���__str__L���s����c���������C���sH���t��|�d���}�|�t�k�r.�t�j�|�����n��|��j�t�j�|�d� ����S(���s���
Parse the header and verify version, format info. Return key if exists.
@param header: the bytes of the header of Keyczar output
@type header: string
@return: the key identified by the hash in the header
@rtype: L{keys.Key}
@raise BadVersionError: if header specifies an illegal version
@raise KeyNotFoundError: if key specified in header doesn't exist
i����i���(���t���ordt���VERSIONR���t���BadVersionErrorR���t���utilt���Base64WSEncode(���R
���t���headerR ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt
���_ParseHeaderO���s����
c���������C���s���t��t�j�|������S(���s
��
Return a Keyczar object created from FileReader at given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: a Keyczar to manage the keys stored at the given location
@rtype: L{Keyczar}
(���R���R���t
���CreateReader(���t���location(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���a���s����
c���������C���s���d�S(���s4���Indicates whether purpose is valid. Abstract method.N(����(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
���n���s����c���������C���s6���y�|��j��|�SWn �t�k
�r1�t�j�|�����n�Xd�S(���sx��
Returns the key associated with the given key_id, a hash or a version.
@param key_id: Either the hash identifier of the key or its version.
@type key_id: string or L{keydata.KeyVersion}
@return: key associated with this key_id or None if key_id doesn't exist.
@rtype: L{keys.Key}
@raise KeyNotFoundError: if key with given key_id doesn't exist
N(���R���t���KeyErrorR���t���KeyNotFoundError(���R
���t���key_id(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���q���s����
c���������C���s/���|�|��j��|�<|��j��|�j�<|��j�j�|���d��S(���N(���R���R
���R���t
���AddVersion(���R
���R ���R ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���_AddKey����s����(���t���__name__t
���__module__t���__doc__R+���t���ABCMetat
���__metaclass__R!���t���propertyR���t
���primary_keyR'���R.���t
���staticmethodR���R
���R���R5���(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���(���s���
t���GenericKeyczarc�����������B���se���e��Z�d��Z�e�d������Z�d����Z�d �d���Z�d����Z�d����Z �d����Z
�d �d���Z
�d �d���Z
�RS(
���s���To be used by Keyczart.c���������C���s���t��t�j�|������S(���sB���Return a GenericKeyczar created from FileReader at given location.(���R>���R���R/���(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s����c���������C���s���t��S(���s
���All purposes ok for Keyczart.(���t���True(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
�������s����c���������C���sX��|�d�k�r�|��j�}�n��|��j�j�j�|���sC�t�j�d�|�����n��d�}�x,�|��j�D]!�}�|�|�j�k��rS�|�j�}�qS�qS�Wt �j
�|�d�|�t
���}�|�t
�j
�k�r��|��j�d�k �r��t
�j�|��j�_�n��|�|��_�n��|�|��j�k��r�d�|�|��j�t�|��j�j���f�GHn��xA�t�rCt�j�|��j�j�|���}�|��j�j�|�j���d�k�rPqqW|��j�|�|���d�S(���sY��
Adds a new key version with given status to key set.
Generates a new key of same type (repeated until hash identifier is unique)
for this version. Uses supplied key size (if provided) in lieu of the
default key size. If this is an unacceptable key size, raises an error. Uses
next available version number.
@param status: the status of the new key to be added
@type status: L{keyinfo.KeyStatus}
@param size: size of key in bits, uses default size if not provided.
@type size: integer
@raise KeyczarError: if either key type or key size is unsupported.
s
���Unsupported key size %d bits.i����i���sY���WARNING: %d-bit key size is less than recommended default keysize of %d bits for %s keys.N(���R���R
���R���R
���t
���IsValidSizeR���R���R���R���R���R"���t���FalseR���R���R ���t���ACTIVER���R&���R?���R���t���GenKeyR���t���getR
���R5���(���R
���R���t���sizet���max_version_numberR ���R ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR4�������s*����
! c���������C���s����|��j��j�|���}�|�j�t�j�k�r6�t�j�d�����nl�|�j�t�j�k�r��t�j�|�_�|��j�d�k �ru�t�j�|��j�_�n��|�|��_�n!�|�j�t�j
�k�r��t�j�|�_�n��d�S(���sG��
Promotes the status of key with given version number.
Promoting ACTIVE key automatically demotes current PRIMARY key to ACTIVE.
@param version_number: the version number to promote
@type version_number: integer
@raise KeyczarError: if invalid version number or trying to promote
a primary key
s
���Can't promote a primary key.N(
���R���t
���GetVersionR���R���R���R���R���RB���R ���R���t���INACTIVE(���R
���R���R ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���Promote����s����
c���������C���s����|��j��j�|���}�|�j�t�j�k�r<�t�j�|�_�d�|��_�nE�|�j�t�j�k�r]�t�j�|�_�n$�|�j�t�j�k�r��t �j
�d�����n��d�S(���sU��
Demotes the status of key with given version number.
Demoting PRIMARY key results in a key set with no primary version.
@param version_number: the version number to demote
@type version_number: integer
@raise KeyczarError: if invalid version number or trying to demote an
inactive key, use L{Revoke} instead.
s*���Can't demote an inactive key, only revoke.N(
���R���RG���R���R���R���RB���R���R ���RH���R���R���(���R
���R���R ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���Demote����s����
c���������C���sJ���|��j��j�|���}�|�j�t�j�k�r7�|��j��j�|���n�t�j�d�����d�S(���s����
Revokes the key with given version number if scheduled to be revoked.
@param version_number: integer version number to revoke
@type version_number: integer
@raise KeyczarError: if invalid version number or key is not inactive.
s!���Can't revoke key if not inactive.N(���R���RG���R���R���RH���t
���RemoveVersionR���R���(���R
���R���R ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���Revoke����s���� c���������C���s���|��j��}�d�}�|�j�t�j�k�rT�|�j�t�j�k�rT�t�j�|�j �t�j
�t�j
���}�n{�|�j�t�j
�k�r��|�j�t�j
�k�r��t�j�|�j �t�j�t�j���}�q��|�j�t�j�k�r��t�j�|�j �t�j
�t�j���}�q��n��|�d�k�r��t�j�d�����n��xz�|��j�D]o�}�|�j�|���|��j�|���j�}�|�r8|�j�|�j�|���q��t�j�t�|���t�j
�j
�|�t�|�j�������q��W|�r||�|�_
�n%�t�j�t�|���t�j
�j
�|�d�����d�S(���sC���Export the public keys corresponding to our key set to destination.s���Cannot export public keyt���metaN( ���R���R���R
���R���t���DSA_PRIVR
���t���SIGN_AND_VERIFYR���R���t���namet���VERIFYt���DSA_PUBt���RSA_PRIVt���DECRYPT_AND_ENCRYPTt���ENCRYPTt���RSA_PUBR���R���R���R4���R���t
���public_keyt ���SetPubKeyR���R+���t ���WriteFileR&���t���ost���patht���joint���pubkmd(���R
���t���destt���mockt���kmdR]���t���vt���pubkey(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���PublicKeyExport����s(���� $!!$
2
c���������C���s����t��|�t���r1�t�j�|���}�t�j�d�t���n��|�d�k �|��j�_ �|�j
�|��j���x0�|��j
�D]%�}�|�j
�|��j
�|���|�j�|���q]�Wd�S(���s'��
Write this key set to the specified location.
@param writer: where to write the key set
@type writer: Writer or file path (deprecated)
@param encrypter: which encryption to use for this key set. Use None to
write an unencrypted key set.
@type encrypter: Encrypter
sD���Using a string as the writer is deprecated. Use writers.CreateWriterN(���R���t
���basestringt���writerst
���CreateWritert���warningst���warnt���DeprecationWarningR���R���R���t
���WriteMetadataR���t���WriteKeyR���R���(���R
���t���writert ���encrypterRa���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���Write��s����
N(
���R6���R7���R8���R=���R���R
���R���R4���RI���RJ���RL���Rc���Rn���(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR>�������s���
1
t ���Encrypterc�����������B���sD���e��Z�d��Z�e�d������Z�d����Z�e�j�d���Z�e�j �d���Z
�RS(���s���Capable of encrypting only.c���������C���s���t��t�j�|������S(���s<��
Return an Encrypter object created from FileReader at given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: an Encrypter to manage the keys stored at the given location and
perform encryption functions.
@rtype: L{Encrypter}
(���Ro���R���R/���(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���0��s����
c���������C���s
���|�t��j�k�p�|�t��j�k�S(���s*���Only valid if purpose includes encrypting.(���R���RU���RT���(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
���>��s����c���������C���sG���|��j��}�|�d�k�r$�t�j������n��|�j�|���}�|�rC�|�|���S|�S(���s���
Encrypt the data and return the ciphertext.
@param data: message to encrypt
@type data: string
@param encoder: function to perform final encoding. Defaults to Base64, use
None for no encoding.
@type encoder: function
@return: ciphertext, by default Base64 encoded
@rtype: string
@raise NoPrimaryKeyError: if no primary key can be found to encrypt
N(���R<���R���R���t���NoPrimaryKeyErrort���Encrypt(���R
���t���datat���encodert���encrypting_keyt
���ciphertext(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyRq���B��s
����
c���������C���sO���|��j��}�|�d�k�r$�t�j������n��|�r9�|�|���}�n�|�}�t�j�|�|���S(���s
��
Create an encrypting stream capable of writing a ciphertext byte stream
containing Header|IV|Ciph|Sig.
@param output_stream: target stream for encrypted output
@type output_stream: 'file-like' object
@param encoder: the encoding stream to use on the ciphertext stream.
Defaults to base64 encoding with no padding or line breaks.
Use None for raw bytes.
@type encoder: 'file-like' object
@return: an encrypting stream capable of creating a ciphertext byte stream
@rtype: EncryptingStreamWriter
N(���R<���R���R���Rp���R���t���EncryptingStreamWriter(���R
���t
���output_streamRs���Rt���t���stream(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt
���CreateEncryptingStreamWriterX��s����
(
���R6���R7���R8���R=���R���R
���R+���R,���Rq���t ���IncrementalBase64WSStreamWriterRy���(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyRo���-��s
��� t���Verifierc�����������B���sD���e��Z�d��Z�e�d������Z�d����Z�d����Z�d����Z�d�d���Z �RS(���s���Capable of verifying only.c���������C���s���t��t�j�|������S(���s3��
Return a Verifier object created from FileReader at given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: a Verifier to manage the keys stored at the given location and
perform verify functions.
@rtype: L{Verifier}
(���R{���R���R/���(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���v��s����
c���������C���s
���|�t��j�k�p�|�t��j�k�S(���s)���Only valid if purpose includes verifying.(���R���RQ���RO���(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
������s����c���������C���sT���t��j�|���}�t�|���t�k��r9�t�j�t�|�������n��|��j�|�t� |�t� |���S(���s=��
Verifies whether the signature corresponds to the given data.
@param data: message that has been signed with sig
@type data: string
@param sig: Base64 string formatted as Header|Signature
@type sig: string
@return: True if sig corresponds to data, False otherwise.
@rtype: boolean
(���R+���t���Base64WSDecodet���lent
���HEADER_SIZER���t���ShortSignatureErrort���_Verifier__InternalVerify(���R
���Rr���t���sigt ���sig_bytes(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���Verify���s����
c���������C���sY���t��j�|���}�t��j�|�t���\�}�}�|�|� }�|��j�|�t� |�|�|���rQ�|�Sd�Sd�S(���s.��
Verifies the signature in the signed blob corresponds to the data
in the signed blob and the provided nonce, and returns the data.
@param signed_data: the blob, produced by AttachedSign, containing
data and signature.
@type signed_data: string
@param nonce: Nonce string that was used when the signature was
generated. If the provided value doesn't match, verification will
fail.
@type sig: string
@return: If verification succeeds, the extracted data will be returned,
otherwise, None
@rtype: string
N(���R+���R|���t���UnpackByteArrayR~���R����R���(���R
���t
���signed_datat���noncet
���decoded_dataRr���t���offsett ���signature(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���AttachedVerify���s
����
c���������C���s0���|��j��|���}�|�j�|�t�j�|���t�|���S(���N(���R.���R����R+���t
���PackByteArrayt
���VERSION_BYTE(���R
���R-���R����Rr���R����R ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���__InternalVerify���s����N(
���R6���R7���R8���R=���R���R
���R����R����R���R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR{���s��s
��� t���UnversionedVerifierc�����������B���s/���e��Z�d��Z�e�d������Z�d����Z�d����Z�RS(���s;���Capable of verifying unversioned, standard signatures only.c���������C���s���t��t�j�|������S(���sB��
Return a UnversionedVerifier object created from FileReader at
given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: a Verifier to manage the keys stored at the given location and
perform verify functions.
@rtype: L{Verifier}
(���R����R���t
���FileReader(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR������s����
c���������C���s
���|�t��j�k�p�|�t��j�k�S(���s)���Only valid if purpose includes verifying.(���R���RQ���RO���(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
������s����c���������C���sP���t��j�|���}�x:�|��j�D]/�}�|��j�|�}�|�j�|�|���}�|�r�t�Sq�Wt�S(���s���
Verifies whether the signature corresponds to the given data. This is a
stanard signature (i.e. HMAC-SHA1, RSA-SHA1, DSA-SHA1) that contains no
version information, so this will try to verify with each key in a keyset.
@param data: message that has been signed with sig
@type data: string
@param sig: Base64 string formatted as Header|Signature
@type sig: string
@return: True if sig corresponds to data, False otherwise.
@rtype: boolean
(���R+���R|���R���R���R����R?���RA���(���R
���Rr���R����R����R ���R ���t���result(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s����
(���R6���R7���R8���R=���R���R
���R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s��� t���Crypterc�����������B���sJ���e��Z�d��Z�e�d������Z�d����Z�e�j�d���Z�e�j �e�j
�d���Z
�RS(���s%���Capable of encrypting and decrypting.c���������C���s���t��t�j�|������S(���sC��
Return a Crypter object created from FileReader at given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: a Crypter to manage the keys stored at the given location and
perform encryption and decryption functions.
@rtype: L{Crypter}
(���R����R���R/���(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR������s����
c���������C���s
���|�t��j�k�S(���s)���Only valid if purpose includes decrypting(���R���RT���(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
������s����c���������C���sb���|�r�|�|���n�|�}�t��|���t�k��rB�t�j�t��|�������n��|��j�|�t� ��}�|�j�|���S(���s���
Decrypts the given ciphertext and returns the plaintext.
@param ciphertext: ciphertext to be decrypted - by default is Base64 encoded
@type ciphertext: string
@param decoder: function to perform decoding. Defaults to Base64, use None
for no decoding.
@type encoder: function
@return: plaintext message
@rtype: string
@raise ShortCiphertextError: if length is too short to have Header, IV, Sig
@raise BadVersionError: if header specifies an illegal version
@raise BadFormatError: if header specifies an illegal format
@raise KeyNotFoundError: if key specified in header doesn't exist
@raise InvalidSignatureError: if the signature can't be verified
(���R}���R~���R���t���ShortCiphertextErrorR.���t���Decrypt(���R
���Ru���t���decodert
���data_bytesR ���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR������s
����c���������C���s.���|�r�|�|���}�n�|�}�t��j�|��|�|���S(���s���
Create a decrypting stream capable of processing a ciphertext byte stream
containing Header|IV|Ciph|Sig into plain text.
@param output_stream: target stream for decrypted output
@type output_stream: 'file-like' object
@param decoder: the decoding stream to use on the incoming stream.
Defaults to base64 decoding with no padding or line breaks.
Use None for handling raw bytes.
@type decoder: 'file-like' object
@param buffer_size: Suggested buffer size for writing data (will be adjusted
to suit the underlying cipher.
@type buffer_size: integer
@return: a decrypting stream capable of reading a ciphertext byte stream and
converting it to plaintext output
@rtype: DecryptingStreamReader
(���R���t���DecryptingStreamReader(���R
���Rw���R����t
���buffer_sizeRx���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt
���CreateDecryptingStreamReader��s����(
���R6���R7���R8���R=���R���R
���R+���R|���R����t ���IncrementalBase64WSStreamReadert���DEFAULT_STREAM_BUFF_SIZER����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s
��� t���Signerc�����������B���sD���e��Z�d��Z�e�d������Z�d����Z�d����Z�d����Z�d�d���Z �RS(���s&���Capable of both signing and verifying.c���������C���s���t��t�j�|������S(���s6��
Return a Signer object created from FileReader at given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: a Signer to manage the keys stored at the given location and
perform sign and verify functions.
@rtype: L{Signer}
(���R����R���R/���(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���;��s����
c���������C���s
���|�t��j�k�S(���s'���Only valid if purpose includes signing.(���R���RO���(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
���I��s����c���������C���s#���t��j�|��j�j����|��j�|�����S(���s��
Sign given data and return corresponding signature.
For message M, outputs the signature as Header|Sig(Header.M).
@param data: message to be signed
@type data: string
@return: signature on the data encoded as a Base64 string
@rtype: string
(���R+���R,���R<���t���Headert���_Signer__InternalSign(���R
���Rr���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���SignM��s����
c���������C���s3���t��j�|��j�j����t��j�|���|��j�|�|�����S(���s���
Sign given data and nonce and return a blob containing both data and
signature
For message M, and nonce N, outputs Header|len(M)|M|Sig(Header|M|N).
@param data: message to be signed
@type data: string
@param nonce: nonce to be included in the signature
@type nonce: string
@return: signature on the data encoded as a Base64 string
@rtype: string
(���R+���R,���R<���R����R����R����(���R
���Rr���R����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt
���AttachedSign\��s����c���������C���sB���|��j��}�|�d��k�r$�t�j������n��|�j�|�t�j�|���t���S(���N(���R<���R���R���Rp���R����R+���R����R����(���R
���Rr���R����t
���signing_key(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���__InternalSignq��s����
N(
���R6���R7���R8���R=���R���R
���R����R����R���R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR����8��s
��� t���UnversionedSignerc�����������B���s/���e��Z�d��Z�e�d������Z�d����Z�d����Z�RS(���s����Capable of both signing and verifying. This outputs standard signatures
(i.e. HMAC-SHA1, DSA-SHA1, RSA-SHA1) that contain no key versioning.
c���������C���s���t��t�j�|������S(���sF��
Return an UnversionedSigner object created from FileReader at
given location.
@param location: pathname of the directory storing the key files
@type location: string
@return: a Signer to manage the keys stored at the given location and
perform sign and verify functions.
@rtype: L{Signer}
(���R����R���R����(���R0���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR���|��s����
c���������C���s
���|�t��j�k�S(���s'���Only valid if purpose includes signing.(���R���RO���(���R
���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR
������s����c���������C���s:���|��j��}�|�d�k�r$�t�j������n��t�j�|�j�|�����S(���s@��
Sign given data and return corresponding signature. This signature
contains no header or version information.
For message M, outputs the signature as Sig(M).
@param data: message to be signed
@type data: string
@return: signature on the data encoded as a Base64 string
@rtype: string
N(���R<���R���R���Rp���R+���R,���R����(���R
���Rr���R����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s����
(���R6���R7���R8���R=���R���R
���R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR����w��s��� i���t���_Sessionc�����������B���s����e��Z�d��Z�e�d������Z�e�d������Z�e�d������Z�e�d������Z�e�e �j
�d��������Z
�e�d������Z
�e�d������Z
�e�d������Z�RS( ���s����
A utility object which holds a session key and, optionally, a nonce. This class
is only for use by SessionEncrypter, SessionDecrypter, SignedSessionEncrypter, and
SignedSessionDecrypter.
c�����������C���s"���t��j�t�j�j����t�j�t�����S(���st���
Constructs and returns a new _Session instance, containing a newly-generated
AES key and random nonce.
(���R����t���_Session__CreateR���t���AesKeyt���GenerateR+���t ���RandBytest���SESSION_NONCE_SIZE(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���New���s����c���������C���s����t��j�|����}�t�|���d�k�s'�t���|�d�}�|�d�}�t�j�t��j�|���t�|���d���}�t�j�t��j�|���|�t�|���d�t�j ���}�t
�j
�|�d���S(���s����
Constructs and returns a new _Session instance, initialized with the key data
extracted from the provided packed_key_data, which must have been produced by
_Session.packed_key.
i���i����i���i���N(
���R+���t���UnpackMultipleByteArraysR}���t���AssertionErrorR���t���HmacKeyR,���R����R���t���CBCR����R����R���(���t���packed_key_datat���unpackedt
���aes_key_bytest���hmac_key_bytest���hmac_keyt
���session_key(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt
���LoadPackedKey���s����
%"
c���������C���sK���t��j�|����}�t��j�|�d���}�t�j�t�j�j�|���t�j �|�d�����S(���s����
Constructs and returns a new _Session instance, initialized with the key and nonce
extracted from the provided json_session_data, which must have been produced by
_Session.json.
R ���R����(
���t���jsont���loadst���dumpsR����R����R���R����R���R+���R|���(���t���json_session_datat ���json_dictt���aes_key_string(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���LoadJsonSession���s����c���������C���s ���t�����}�|��|�_�|�|�_�|�S(���sf���
Creates a new _Session instance, with the private fields initialized to the provided values.
(���R����t���_Session__session_keyt���_Session__nonce(���R����R����t���session(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���__Create���s���� c���������C���s
���t��t�j�|��j�t�j�����S(���s`���
Returns a Crypter which can be used to encrypt and decrypt data using the session key.
(���R����R���t���StaticKeyReaderR����R���RT���(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���crypter���s����c���������C���s���|��j��S(���N(���R����(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s����c���������C���s ���t��j�|��j�j�|��j�j�j���S(���sB���
Returns the session key data in a compact binary format.
(���R+���t���PackMultipleByteArraysR����t ���key_bytesR����(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt
���packed_key���s����c���������C���s?���t��j�t�|��j�����}�t��j�i�|�d�6t�j�|��j���d�6��S(���s@���
Returns the session key data and nonce in Json format.
R ���R����(���R����R����R&���R����R����R+���R,���R����(���R
���R����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s����(���R6���R7���R8���R=���R����R����R����R����R;���R+���t���MemoizeR����R����R����R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s���
t���SessionEncrypterc�����������B���s/���e��Z�d��Z�d����Z�e�d������Z�d����Z�RS(���s��
An Encrypter that encrypts the data with a generated AES session key. The session key
is in turn encrypted with a user-provided Encrypter, producing session_material, which
must be provided to the SessionDecrypter to be able to decrypt session-encrypted data.
c���������C���s+���t��j����|��_�|�j�|��j�j���|��_�d��S(���N(���R����R����t���_sessionRq���R����t���_encrypted_session_material(���R
���Rm���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR!������s����c���������C���s���|��j��S(���s����
Returns the base64-encoded, encrypted session blob that must be provided to the
SessionDecrypter in order to decrypt data encrypted by this object.
(���R����(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���session_material��s����c���������C���s���|��j��j�j�|���S(���sc���
Encrypts the given plaintext with the session key and returns the base 64-encoded result.
(���R����R����Rq���(���R
���t ���plaintext(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyRq��� ��s����(���R6���R7���R8���R!���R;���R����Rq���(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR�������s��� t���SessionDecrypterc�����������B���s ���e��Z�d��Z�d����Z�d����Z�RS(���s����
A Decrypter that can decrypt data encrypted with a session key, which is obtained by
decrypting the provided session_material using the provided Crypter.
c���������C���s ���t��j�|�j�|�����|��_�d��S(���N(���R����R����R����R����(���R
���R����R����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR!�����s����c���������C���s���|��j��j�j�|���S(���su���
Decrypts the given base 64-encoded ciphertext with the session key and returns the
decrypted plaintext.
(���R����R����R����(���R
���Ru���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR������s����(���R6���R7���R8���R!���R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR������s��� t���SignedSessionEncrypterc�����������B���s/���e��Z�d��Z�d����Z�e�d������Z�d����Z�RS(���s����
An object that encrypts data with a session key, which is in turn encrypted by the provided
encrypter, and signs the data with the provided signer.
c���������C���s4���t��j����|��_�|�j�|��j�j���|��_�|�|��_�d��S(���N(���R����R����R����Rq���R����R����t���_signer(���R
���Rm���t���signer(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR!���'��s����c���������C���s���|��j��S(���s����
Returns the base64-encoded, encrypted session blob that must be provided to the
SignedSessionDecrypter in order to decrypt data encrypted by this object.
(���R����(���R
���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR����,��s����c���������C���s1���|��j��j�j�|�d����}�|��j�j�|�|��j��j���S(���N(���R����R����Rq���R���R����R����R����(���R
���R����Ru���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyRq���4��s����(���R6���R7���R8���R!���R;���R����Rq���(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR����!��s��� t���SignedSessionDecrypterc�����������B���s ���e��Z�d��Z�d����Z�d����Z�RS(���sp���
An object that verifies signatures on and decrypts data signed and encrypted by a
SignedSessionEncrypter
c���������C���s(���t��j�|�j�|�����|��_�|�|��_�d��S(���N(���R����R����R����R����t ���_verifier(���R
���R����t���verifierR����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR!���?��s����c���������C���s;���|��j��j�|�|��j�j���}�|�s%�d�S|��j�j�j�|�d���S(���s����
Verifies the signature on the given ciphertext and, if successful, decrypts it and
returns the decrypted plaintext. If verification fails, returns None.
N(���R����R����R����R����R���R����R����(���R
���t���signed_ciphertextRu���(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR����C��s����(���R6���R7���R8���R!���R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyR����9��s��� (
���R8���RZ���Rg���R���R����R���R���R���R���Re���R+���R)���R����t
���KEY_HASH_SIZER~���t���objectR���R>���Ro���R{���R����R����R����R����R����R����R����R����R����R����(����(����(����s3���/usr/lib/python2.7/site-packages/keyczar/keyczar.pyt���<module>���s8���
^�FG1M?+R