o &zh,'@sddlmZmZmZmZddlZddlmZddlm Z m Z m Z m Z ddl mZmZmZmZddlmZdd lmZmZdd lmZgd Zd Zd d gZddZddZddZde_ddZ zddl!m"Z"ddZ#ddZ$WdSeyddl%m$Z$YdSw))unicode_literalsdivisionabsolute_importprint_functionN)pretty_message)buffer_from_bytesbytes_from_buffererrnobyte_string_from_buffer) type_namestr_clsbyte_cls int_types)LibraryNotFoundError) CommonCryptoCommonCryptoConst)Security)pbkdf2 pkcs12_kdf rand_bytesutf-8cp1252c Cs`zt|tWSty)tD]}z t||ddWYSty&YqwYnwt|ddS)Nstrict)errorsreplace)r _encodingUnicodeDecodeError_fallback_encodings)valueencodingr"M/var/www/html/kangema/venv/lib/python3.10/site-packages/oscrypto/_mac/util.py _try_decodes    r$cCsFt}zt|}Wn tyt|YSwt|tr|St|S)z~ Extracts the last OS error message into a python unicode string :return: A unicode string error message )r osstrerror ValueErrorr isinstancer$) error_num error_stringr"r"r#_extract_error*s   r+c Cst|tsttdt|t|tsttdt|t|ts*ttdt||dkr2tdt|ts@ttdt||dkrHtd|tgdvrYttd t|t j t j t j t j t jd|}t|}tt j|t||t||||| }|d krttt|S) a PBKDF2 from PKCS#5 :param hash_algorithm: The string name of the hash algorithm to use: "sha1", "sha224", "sha256", "sha384", "sha512" :param password: A byte string of the password to use an input to the KDF :param salt: A cryptographic random byte string :param iterations: The numbers of iterations to use when deriving the key :param key_length: The length of the desired key in bytes :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by the OS crypto library :return: The derived key as a byte string z@ password must be a byte string, not %s z< salt must be a byte string, not %s z? iterations must be an integer, not %s rz!iterations must be greater than 0z? key_length must be an integer, not %s z!key_length must be greater than 0)sha1sha224sha256sha384sha512zz hash_algorithm must be one of "sha1", "sha224", "sha256", "sha384", "sha512", not %s r)r(r TypeErrorrr rr'setreprrkCCPRFHmacAlgSHA1kCCPRFHmacAlgSHA224kCCPRFHmacAlgSHA256kCCPRFHmacAlgSHA384kCCPRFHmacAlgSHA512rrCCKeyDerivationPBKDF kCCPBKDF2lenOSErrorr+r )hash_algorithmpasswordsalt iterations key_lengthalgo output_bufferresultr"r"r#r?sh      rFcCsnt|tsttdt||dkrtd|dkrtdt|}ttj ||}|dkr3t t t |S)a Returns a number of random bytes suitable for cryptographic purposes :param length: The desired number of bytes :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by the OS crypto library :return: A byte string z; length must be an integer, not %s rzlength must be greater than 0iz$length must not be greater than 1024r) r(rr1rr r'rrSecRandomCopyByteskSecRandomDefaultr<r+r )lengthbufferrDr"r"r#rs  r) libcryptocCs,t}td}t||t|}t|S)z Extracts the last OpenSSL error message into a python unicode string :return: A unicode string error message x)rI ERR_get_errorrERR_error_stringr r$)r)rHr*r"r"r#_extract_openssl_errors  rMc Csdt|tsttdt|t|tsttdt|t|ts*ttdt||dkr7ttdt|t|tsEttdt||dkrRttdt||tgdvrcttd t||tgd vrtttd t|| d  d d}t j t j t jt jt jt jd|}t|}t |t||t|||||| } | dkrttt|S)a KDF from RFC7292 appendix B.2 - https://tools.ietf.org/html/rfc7292#page-19 :param hash_algorithm: The string name of the hash algorithm to use: "md5", "sha1", "sha224", "sha256", "sha384", "sha512" :param password: A byte string of the password to use an input to the KDF :param salt: A cryptographic random byte string :param iterations: The numbers of iterations to use when deriving the key :param key_length: The length of the desired key in bytes :param id_: The ID of the usage - 1 for key, 2 for iv, 3 for mac :raises: ValueError - when any of the parameters contain an invalid value TypeError - when any of the parameters are of the wrong type OSError - when an error is returned by the OS crypto library :return: The derived key as a byte string zH password must be a byte string, not %s zD salt must be a byte string, not %s zG iterations must be an integer, not %s rzK iterations must be greater than 0 - is %s zG key_length must be an integer, not %s zK key_length must be greater than 0 - is %s )md5r,r-r.r/r0z hash_algorithm must be one of "md5", "sha1", "sha224", "sha256", "sha384", "sha512", not %s )rrzD id_ must be one of 1, 2, 3, not %s rzutf-16bes)r(rr1rr rr'r3r2decodeencoderIEVP_md5EVP_sha1 EVP_sha224 EVP_sha256 EVP_sha384 EVP_sha512rPKCS12_key_gen_unir;r<rMr ) r=r>r?r@rAid_utf16_password digest_typerCrDr"r"r#rs      r)r)& __future__rrrrr%_errorsr_ffirr r r _typesr r rrrr_common_cryptorr _securityr__all__rrr$r+r pure_pythonr_openssl._libcryptorIrMr_pkcs12r"r"r"r#s.   e(  |