3TfddlmZddlZddlZddlZddlZddlZddlZddl m Z m Z ddl m ZddlmZmZddlmZmZddlmZddZdd Z dd Zej4ej6ej8ej:ej<fZej4ej@ejBfZ"Gd d e jFZ$Gd dZ% ddZ&GddejNjPZ)y)) annotationsN)utilsx509)pkcs7)hashes serialization)ecrsa)_check_byteslikec0ddlm}|j|SNr)backend),cryptography.hazmat.backends.openssl.backendrload_pem_pkcs7_certificatesdatars T/usr/lib/python3/dist-packages/cryptography/hazmat/primitives/serialization/pkcs7.pyrrD  . .t 44c0ddlm}|j|Sr )rrload_der_pkcs7_certificatesrs rrrrrc.tj||SN) rust_pkcs7serialize_certificates)certsencodings rrr!s  , ,UH ==rc$eZdZdZdZdZdZdZdZy) PKCS7OptionszAdd text/plain MIME typez5Don't translate input data into canonical MIME formatz'Don't embed data in the PKCS7 structurezDon't embed SMIME capabilitiesz#Don't embed authenticatedAttributeszDon't embed signer certificateN) __name__ __module__ __qualname__TextBinaryDetachedSignatureNoCapabilities NoAttributesNoCertsrrrr4s! %D DFA5N8L.GrrcpeZdZdggf ddZddZ d dZ d dZ d d dZy) PKCS7SignatureBuilderNc.||_||_||_yr)_data_signers_additional_certs)selfrsignersadditional_certss r__init__zPKCS7SignatureBuilder.__init__>s  !1rcttd||j tdt||jS)Nrzdata may only be set once)r r- ValueErrorr+r.)r0rs rset_datazPKCS7SignatureBuilder.set_dataNs3& :: !89 9$T4==99rct|tjtjtjtj fs t dt|tjs t dt|tjtjfs t dt|j|j|||fgzS)NzFhash_algorithm must be one of hashes.SHA224, SHA256, SHA384, or SHA512&certificate must be a x509.Certificatez.Only RSA & EC keys are supported at this time.) isinstancerSHA224SHA256SHA384SHA512 TypeErrorr Certificater RSAPrivateKeyr EllipticCurvePrivateKeyr+r-r.)r0 certificate private_keyhash_algorithms r add_signerz PKCS7SignatureBuilder.add_signerUs        , +t'7'78DE E #++R-G-GH LM M$ JJ MMk;GH H  rct|tjs tdt |j |j |j|gzS)Nr8)r9rr?r>r+r-r.r/)r0rBs radd_certificatez%PKCS7SignatureBuilder.add_certificateusI+t'7'78DE E$ JJ t'='= 'M  rc t|jdk(r td|j tdt |}t d|Ds td|t jjt jjt jjfvr tdtj|vrtj|vr tdtj|vrA|t jjt jjfvr tdtj|vrtj|vr td t!j"|||S) NrzMust have at least one signerzYou must add data to signc3<K|]}t|tywr)r9r).0xs r z-PKCS7SignatureBuilder.sign..s@1:a.@sz*options must be from the PKCS7Options enumz1Must be PEM, DER, or SMIME from the Encoding enumzAWhen passing the Text option you must also pass DetachedSignaturez9The Text option is only available for SMIME serializationzFNoAttributes is a superset of NoCapabilities. Do not pass both values.)lenr.r5r-listallrEncodingPEMDERSMIMErr#r%r'r&rsign_and_serialize)r0roptionsrs rsignzPKCS7SignatureBuilder.signsi t}}  "<= = :: 89 9w-@@@IJ J   " " & &  " " & &  " " ( (  C     (..g=$     'H  " " & &  " " & &9 - K   % % 0++w6  ,,T8WEEr)rztyping.Optional[bytes]r1zQtyping.List[typing.Tuple[x509.Certificate, PKCS7PrivateKeyTypes, PKCS7HashTypes]]r2typing.List[x509.Certificate])rbytesreturnr+)rBx509.CertificaterCPKCS7PrivateKeyTypesrDPKCS7HashTypesrYr+)rBrZrYr+r)rserialization.EncodingrUztyping.Iterable[PKCS7Options]rz typing.AnyrYrX)r r!r"r3r6rErGrVr)rrr+r+=s(, :<2$2 282 : % * '    @ +  # 4F(4F/4F 4F  4Frr+c6tjj}|jdd|jddd|d|_t }|j ||r|jdd|j|tjj}|jddd |jd d |jd dd |j tjj|d|d=|j|tj}tjj|dd|jj!d}|j#||j%S)Nz MIME-Versionz1.0z Content-Typezmultipart/signedzapplication/x-pkcs7-signature)protocolmicalgz!This is an S/MIME signed message z text/plainz smime.p7s)namezContent-Transfer-Encodingbase64zContent-Disposition attachment)filenameA) maxlinelenrFz )linesep) maxheaderlen mangle_from_policy)emailmessageMessage add_headerpreambleOpenSSLMimePart set_payloadattachMIMEPart base64mime body_encodeioBytesIO generatorBytesGeneratorrjcloneflattengetvalue) r signaturer` text_modemmsg_partsig_partfpgs r _smime_encodersp  ALL'LL0 6AJ H NL9HHX}}%%'H 7k 3X> |k  $$Y2$>  HHX B && xx~~f~- ' A IIaL ;;=rceZdZddZy)rpcZt|jr|j|yyr)rN raw_items_write_headers)r0rxs rrzOpenSSLMimePart._write_headerss$  !  $ $T * "rN)rYNone)r r!r"rr)rrrprps+rrp)rrXrYrW)rrWrr]rYrX) rrXr}rXr`strr~boolrYrX)* __future__remail.base64mimerkemail.generator email.message email.policyrvtyping cryptographyrr"cryptography.hazmat.bindings._rustrrcryptography.hazmat.primitivesrr)cryptography.hazmat.primitives.asymmetricr r cryptography.utilsr rrrUnionr:r;r<r=r\r@rAr[Enumrr+rrlrsrpr)rrrs  # $B@=/5 5 > (>$> > MM MM MM MM||r111 /5::/vFvFr- -!-+.-;?- -`+emm,,+r